Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Проверка на системата


Препоръчан отговор

Напоследък Chrome зарежда бавно имам чувството че сякаш системата е тромава , днес при опитите да изтегля Farbar страницата се зареждаше около 1:30 минути докато започне самото изтегляне и то неуспешно

Addition_04-08-2019 17.09.48.txt FRST_04-08-2019 17.09.48.txt

Линк към коментара
Сподели в други сайтове

Здравейте..! Вие някакви опити на самолечение сте правили ....и хубаво сте омазали ситуацията....!

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Цитат
Driver Booster 6 (HKLM\...\Driver Booster_is1) (Version: 6.5.0 - IObit)
RogueKiller version 13.3.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.3.2.0 - Adlice Software)
Zemana AntiMalware, версия 3.1.375 (HKLM\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.375 - Zemana)
Malwarebytes, версия 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

 

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл
fixlist.txt  и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt
Линк към коментара
Сподели в други сайтове

Свежо ново сканиране с:

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 
 
Линк към коментара
Сподели в други сайтове

Днес писах с колегата ви  B-boy/StyLe/     защото не можех да изтегля Farbar , браузърите го блокираха като вирус и накрая реших да правя опити сам за което знам че не е редно

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019
Ran by Beco (administrator) on BECO-PC (Hewlett-Packard HP EliteBook 6930p) (04-08-2019 18:28:47)
Running from C:\Users\Beco\Downloads
Loaded Profiles: Beco (Available Profiles: Beco)
Platform: Microsoft Windows 10 Pro Version 1903 18362.267 (X86) Language: Английски (Съединени щати)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HPMessageService] => C:\Program Files\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007EB50E-306C-4243-A051-E9CD96BD6478} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02368336-6FC1-4641-AC1C-AF3E2FBAFA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.)
Task: {09CD826E-432A-424E-9075-D474750087E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {0AC7D9DD-906E-4B7B-847E-273A28E54C7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CD5E731-3C97-48A0-89D3-4BE6DE9D3197} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {10F238F1-61B3-4FF4-B5F0-8DDC8322392A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {1B3EB7B5-BC28-4B91-AE3A-F9EED593562F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [137592 2019-06-12] (HP Inc. -> HP Inc.)
Task: {1ECBFDA8-5C75-484C-9609-D69F88A27FC2} - System32\Tasks\{C5F4DFD8-894D-40BF-9817-EDD70197CF73} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\LeagueOfAngels3-gtarcade-5c84c94d5b7d1.exe -d C:\Users\Beco\Downloads
Task: {2237D89C-8BA2-4D66-8621-5F8040BA7EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {23C30DE0-3363-4410-9EB8-2B31B3D0ECEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {25AB2260-9353-403C-90EC-CC7BD098D295} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2671536C-6AFE-4BA9-B77B-1D42B06C7FB1} - System32\Tasks\Uninstaller_SkipUac_Beco => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [5293328 2019-03-19] (IObit Information Technology -> IObit)
Task: {2BDBC731-7714-481B-B2BC-27EC77EACFFB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {36942695-8A2A-42ED-A030-4B8E54984C38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {36FF84BD-F80B-4AC0-A3CD-CEA552F511CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B8B0FF6-5976-4CD4-868A-6EFD55AC20EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CC255DE-9A77-4339-B257-97BEED1F30CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D8A7ED4-7E07-4834-9592-460518EE157F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {43CBF981-9207-415B-A43F-EA808D674483} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5286E90C-81E4-4622-9F35-2E63C86A789E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files\PrivaZer\PrivaZer.exe [17307864 2019-07-31] (Goversoft LLC -> Goversoft LLC)
Task: {5CCA8EB2-1044-43C2-83EF-14AFD88A23FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6247CC29-3BAC-4EB6-AD0A-8D6CF73982B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6927372A-A3E3-4697-84F8-4492DE198CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70D1EB0E-4134-4D8A-B28B-71D12D891637} - System32\Tasks\{55AAC5B5-BEF5-4E5F-BF9A-95DAFA22D058} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\SharewareOnSale_Giveaway_IObit_Uninstaller_8_PRO_hub.exe -d C:\Users\Beco\Downloads
Task: {70D4EC4B-4DC4-4743-8A18-19650406D2DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {76A1CED5-E44E-41BC-88E4-53FFAC64AC3F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DF081FE-AF3E-4B1F-A713-015169C165F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7E391591-2447-4B71-8C46-9F851D3C62B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8573BFA5-38FD-40AC-9800-8EC04403FFEC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {863D0715-8EC5-4308-B25B-A1A49453A5E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9E9DB093-650D-4AC1-AE74-EFF09DAA28AF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A00C8D46-8534-4496-96EE-C950CC0D41C6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A37D69BB-3628-4340-9743-AC2FA5585724} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B265CC37-CE62-4823-8496-5957A29C4EED} - System32\Tasks\HPCeeScheduleForBeco => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.)
Task: {B9FB55F4-5977-4236-9F75-7569B987B420} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB75632B-EC31-4185-A0E7-CE9618974674} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC00F4DF-2168-4200-B664-82D78875D451} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE834CB4-A940-4395-A30D-42B461E75614} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C118C4DD-2CC4-42CB-BA9E-FA5E7EE07C24} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8C95506-2926-45B9-B2BC-6D645180D789} - System32\Tasks\{B4FF3079-1C8A-4E12-8782-220F860F7F4E} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\EraOfCelestials-gtarcade-5c839784bff81.exe -d C:\Users\Beco\Downloads
Task: {CB047417-746E-40BA-902A-815AC8FA6C7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D3D93664-7AD4-4496-BF89-348597AE5BC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D83BAE58-18BB-4010-9F0E-054149DAE465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {D988B398-1B45-483C-AA40-86B6646D65A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {DB531726-7852-4C5C-8C8E-7E643191E42A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E0E8C45C-FE64-4087-8E0C-2193CDC81717} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7356B7D-5DD6-4890-B4AF-6B1E94A3EF8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Beco\Downloads\esetonlinescanner_enu.exe [7969304 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {EC15E52E-DA43-4DCC-A275-1158D0C511BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F153981F-F55F-4D98-B828-A6E1A197FAF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF8FD040-EFED-4F3F-B025-E7200A94FA01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{338C8A04-E5A4-41C0-A592-06F731151E59}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{50FBF5F3-CB8C-4AC9-A764-9C2251E7FE43}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c92b2e9a-dca7-4503-a7ab-bc7c831445cd}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f048b2a6-1866-46e6-b7f4-e6a65c07e85b}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit Information Technology -> IObit)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001 -> hxxp://google.bg/

FireFox:
========
FF DefaultProfile: oytl87x0.default
FF ProfilePath: C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default [2019-07-16]
FF user.js: detected! => C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
FF Homepage: K-Meleon\oytl87x0.default -> google.bg
FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin HKU\S-1-5-21-2920239448-2505446405-2311763162-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Beco\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.bg/
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Презентации) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Документи) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Диск) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05]
CHR Extension: (YouTube) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-02]
CHR Extension: (Таблици) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Документи офлайн) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-24]
CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-24]
CHR Extension: (Gmail) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-04]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\WINDOWS\system32\AEADISRV.EXE [90112 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation -> LSI Corporation)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology -> IObit)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3735832 2019-08-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [304680 2018-05-22] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [1879960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [82984 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [37696 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 ADIHdAudAddService; C:\WINDOWS\system32\drivers\ADIHdAud.sys [381440 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [1163328 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [199608 2019-02-20] (BayHub Technology Inc. -> BayHubTech/O2Micro )
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [47504 2019-08-03] (IVT CORPORATION -> IVT Corporation.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-05-31] (Malwarebytes Corporation -> Malwarebytes)
R3 HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [15544 2010-02-25] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [27968 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [15872 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2019-01-06] (Martin Malik - REALiX -> REALiX(tm))
R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IUProcessFilter.sys [35136 2018-10-16] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IURegistryFilter.sys [41336 2018-10-16] (IObit Information Technology -> IObit)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\System32\DRIVERS\mbam.sys [63760 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [83648 2019-01-12] (Malwarebytes Corporation -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\System32\DRIVERS\MEmuDrv.sys [257512 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [18448 2019-08-03] (Microsoft Windows Hardware Compatibility Publisher -> NEC Personal Computers, Ltd.)
S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6755840 2010-01-13] (Intel Corporation) [File not signed]
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2019-01-06] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmptsk.sys [48128 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rismc32; C:\WINDOWS\system32\DRIVERS\rismc32.sys [49152 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-08-04] (Adlice -> )
S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [50224 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [269024 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39136 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 18:21 - 2019-08-04 18:21 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-08-04 18:16 - 2019-08-04 18:19 - 000007694 _____ C:\Users\Beco\Downloads\Fixlog.txt
2019-08-04 17:49 - 2019-08-04 17:49 - 000029543 _____ C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt
2019-08-04 17:07 - 2019-08-04 17:09 - 000029543 _____ C:\Users\Beco\Downloads\Addition.txt
2019-08-04 17:04 - 2019-08-04 18:30 - 000024833 _____ C:\Users\Beco\Downloads\FRST.txt
2019-08-04 17:02 - 2019-08-04 18:28 - 000000000 ____D C:\FRST
2019-08-04 17:01 - 2019-08-04 17:01 - 001447936 _____ (Farbar) C:\Users\Beco\Downloads\FRST.exe
2019-08-04 16:54 - 2019-08-04 16:54 - 000000299 _____ C:\Users\Beco\Documents\zemana.txt
2019-08-04 16:51 - 2019-08-04 18:11 - 001496275 _____ C:\WINDOWS\ZAM.krnl.trace
2019-08-04 16:51 - 2019-08-04 16:51 - 000000000 ____D C:\Users\Beco\AppData\Local\Zemana
2019-08-04 16:50 - 2019-08-04 18:11 - 000000000 ____D C:\Users\Beco\AppData\Local\AMSDK
2019-08-04 16:50 - 2019-08-04 16:50 - 012664512 _____ (Zemana Ltd. ) C:\Users\Beco\Downloads\AntiMalware_Setup.exe
2019-08-04 16:45 - 2019-08-04 16:45 - 000000078 _____ C:\Users\Beco\Downloads\137bdc50b1.json
2019-08-04 15:45 - 2019-08-04 15:45 - 000008066 _____ C:\Users\Beco\Documents\Rogue killer.txt
2019-08-04 15:19 - 2019-08-04 15:19 - 000024688 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2019-08-04 15:17 - 2019-08-04 15:17 - 030667800 _____ (Adlice Software ) C:\Users\Beco\Downloads\RogueKiller_setup.exe
2019-08-04 15:09 - 2019-08-04 15:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-04 13:11 - 2019-08-04 13:12 - 000001894 _____ C:\Users\Beco\Desktop\Rkill.txt
2019-08-04 13:10 - 2019-08-04 13:10 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Beco\Downloads\rkill-unsigned.exe
2019-08-04 12:29 - 2019-08-04 14:00 - 000000681 _____ C:\Users\Beco\Desktop\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000780 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000000 ____D C:\Users\Beco\AppData\Local\ESET
2019-08-04 12:28 - 2019-08-04 12:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\Beco\Downloads\esetonlinescanner_enu.exe
2019-08-04 11:17 - 2019-08-04 15:19 - 001146190 _____ C:\WINDOWS\ntbtlog.txt
2019-08-04 09:57 - 2019-08-04 09:57 - 000002856 _____ C:\Users\Beco\Unigine_Heaven_Benchmark_4.0_20190804_0957.html
2019-08-04 09:49 - 2019-08-04 09:59 - 000000000 ____D C:\Users\Beco\Heaven
2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:25 - 2019-08-04 10:14 - 000002217 _____ C:\Users\Beco\Desktop\Plarium Play.lnk
2019-08-04 09:13 - 2019-08-04 09:13 - 001159992 _____ (Plarium) C:\Users\Beco\Downloads\PlariumPlaySetup (1).exe
2019-08-03 18:21 - 2019-08-03 18:21 - 000047504 _____ (IVT Corporation.) C:\WINDOWS\system32\Drivers\btcusb.sys
2019-08-03 18:21 - 2019-08-03 18:21 - 000018448 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys
2019-08-01 13:55 - 2019-05-31 06:13 - 000835688 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-08-01 13:55 - 2019-05-31 06:13 - 000179816 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-08-01 09:04 - 2019-08-01 09:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-01 08:59 - 2019-08-01 08:59 - 000000020 ___SH C:\Users\Beco\ntuser.ini
2019-08-01 08:57 - 2019-08-04 18:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-08-01 08:53 - 2019-08-04 18:27 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-01 08:40 - 2019-08-01 08:40 - 000000000 ____D C:\ProgramData\USOShared
2019-08-01 08:36 - 2019-08-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-01 08:36 - 2019-08-01 09:37 - 000264440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-01 08:03 - 2019-08-01 19:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-08-01 08:03 - 2019-08-01 08:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2019-08-01 08:02 - 2019-08-04 11:32 - 000000000 ____D C:\Users\Beco
2019-08-01 08:02 - 2019-03-19 05:41 - 000001105 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-01 08:01 - 2019-08-01 08:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-08-01 07:50 - 2019-08-01 07:50 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000650552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000075480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002863104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-08-01 07:49 - 2019-08-01 07:49 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001219072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001102648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000995800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000916280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000826680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000733136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000625464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000566072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000522552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000478520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000446224 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000363832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000319376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000279864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000258056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000213776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-01 07:49 - 2019-08-01 07:49 - 000183096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000152888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000111416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000091960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-08-01 07:49 - 2019-08-01 07:49 - 000054792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 007067448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002991104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002777600 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002712072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002245432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002204472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002074224 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001392968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2019-08-01 07:48 - 2019-08-01 07:48 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000700912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000699304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000602640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000554720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000553144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000540680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000398648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000374800 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-01 07:48 - 2019-08-01 07:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000309048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000301880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000265744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000142856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000108048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000061448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000033592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 004679168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003042816 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001893888 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001537624 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000091664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000090128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000028672 _____ C:\WINDOWS\system32\usocoreps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 002600960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002066944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001881400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001331976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001097528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000889888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000690488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000564240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000550200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000425488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-01 07:46 - 2019-08-01 07:46 - 000414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000400232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000321848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000284176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000245544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000235536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000191288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000159544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000156472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000140304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000134424 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000096208 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000095184 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000047928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000045384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000023736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-08-01 07:45 - 2019-08-01 07:45 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000244712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2019-08-01 07:29 - 2019-08-01 07:29 - 000000000 ____D C:\WINDOWS\system32\bg
2019-08-01 07:23 - 2019-08-01 07:23 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\inetpub
2019-08-01 07:22 - 2019-08-01 07:22 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\MSBuild
2019-08-01 07:20 - 2019-08-01 07:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-08-01 07:15 - 2019-08-01 07:15 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-08-01 07:08 - 2019-08-01 07:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-08-01 04:44 - 2019-08-01 08:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-31 19:53 - 2019-07-31 19:53 - 025776848 _____ (Goversoft LLC) C:\Users\Beco\Downloads\PrivaZer_free (2).exe
2019-07-31 15:21 - 2019-07-31 15:23 - 000000000 ____D C:\Users\Beco\Documents\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c
2019-07-31 10:46 - 2019-07-31 10:46 - 000000000 ____D C:\ProgramData\Thunder Network
2019-07-31 10:45 - 2019-08-01 10:06 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2019-07-31 10:45 - 2019-07-31 10:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Xiaomi
2019-07-31 10:42 - 2019-08-04 11:02 - 000000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job
2019-07-31 10:18 - 2019-07-31 10:34 - 1390856692 _____ C:\Users\Beco\Downloads\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c.tgz
2019-07-29 11:31 - 2019-07-29 11:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-07-28 09:45 - 2019-07-28 09:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\AndroidTbox
2019-07-28 09:36 - 2019-07-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2019-07-28 09:36 - 2019-07-28 09:43 - 000000000 ____D C:\ProgramData\Tencent
2019-07-28 09:36 - 2019-07-28 09:36 - 000000000 ____D C:\Users\Beco\AppData\Local\Tencent
2019-07-28 09:35 - 2019-07-28 10:25 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Tencent
2019-07-28 09:35 - 2019-07-28 09:35 - 000000000 ____D C:\Temp
2019-07-21 16:47 - 2019-07-21 16:47 - 004196408 _____ C:\Users\Beco\Downloads\2019-07-10_16-29-20.861.bmp
2019-07-18 17:34 - 2019-07-31 19:53 - 000000000 ____D C:\Program Files\PrivaZer
2019-07-11 13:08 - 2019-07-11 13:22 - 000000775 _____ C:\Users\Beco\Documents\new tournament.txt
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.QtWebEngineProcess
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.LINE
2019-07-07 11:09 - 2019-07-07 11:09 - 000000000 ____D C:\Users\Beco\AppData\Local\HP_Inc
2019-07-07 11:05 - 2019-08-01 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-07-07 11:05 - 2019-07-07 11:05 - 000002262 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Hewlett-Packard
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Local\Hewlett-Packard
2019-07-07 10:44 - 2019-07-07 10:45 - 039926088 _____ (Hewlett Packard ) C:\Users\Beco\Downloads\sp54177.exe
2019-07-07 10:37 - 2019-07-07 11:04 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-07 10:37 - 2019-07-07 10:37 - 000000000 ____D C:\Users\Beco\AppData\Local\HP
2019-07-07 10:36 - 2019-07-07 10:36 - 003510048 _____ (Oleg N. Scherbakov) C:\Users\Beco\Downloads\HPSupportSolutionsFramework-12.11.24.11.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 18:27 - 2019-03-19 05:44 - 000000000 ____D C:\WINDOWS\INF
2019-08-04 18:26 - 2019-01-06 07:56 - 000000000 ____D C:\ProgramData\ProductData
2019-08-04 18:21 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-04 18:20 - 2019-03-19 05:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-04 18:17 - 2009-07-14 05:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-08-04 18:14 - 2019-01-06 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-04 18:09 - 2019-01-06 07:52 - 000000000 ____D C:\Users\Beco\AppData\Roaming\IObit
2019-08-04 16:43 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\System
2019-08-04 16:43 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-04 10:14 - 2019-04-13 12:35 - 000002131 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Plarium Play.lnk
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Plarium
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Package Cache
2019-08-04 09:30 - 2019-01-06 10:16 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\Unity
2019-08-04 07:29 - 2019-03-19 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-03 23:50 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-02 04:34 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2019-08-01 19:35 - 2019-06-19 04:27 - 000000000 ____D C:\Program Files\UNP
2019-08-01 19:35 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2019-08-01 19:35 - 2019-04-03 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX H.264 decoder
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\spool
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\IME
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ServiceState
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\schemas
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\Registration
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-08-01 19:35 - 2019-03-19 05:43 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-02-24 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-08-01 19:35 - 2019-01-06 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2019-08-01 19:35 - 2019-01-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8K Player
2019-08-01 19:35 - 2019-01-06 07:51 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
2019-08-01 19:35 - 2019-01-05 21:52 - 000000000 ____D C:\Program Files\Intel
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-08-01 15:17 - 2019-04-19 19:53 - 000000000 ____D C:\Users\Beco\AppData\Local\Packages
2019-08-01 10:28 - 2019-02-24 13:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-01 10:28 - 2019-02-24 13:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-01 09:18 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 ___RD C:\Users\Beco\3D Objects
2019-08-01 08:59 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-01 08:58 - 2019-03-19 05:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-01 08:57 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-08-01 08:40 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins
2019-08-01 08:40 - 2019-01-05 22:05 - 000000000 ____D C:\Program Files\LSI SoftModem
2019-08-01 08:39 - 2019-01-05 22:00 - 000000000 ____D C:\WINDOWS\QLB
2019-08-01 08:32 - 2019-03-19 05:49 - 000000000 ____D C:\WINDOWS\Setup
2019-08-01 08:16 - 2019-03-19 05:46 - 000000000 __RHD C:\Users\Public\Libraries
2019-08-01 08:03 - 2019-04-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-08-01 08:03 - 2019-01-12 14:52 - 000000000 ____D C:\Program Files\Synaptics
2019-08-01 08:03 - 2019-01-06 07:59 - 000000000 ____D C:\Program Files\AuthenTec
2019-08-01 08:03 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Microsoft Games
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-01 07:29 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-01 07:29 - 2019-03-19 06:38 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\IME
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\System
2019-08-01 07:29 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\servicing
2019-08-01 07:23 - 2019-03-19 06:39 - 000000000 ____D C:\WINDOWS\OCR
2019-08-01 07:23 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-01 04:23 - 2019-01-05 20:39 - 000000000 ____D C:\Users\Beco\AppData\Local\ElevatedDiagnostics
2019-07-31 20:16 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Local\PrivaZer
2019-07-31 20:01 - 2019-04-18 03:25 - 000000000 ____D C:\Users\Beco\AppData\Local\CrashDumps
2019-07-31 19:53 - 2019-06-02 18:07 - 000001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2019-07-31 19:53 - 2019-06-02 18:07 - 000001904 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2019-07-26 16:30 - 2019-04-19 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-11 12:23 - 2019-01-05 19:50 - 000000000 ____D C:\Users\Beco\AppData\Local\VirtualStore
2019-07-11 12:21 - 2019-04-19 20:32 - 000000000 ____D C:\ProgramData\Packages
2019-07-11 12:21 - 2019-04-19 20:02 - 000000000 ____D C:\Users\Beco\AppData\Local\PlaceholderTileLogoFolder
2019-07-11 05:03 - 2019-04-19 21:24 - 000000000 ___RD C:\Users\Beco\OneDrive
2019-07-10 19:32 - 2019-01-05 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 19:26 - 2019-01-05 21:56 - 133475400 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 12:28 - 2019-01-05 20:17 - 000606264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-07 11:05 - 2019-01-05 22:00 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-07-07 11:04 - 2019-05-04 17:11 - 000000000 ____D C:\Program Files\HP
2019-07-07 11:04 - 2019-04-19 19:43 - 000000000 ____D C:\Users\Beco\AppData\Roaming\hpqLog
2019-07-07 11:04 - 2019-01-05 22:00 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-07-07 10:45 - 2019-05-04 17:09 - 000000000 ____D C:\SWSetup

==================== Files in the root of some directories ================

2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ () C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:14 - 2019-08-04 10:14 - 000061590 _____ () C:\Users\Beco\AppData\Local\PlariumPlay.log
2019-01-05 22:44 - 2019-01-05 22:44 - 000000000 _____ () C:\Users\Beco\AppData\Local\QSwitch.txt
2019-01-26 19:23 - 2019-01-26 19:23 - 000007605 _____ () C:\Users\Beco\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019
Ran by Beco (04-08-2019 18:31:23)
Running from C:\Users\Beco\Downloads
Microsoft Windows 10 Pro Version 1903 18362.267 (X86) (2019-08-01 05:59:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2920239448-2505446405-2311763162-500 - Administrator - Disabled)
Beco (S-1-5-21-2920239448-2505446405-2311763162-1001 - Administrator - Enabled) => C:\Users\Beco
DefaultAccount (S-1-5-21-2920239448-2505446405-2311763162-503 - Limited - Disabled)
Guest (S-1-5-21-2920239448-2505446405-2311763162-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2920239448-2505446405-2311763162-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2920239448-2505446405-2311763162-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8K Player version 4.4.0 (HKLM\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.4.0 - DimoSoft, Inc.)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
DivX H.264 decoder 8.2.0.26 (HKLM\...\divxh264_is1) (Version: 8.2.0.26 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{A2926515-9BCE-4785-AFAD-98233D52C3AE}) (Version: 12.11.27.1 - HP Inc.)
HP System Event Utility (HKLM\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.)
IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.4.0.11 - IObit)
K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Plarium Play (HKLM\...\{12D4088C-8ED7-4218-B9FF-10E8FA3D7B57}) (Version: 3.1.0.0 - Plarium) Hidden
Plarium Play (HKLM\...\{FBD9CDDD-13B0-406B-BDFA-79703D34C153}) (Version: 3.1.0 - Plarium) Hidden
Plarium Play (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\{b06aff34-801f-46e9-9690-9d16b8f33092}) (Version: 3.1.0 - Plarium)
PrivaZer (HKLM\...\PrivaZer) (Version: 3.0.75.0 - Goversoft LLC)
QLBCASL (HKLM\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Skype, версия 8.45 (HKLM\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x86__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x86__8wekyb3d8bbwe [2019-04-20] (Microsoft Corporation)
Поща и календар -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Beco\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies SF -> Unity Technologies ApS)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Деинсталирай Privazer.lnk -> C:\Program Files\PrivaZer\privazer_remover.exe (Goversoft LLC) <==== Cyrillic
Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\Control Panel\Desktop\\Wallpaper -> c:\users\beco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\diy.jpg
DNS Servers: 192.168.0.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: SafeDNS Agent => 2
HKLM\...\StartupApproved\Run: => "QlbCtrl.exe"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "SafeDNS Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{155B760F-5E54-482B-8365-6665EC03CC2C}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{44B11955-F926-4A9B-AA9D-6B5A18DAAF61}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{08CAA098-8E08-4DD6-AB80-2885F8050FD9}] => (Allow) C:\Users\Beco\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B0A739B5-4232-4958-9C1D-486DC1047518}] => (Allow) C:\Users\Beco\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{90A20652-3E5F-405C-B8E5-AF6D9A4EC0E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{612CBEB6-20A2-448D-99E9-FCB1F2B34F23}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF4C1CD7-FED9-470D-B329-7F50331D7D0B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{77363016-8846-4DB7-AD51-2B727580DA68}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [TCP Query User{45A74C76-06A8-4563-9550-548C167DE0D2}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [UDP Query User{340FE0D8-F433-4684-8EEE-555FA3D5CC3D}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [TCP Query User{353B7826-2A8F-493D-A1F1-2AC837AF0B3C}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [UDP Query User{24C96F24-BD78-4B3B-8CC8-CCD439113A9E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F80ACAFA-F1DD-447C-8EF2-F8CFE0A3F99F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06598060-8173-4526-85B1-326A8EADE9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-08-2019 13:54:17 Windows Update
03-08-2019 18:20:34 Driver Booster : Microsoft ACPI-Compliant Control Method Battery

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2019 06:26:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2400,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 06:17:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (08/04/2019 06:16:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Грешка в услугата "Криптографски услуги" при обработка на обръщение на OnIdentity() към обекта System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (08/04/2019 06:16:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {73ac7222-9583-4e9c-aeca-ddf782586332}


System errors:
=============
Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:17:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга Windows Search беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 30000 милисекунди ще бъде предприето следното коригиращо действие: Restart the service.

Error: (08/04/2019 06:17:23 PM) (Source: WAS) (EventID: 5175) (User: )
Description: The listener adapter serving the 'net.msmq' protocol disconnected unexpectedly.

Error: (08/04/2019 06:17:23 PM) (Source: WAS) (EventID: 5175) (User: )
Description: The listener adapter serving the 'net.pipe' protocol disconnected unexpectedly.


Windows Defender:
===================================
Date: 2019-08-04 16:39:23.995
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:34.363
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:16.939
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/459d5f08a7|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:34:50.615
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/3e4192f681|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:31:18.836
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/d814e79dee|pid:7088,ProcessStart:132093990433000700
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 15:19:12.432
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 15:09:07.516
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 12:37:18.611
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 12:27:12.471
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 11:52:30.958
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Hewlett-Packard 68PCU Ver. F.20 12/08/2011
Motherboard: Hewlett-Packard 30DB
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 3000.26 MB
Available physical RAM: 1096.62 MB
Total Virtual: 5542.26 MB
Available Virtual: 3503.47 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:365.12 GB) (Free:312.59 GB) NTFS
Drive d: () (Fixed) (Total:100.1 GB) (Free:85.36 GB) NTFS

\\?\Volume{35691345-1108-11e9-812b-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{35691348-1108-11e9-812b-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0FD73A73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Не видях че сте писали погоре - потърсих съвет от него защото не можех да изтегля Farbar и да направя сканиране и да пусна тема , а не по тази тема

Линк към коментара
Сподели в други сайтове

Някаква промяна след изпълнението на последните инструкции..? Как се държи компютъра ви ....?

+

25.jpg?1426074241   Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с име SecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • SecurityCheck.txt
Линк към коментара
Сподели в други сайтове

Системата се държи по добре , ето и резултата от сканирането:

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 04.08.2019 18:54:10
Path starting: C:\Users\Beco\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Beco
VersionXML: 6.67is-31.07.2019
___________________________________________________________________________

Windows 10(6.3.18362) (x86) Professional Release: 1903 Lang: English(0409)
Installation date OS: 01.08.2019 05:59:11
LicenseStatus: Windows(R), Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: 😄 FS: [NTFS] Capacity: [365.1 Gb] Used: [52.6 Gb] Free: [312.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.239.18362.0
User Account Control enabled (Level 3)
Never check for updates
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Защитна стена на Windows Defender (mpssvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft .NET Framework 4.7.2 v.4.7.03062
-------------------------------- [ Arch ] ---------------------------------
WinRAR 5.70 (32-bit) v.5.70.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype, версия 8.45 v.8.45 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 32 NPAPI v.32.0.0.223
Adobe Flash Player 32 PPAPI v.32.0.0.223
------------------------------- [ Browser ] -------------------------------
Google Chrome v.76.0.3809.87
K-Meleon 75.0 (x86 en-US) v.75.0
------------------ [ AntivirusFirewallProcessServices ] -------------------
Malwarebytes Service (MBAMService) - The service has stopped
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe v.4.18.1907.4
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe v.4.18.1907.4
Услуга Windows Defender Antivirus (WinDefend) - The service is running
Услуга за мрежова проверка на Windows Defender Antivirus (WdNisSvc) - The service is running
Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
IObit Uninstaller 8 v.8.4.0.11 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Unity Web Player v.5.3.8f2 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
IObit Uninstaller Service (IObitUnSvr) - The service has stopped
----------------------------- [ End of Log ] ------------------------------
 

Линк към коментара
Сподели в други сайтове

Цитат

Obit Uninstaller 8 v.8.4.0.11 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Unity Web Player v.5.3.8f2 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.

 

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Цитат

Unity Web Player (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)

IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.4.0.11 - IObit)

 

 

BY4dvz9.png Сканиране с AdwCleaner

  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner 7.4.0
  • Натиснете бутона Scan Now (или Сканиране сега, ако ви е на български)

4lqbd6J.png

  • AdwCleaner ще обнови базата с дефинициите си и ще започне да проверява компютъра. Проверката ще отнеме не повече от няколко секунди.
  • След като проверката приключи ако има намерени обекти ще се появи диалогов прозорец подканващ ви да натиснете бутона Clean & Repair (Почисти & Поправи).
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.

FCuQiuz.png

  • Ако не бъдат открити зарази ще видите следния прозорец:

CWWivYK.png

  • Натиснете бутона Skip Basic Repair (Пропускане на основното поправяне).
  • И в двата случая ако няма открити зарази или ако програмата е почистила такива, стартирайте пак програмата и отидете до табът Log files
  • Кликнете с двукратен клил на мишката върху лог файла с последната дата и част (новите файлове са най-отдолу в списъка) и публикувайте съдържанието на файла в следващия си коментар.

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • AdwCleaner .txt
Линк към коментара
Сподели в други сайтове

# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-24-2018
# Database: 
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-04-2019
# Duration: 00:00:04
# OS:       Windows 10 Pro
# Cleaned:  18
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted       C:\Users\Beco\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\Beco\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\ProgramData\IOBIT\Driver Booster
Deleted       C:\Program Files\IOBIT\Driver Booster
Deleted       C:\Users\Beco\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\Users\Beco\AppData\Roaming\DRPSu
Deleted       C:\ProgramData\Tencent
Deleted       C:\Users\Beco\AppData\Local\Tencent
Deleted       C:\Users\Beco\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\IObit\RealTimeProtector
Deleted       HKLM\Software\IObit\Advanced SystemCare
Deleted       HKLM\Software\IOBIT\ASC
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\Software\IObit\Driver Booster
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B0A739B5-4232-4958-9C1D-486DC1047518}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{08CAA098-8E08-4DD6-AB80-2885F8050FD9}
Deleted       HKLM\Software\Classes\METNSD

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Линк към коментара
Сподели в други сайтове

Понеже бях намесен в темата искам да кажа, че аз давах само съвети как да изтегли и заобиколи забраните, а НЕ да се сканира с различни инструменти и не съм писал скриптове. Споменавам го, защото нямаме практика да помагаме по ЛИЧНИ СЪОБЩЕНИЯ.

И се оказах прав....невъзможността за изтеглянето на инструмента се е дължало точно на Windows Defender, както писах и на лично съобщение на потребителя:

ALABALA.exe е преименуваната от мен версия на FRST.exe, която качих на dox.bg и пратих на потребителя в опит да преодолеем забраните (в случай, че се окажеше Malware):
 

Цитат

 

Windows Defender:
===================================
Date: 2019-08-04 16:39:23.995
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:34.363
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

 

Докладвано е и на Farbar.

Линк към коментара
Сподели в други сайтове

Аз не съм казал нищо по различно освен че съм ви потърсил за помощ за изтеглянето на инструмента тъй като имах затруднения . Сканиранията сам съм правил без ваши препоръки

Линк към коментара
Сподели в други сайтове

преди 1 минута, v3cko написа:

Аз не съм казал нищо по различно освен че съм ви потърсил за помощ за изтеглянето на инструмента тъй като имах затруднения . Сканиранията сам съм правил без ваши препоръки

Добре де разбрахме....! Кажете ми последно за системата ...Кака работи ..?

Още веднъж:

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).
Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019
Ran by Beco (administrator) on BECO-PC (Hewlett-Packard HP EliteBook 6930p) (04-08-2019 19:42:13)
Running from C:\Users\Beco\Downloads
Loaded Profiles: Beco (Available Profiles: Beco)
Platform: Microsoft Windows 10 Pro Version 1903 18362.267 (X86) Language: Английски (Съединени щати)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HPMessageService] => C:\Program Files\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007EB50E-306C-4243-A051-E9CD96BD6478} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02368336-6FC1-4641-AC1C-AF3E2FBAFA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.)
Task: {09CD826E-432A-424E-9075-D474750087E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {0AC7D9DD-906E-4B7B-847E-273A28E54C7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CD5E731-3C97-48A0-89D3-4BE6DE9D3197} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {10F238F1-61B3-4FF4-B5F0-8DDC8322392A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {1B3EB7B5-BC28-4B91-AE3A-F9EED593562F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [137592 2019-06-12] (HP Inc. -> HP Inc.)
Task: {1ECBFDA8-5C75-484C-9609-D69F88A27FC2} - System32\Tasks\{C5F4DFD8-894D-40BF-9817-EDD70197CF73} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\LeagueOfAngels3-gtarcade-5c84c94d5b7d1.exe -d C:\Users\Beco\Downloads
Task: {2237D89C-8BA2-4D66-8621-5F8040BA7EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {23C30DE0-3363-4410-9EB8-2B31B3D0ECEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {25AB2260-9353-403C-90EC-CC7BD098D295} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2BDBC731-7714-481B-B2BC-27EC77EACFFB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {36942695-8A2A-42ED-A030-4B8E54984C38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {36FF84BD-F80B-4AC0-A3CD-CEA552F511CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B8B0FF6-5976-4CD4-868A-6EFD55AC20EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CC255DE-9A77-4339-B257-97BEED1F30CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D8A7ED4-7E07-4834-9592-460518EE157F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {43CBF981-9207-415B-A43F-EA808D674483} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5286E90C-81E4-4622-9F35-2E63C86A789E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files\PrivaZer\PrivaZer.exe [17307864 2019-07-31] (Goversoft LLC -> Goversoft LLC)
Task: {5CCA8EB2-1044-43C2-83EF-14AFD88A23FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6247CC29-3BAC-4EB6-AD0A-8D6CF73982B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6927372A-A3E3-4697-84F8-4492DE198CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70D1EB0E-4134-4D8A-B28B-71D12D891637} - System32\Tasks\{55AAC5B5-BEF5-4E5F-BF9A-95DAFA22D058} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\SharewareOnSale_Giveaway_IObit_Uninstaller_8_PRO_hub.exe -d C:\Users\Beco\Downloads
Task: {70D4EC4B-4DC4-4743-8A18-19650406D2DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {76A1CED5-E44E-41BC-88E4-53FFAC64AC3F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DF081FE-AF3E-4B1F-A713-015169C165F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7E391591-2447-4B71-8C46-9F851D3C62B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8573BFA5-38FD-40AC-9800-8EC04403FFEC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {863D0715-8EC5-4308-B25B-A1A49453A5E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9E9DB093-650D-4AC1-AE74-EFF09DAA28AF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A00C8D46-8534-4496-96EE-C950CC0D41C6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A37D69BB-3628-4340-9743-AC2FA5585724} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B265CC37-CE62-4823-8496-5957A29C4EED} - System32\Tasks\HPCeeScheduleForBeco => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.)
Task: {B9FB55F4-5977-4236-9F75-7569B987B420} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB75632B-EC31-4185-A0E7-CE9618974674} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC00F4DF-2168-4200-B664-82D78875D451} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE834CB4-A940-4395-A30D-42B461E75614} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C118C4DD-2CC4-42CB-BA9E-FA5E7EE07C24} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8C95506-2926-45B9-B2BC-6D645180D789} - System32\Tasks\{B4FF3079-1C8A-4E12-8782-220F860F7F4E} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\EraOfCelestials-gtarcade-5c839784bff81.exe -d C:\Users\Beco\Downloads
Task: {CB047417-746E-40BA-902A-815AC8FA6C7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D3D93664-7AD4-4496-BF89-348597AE5BC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D83BAE58-18BB-4010-9F0E-054149DAE465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {D988B398-1B45-483C-AA40-86B6646D65A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {DB531726-7852-4C5C-8C8E-7E643191E42A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E0E8C45C-FE64-4087-8E0C-2193CDC81717} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7356B7D-5DD6-4890-B4AF-6B1E94A3EF8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Beco\Downloads\esetonlinescanner_enu.exe [7969304 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {EC15E52E-DA43-4DCC-A275-1158D0C511BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F153981F-F55F-4D98-B828-A6E1A197FAF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF8FD040-EFED-4F3F-B025-E7200A94FA01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{338C8A04-E5A4-41C0-A592-06F731151E59}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{50FBF5F3-CB8C-4AC9-A764-9C2251E7FE43}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c92b2e9a-dca7-4503-a7ab-bc7c831445cd}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f048b2a6-1866-46e6-b7f4-e6a65c07e85b}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001 -> hxxp://google.bg/

FireFox:
========
FF DefaultProfile: oytl87x0.default
FF ProfilePath: C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default [2019-07-16]
FF user.js: detected! => C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
FF Homepage: K-Meleon\oytl87x0.default -> google.bg
FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.bg/
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Презентации) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Документи) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Диск) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05]
CHR Extension: (YouTube) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-02]
CHR Extension: (Таблици) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Документи офлайн) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-24]
CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-24]
CHR Extension: (Gmail) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-04]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\WINDOWS\system32\AEADISRV.EXE [90112 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation -> LSI Corporation)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3735832 2019-08-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [304680 2018-05-22] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [1879960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [82984 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [37696 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 ADIHdAudAddService; C:\WINDOWS\system32\drivers\ADIHdAud.sys [381440 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [1163328 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [199608 2019-02-20] (BayHub Technology Inc. -> BayHubTech/O2Micro )
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [47504 2019-08-03] (IVT CORPORATION -> IVT Corporation.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-05-31] (Malwarebytes Corporation -> Malwarebytes)
R3 HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [15544 2010-02-25] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [27968 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [15872 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2019-01-06] (Martin Malik - REALiX -> REALiX(tm))
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\System32\DRIVERS\mbam.sys [63760 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [83648 2019-01-12] (Malwarebytes Corporation -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\System32\DRIVERS\MEmuDrv.sys [257512 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [18448 2019-08-03] (Microsoft Windows Hardware Compatibility Publisher -> NEC Personal Computers, Ltd.)
S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6755840 2010-01-13] (Intel Corporation) [File not signed]
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2019-01-06] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmptsk.sys [48128 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rismc32; C:\WINDOWS\system32\DRIVERS\rismc32.sys [49152 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-08-04] (Adlice -> )
S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [50224 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [269024 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39136 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 19:18 - 2019-08-04 19:19 - 000000000 ____D C:\AdwCleaner
2019-08-04 19:18 - 2019-08-04 19:18 - 007277776 _____ (Malwarebytes) C:\Users\Beco\Downloads\adwcleaner_7.1.1.exe
2019-08-04 18:54 - 2019-08-04 18:54 - 000000000 ____D C:\SecurityCheck
2019-08-04 18:53 - 2019-08-04 18:53 - 000528638 _____ (glax24 (safezone.cc)) C:\Users\Beco\Downloads\SecurityCheck.exe
2019-08-04 18:21 - 2019-08-04 18:21 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-08-04 18:16 - 2019-08-04 18:19 - 000007694 _____ C:\Users\Beco\Downloads\Fixlog.txt
2019-08-04 17:49 - 2019-08-04 17:49 - 000029543 _____ C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt
2019-08-04 17:07 - 2019-08-04 18:34 - 000025876 _____ C:\Users\Beco\Downloads\Addition.txt
2019-08-04 17:04 - 2019-08-04 19:43 - 000023644 _____ C:\Users\Beco\Downloads\FRST.txt
2019-08-04 17:02 - 2019-08-04 19:42 - 000000000 ____D C:\FRST
2019-08-04 17:01 - 2019-08-04 17:01 - 001447936 _____ (Farbar) C:\Users\Beco\Downloads\FRST.exe
2019-08-04 16:54 - 2019-08-04 16:54 - 000000299 _____ C:\Users\Beco\Documents\zemana.txt
2019-08-04 16:51 - 2019-08-04 18:11 - 001496275 _____ C:\WINDOWS\ZAM.krnl.trace
2019-08-04 16:51 - 2019-08-04 16:51 - 000000000 ____D C:\Users\Beco\AppData\Local\Zemana
2019-08-04 16:50 - 2019-08-04 18:11 - 000000000 ____D C:\Users\Beco\AppData\Local\AMSDK
2019-08-04 16:50 - 2019-08-04 16:50 - 012664512 _____ (Zemana Ltd. ) C:\Users\Beco\Downloads\AntiMalware_Setup.exe
2019-08-04 16:45 - 2019-08-04 16:45 - 000000078 _____ C:\Users\Beco\Downloads\137bdc50b1.json
2019-08-04 15:45 - 2019-08-04 15:45 - 000008066 _____ C:\Users\Beco\Documents\Rogue killer.txt
2019-08-04 15:19 - 2019-08-04 15:19 - 000024688 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2019-08-04 15:17 - 2019-08-04 15:17 - 030667800 _____ (Adlice Software ) C:\Users\Beco\Downloads\RogueKiller_setup.exe
2019-08-04 15:09 - 2019-08-04 15:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-04 13:11 - 2019-08-04 13:12 - 000001894 _____ C:\Users\Beco\Desktop\Rkill.txt
2019-08-04 13:10 - 2019-08-04 13:10 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Beco\Downloads\rkill-unsigned.exe
2019-08-04 12:29 - 2019-08-04 14:00 - 000000681 _____ C:\Users\Beco\Desktop\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000780 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000000 ____D C:\Users\Beco\AppData\Local\ESET
2019-08-04 12:28 - 2019-08-04 12:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\Beco\Downloads\esetonlinescanner_enu.exe
2019-08-04 11:17 - 2019-08-04 15:19 - 001146190 _____ C:\WINDOWS\ntbtlog.txt
2019-08-04 09:57 - 2019-08-04 09:57 - 000002856 _____ C:\Users\Beco\Unigine_Heaven_Benchmark_4.0_20190804_0957.html
2019-08-04 09:49 - 2019-08-04 09:59 - 000000000 ____D C:\Users\Beco\Heaven
2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:25 - 2019-08-04 10:14 - 000002217 _____ C:\Users\Beco\Desktop\Plarium Play.lnk
2019-08-04 09:13 - 2019-08-04 09:13 - 001159992 _____ (Plarium) C:\Users\Beco\Downloads\PlariumPlaySetup (1).exe
2019-08-03 18:21 - 2019-08-03 18:21 - 000047504 _____ (IVT Corporation.) C:\WINDOWS\system32\Drivers\btcusb.sys
2019-08-03 18:21 - 2019-08-03 18:21 - 000018448 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys
2019-08-01 13:55 - 2019-05-31 06:13 - 000835688 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-08-01 13:55 - 2019-05-31 06:13 - 000179816 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-08-01 09:04 - 2019-08-01 09:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-01 08:59 - 2019-08-01 08:59 - 000000020 ___SH C:\Users\Beco\ntuser.ini
2019-08-01 08:57 - 2019-08-04 19:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-08-01 08:53 - 2019-08-04 19:27 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-01 08:40 - 2019-08-01 08:40 - 000000000 ____D C:\ProgramData\USOShared
2019-08-01 08:36 - 2019-08-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-01 08:36 - 2019-08-01 09:37 - 000264440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-01 08:03 - 2019-08-01 19:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-08-01 08:03 - 2019-08-01 08:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2019-08-01 08:02 - 2019-08-04 11:32 - 000000000 ____D C:\Users\Beco
2019-08-01 08:02 - 2019-03-19 05:41 - 000001105 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-01 08:01 - 2019-08-01 08:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-08-01 07:50 - 2019-08-01 07:50 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000650552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000075480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002863104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-08-01 07:49 - 2019-08-01 07:49 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001219072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001102648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000995800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000916280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000826680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000733136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000625464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000566072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000522552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000478520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000446224 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000363832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000319376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000279864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000258056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000213776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-01 07:49 - 2019-08-01 07:49 - 000183096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000152888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000111416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000091960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-08-01 07:49 - 2019-08-01 07:49 - 000054792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 007067448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002991104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002777600 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002712072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002245432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002204472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002074224 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001392968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2019-08-01 07:48 - 2019-08-01 07:48 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000700912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000699304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000602640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000554720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000553144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000540680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000398648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000374800 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-01 07:48 - 2019-08-01 07:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000309048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000301880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000265744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000142856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000108048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000061448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000033592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 004679168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003042816 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001893888 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001537624 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000091664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000090128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000028672 _____ C:\WINDOWS\system32\usocoreps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 002600960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002066944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001881400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001331976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001097528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000889888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000690488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000564240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000550200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000425488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-01 07:46 - 2019-08-01 07:46 - 000414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000400232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000321848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000284176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000245544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000235536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000191288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000159544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000156472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000140304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000134424 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000096208 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000095184 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000047928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000045384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000023736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-08-01 07:45 - 2019-08-01 07:45 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000244712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2019-08-01 07:29 - 2019-08-01 07:29 - 000000000 ____D C:\WINDOWS\system32\bg
2019-08-01 07:23 - 2019-08-01 07:23 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\inetpub
2019-08-01 07:22 - 2019-08-01 07:22 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\MSBuild
2019-08-01 07:20 - 2019-08-01 07:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-08-01 07:15 - 2019-08-01 07:15 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-08-01 07:08 - 2019-08-01 07:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-08-01 04:44 - 2019-08-01 08:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-31 19:53 - 2019-07-31 19:53 - 025776848 _____ (Goversoft LLC) C:\Users\Beco\Downloads\PrivaZer_free (2).exe
2019-07-31 15:21 - 2019-07-31 15:23 - 000000000 ____D C:\Users\Beco\Documents\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c
2019-07-31 10:46 - 2019-07-31 10:46 - 000000000 ____D C:\ProgramData\Thunder Network
2019-07-31 10:45 - 2019-08-01 10:06 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2019-07-31 10:45 - 2019-07-31 10:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Xiaomi
2019-07-31 10:42 - 2019-08-04 11:02 - 000000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job
2019-07-31 10:18 - 2019-07-31 10:34 - 1390856692 _____ C:\Users\Beco\Downloads\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c.tgz
2019-07-29 11:31 - 2019-07-29 11:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-07-28 09:45 - 2019-07-28 09:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\AndroidTbox
2019-07-28 09:36 - 2019-07-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2019-07-28 09:35 - 2019-07-28 09:35 - 000000000 ____D C:\Temp
2019-07-21 16:47 - 2019-07-21 16:47 - 004196408 _____ C:\Users\Beco\Downloads\2019-07-10_16-29-20.861.bmp
2019-07-18 17:34 - 2019-07-31 19:53 - 000000000 ____D C:\Program Files\PrivaZer
2019-07-11 13:08 - 2019-07-11 13:22 - 000000775 _____ C:\Users\Beco\Documents\new tournament.txt
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.QtWebEngineProcess
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.LINE
2019-07-07 11:09 - 2019-07-07 11:09 - 000000000 ____D C:\Users\Beco\AppData\Local\HP_Inc
2019-07-07 11:05 - 2019-08-01 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-07-07 11:05 - 2019-07-07 11:05 - 000002262 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Hewlett-Packard
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Local\Hewlett-Packard
2019-07-07 10:44 - 2019-07-07 10:45 - 039926088 _____ (Hewlett Packard ) C:\Users\Beco\Downloads\sp54177.exe
2019-07-07 10:37 - 2019-07-07 11:04 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-07 10:37 - 2019-07-07 10:37 - 000000000 ____D C:\Users\Beco\AppData\Local\HP
2019-07-07 10:36 - 2019-07-07 10:36 - 003510048 _____ (Oleg N. Scherbakov) C:\Users\Beco\Downloads\HPSupportSolutionsFramework-12.11.24.11.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 19:36 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-04 19:27 - 2019-03-19 05:44 - 000000000 ____D C:\WINDOWS\INF
2019-08-04 19:20 - 2019-03-19 05:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-04 19:19 - 2019-01-06 19:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-08-04 19:19 - 2019-01-06 07:53 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\IObit
2019-08-04 19:19 - 2019-01-06 07:53 - 000000000 ____D C:\Program Files\IObit
2019-08-04 19:19 - 2019-01-06 07:52 - 000000000 ____D C:\Users\Beco\AppData\Roaming\IObit
2019-08-04 19:19 - 2019-01-06 07:52 - 000000000 ____D C:\ProgramData\IObit
2019-08-04 19:17 - 2019-04-13 13:26 - 000000000 ____D C:\Users\Beco\AppData\Local\Unity
2019-08-04 19:17 - 2019-01-06 10:16 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\Unity
2019-08-04 18:26 - 2019-01-06 07:56 - 000000000 ____D C:\ProgramData\ProductData
2019-08-04 18:17 - 2009-07-14 05:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-08-04 18:14 - 2019-01-06 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-04 16:43 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\System
2019-08-04 16:43 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-04 10:14 - 2019-04-13 12:35 - 000002131 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Plarium Play.lnk
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Plarium
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Package Cache
2019-08-04 07:29 - 2019-03-19 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-03 23:50 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-02 04:34 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2019-08-01 19:35 - 2019-06-19 04:27 - 000000000 ____D C:\Program Files\UNP
2019-08-01 19:35 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2019-08-01 19:35 - 2019-04-03 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX H.264 decoder
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\spool
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\IME
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ServiceState
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\schemas
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\Registration
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-08-01 19:35 - 2019-03-19 05:43 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-02-24 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-08-01 19:35 - 2019-01-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8K Player
2019-08-01 19:35 - 2019-01-06 07:51 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
2019-08-01 19:35 - 2019-01-05 21:52 - 000000000 ____D C:\Program Files\Intel
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-08-01 15:17 - 2019-04-19 19:53 - 000000000 ____D C:\Users\Beco\AppData\Local\Packages
2019-08-01 10:28 - 2019-02-24 13:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-01 10:28 - 2019-02-24 13:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-01 09:18 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 ___RD C:\Users\Beco\3D Objects
2019-08-01 08:59 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-01 08:58 - 2019-03-19 05:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-01 08:57 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-08-01 08:40 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins
2019-08-01 08:40 - 2019-01-05 22:05 - 000000000 ____D C:\Program Files\LSI SoftModem
2019-08-01 08:39 - 2019-01-05 22:00 - 000000000 ____D C:\WINDOWS\QLB
2019-08-01 08:32 - 2019-03-19 05:49 - 000000000 ____D C:\WINDOWS\Setup
2019-08-01 08:16 - 2019-03-19 05:46 - 000000000 __RHD C:\Users\Public\Libraries
2019-08-01 08:03 - 2019-04-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-08-01 08:03 - 2019-01-12 14:52 - 000000000 ____D C:\Program Files\Synaptics
2019-08-01 08:03 - 2019-01-06 07:59 - 000000000 ____D C:\Program Files\AuthenTec
2019-08-01 08:03 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Microsoft Games
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-01 07:29 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-01 07:29 - 2019-03-19 06:38 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\IME
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\System
2019-08-01 07:29 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\servicing
2019-08-01 07:23 - 2019-03-19 06:39 - 000000000 ____D C:\WINDOWS\OCR
2019-08-01 07:23 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-01 04:23 - 2019-01-05 20:39 - 000000000 ____D C:\Users\Beco\AppData\Local\ElevatedDiagnostics
2019-07-31 20:16 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Local\PrivaZer
2019-07-31 20:01 - 2019-04-18 03:25 - 000000000 ____D C:\Users\Beco\AppData\Local\CrashDumps
2019-07-31 19:53 - 2019-06-02 18:07 - 000001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2019-07-31 19:53 - 2019-06-02 18:07 - 000001904 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2019-07-26 16:30 - 2019-04-19 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-11 12:23 - 2019-01-05 19:50 - 000000000 ____D C:\Users\Beco\AppData\Local\VirtualStore
2019-07-11 12:21 - 2019-04-19 20:32 - 000000000 ____D C:\ProgramData\Packages
2019-07-11 12:21 - 2019-04-19 20:02 - 000000000 ____D C:\Users\Beco\AppData\Local\PlaceholderTileLogoFolder
2019-07-11 05:03 - 2019-04-19 21:24 - 000000000 ___RD C:\Users\Beco\OneDrive
2019-07-10 19:32 - 2019-01-05 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 19:26 - 2019-01-05 21:56 - 133475400 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 12:28 - 2019-01-05 20:17 - 000606264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-07 11:05 - 2019-01-05 22:00 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-07-07 11:04 - 2019-05-04 17:11 - 000000000 ____D C:\Program Files\HP
2019-07-07 11:04 - 2019-04-19 19:43 - 000000000 ____D C:\Users\Beco\AppData\Roaming\hpqLog
2019-07-07 11:04 - 2019-01-05 22:00 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-07-07 10:45 - 2019-05-04 17:09 - 000000000 ____D C:\SWSetup

==================== Files in the root of some directories ================

2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ () C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:14 - 2019-08-04 10:14 - 000061590 _____ () C:\Users\Beco\AppData\Local\PlariumPlay.log
2019-01-05 22:44 - 2019-01-05 22:44 - 000000000 _____ () C:\Users\Beco\AppData\Local\QSwitch.txt
2019-01-26 19:23 - 2019-01-26 19:23 - 000007605 _____ () C:\Users\Beco\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019
Ran by Beco (04-08-2019 19:44:51)
Running from C:\Users\Beco\Downloads
Microsoft Windows 10 Pro Version 1903 18362.267 (X86) (2019-08-01 05:59:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2920239448-2505446405-2311763162-500 - Administrator - Disabled)
Beco (S-1-5-21-2920239448-2505446405-2311763162-1001 - Administrator - Enabled) => C:\Users\Beco
DefaultAccount (S-1-5-21-2920239448-2505446405-2311763162-503 - Limited - Disabled)
Guest (S-1-5-21-2920239448-2505446405-2311763162-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2920239448-2505446405-2311763162-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2920239448-2505446405-2311763162-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8K Player version 4.4.0 (HKLM\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.4.0 - DimoSoft, Inc.)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
DivX H.264 decoder 8.2.0.26 (HKLM\...\divxh264_is1) (Version: 8.2.0.26 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{A2926515-9BCE-4785-AFAD-98233D52C3AE}) (Version: 12.11.27.1 - HP Inc.)
HP System Event Utility (HKLM\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.)
K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Plarium Play (HKLM\...\{12D4088C-8ED7-4218-B9FF-10E8FA3D7B57}) (Version: 3.1.0.0 - Plarium) Hidden
Plarium Play (HKLM\...\{FBD9CDDD-13B0-406B-BDFA-79703D34C153}) (Version: 3.1.0 - Plarium) Hidden
Plarium Play (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\{b06aff34-801f-46e9-9690-9d16b8f33092}) (Version: 3.1.0 - Plarium)
PrivaZer (HKLM\...\PrivaZer) (Version: 3.0.75.0 - Goversoft LLC)
QLBCASL (HKLM\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Skype, версия 8.45 (HKLM\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x86__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x86__8wekyb3d8bbwe [2019-04-20] (Microsoft Corporation)
Поща и календар -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Деинсталирай Privazer.lnk -> C:\Program Files\PrivaZer\privazer_remover.exe (Goversoft LLC) <==== Cyrillic
Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\Control Panel\Desktop\\Wallpaper -> c:\users\beco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\diy.jpg
DNS Servers: 192.168.0.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: SafeDNS Agent => 2
HKLM\...\StartupApproved\Run: => "QlbCtrl.exe"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "SafeDNS Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{155B760F-5E54-482B-8365-6665EC03CC2C}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{44B11955-F926-4A9B-AA9D-6B5A18DAAF61}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{90A20652-3E5F-405C-B8E5-AF6D9A4EC0E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{612CBEB6-20A2-448D-99E9-FCB1F2B34F23}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF4C1CD7-FED9-470D-B329-7F50331D7D0B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{77363016-8846-4DB7-AD51-2B727580DA68}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [TCP Query User{45A74C76-06A8-4563-9550-548C167DE0D2}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [UDP Query User{340FE0D8-F433-4684-8EEE-555FA3D5CC3D}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [TCP Query User{353B7826-2A8F-493D-A1F1-2AC837AF0B3C}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [UDP Query User{24C96F24-BD78-4B3B-8CC8-CCD439113A9E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F80ACAFA-F1DD-447C-8EF2-F8CFE0A3F99F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06598060-8173-4526-85B1-326A8EADE9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-08-2019 13:54:17 Windows Update
03-08-2019 18:20:34 Driver Booster : Microsoft ACPI-Compliant Control Method Battery

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2019 07:41:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 07:26:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3124,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 07:00:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8184,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 06:53:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга SynTPEnh Caller Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Andrea ADI Filters Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга Message Queuing беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 120000 милисекунди ще бъде предприето следното коригиращо действие: Restart the service.

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга HP Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга HPWMISVC беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Agere Modem Call Progress Audio беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2019-08-04 16:39:23.995
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:34.363
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:16.939
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/459d5f08a7|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:34:50.615
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/3e4192f681|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:31:18.836
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/d814e79dee|pid:7088,ProcessStart:132093990433000700
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 15:19:12.432
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 15:09:07.516
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 12:37:18.611
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 12:27:12.471
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 11:52:30.958
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Hewlett-Packard 68PCU Ver. F.20 12/08/2011
Motherboard: Hewlett-Packard 30DB
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3000.26 MB
Available physical RAM: 1115.69 MB
Total Virtual: 5542.26 MB
Available Virtual: 3518.26 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:365.12 GB) (Free:312.39 GB) NTFS
Drive d: () (Fixed) (Total:100.1 GB) (Free:85.36 GB) NTFS

\\?\Volume{35691345-1108-11e9-812b-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{35691348-1108-11e9-812b-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0FD73A73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Определено всичко вече е наред и Chrome зарежда по-бързо

Линк към коментара
Сподели в други сайтове

преди 4 минути, v3cko написа:

Определено всичко вече е наред и Chrome зарежда по-бързо

Чудесно..!

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл  
fixlist.txt  и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

 

Линк към коментара
Сподели в други сайтове

Ако няма нещо друго да се ориентираме към финал..!

 

KpRm 
 
Изтеглете  KpRm от kernel-panik и го запишете на вашия работен плот. 

  • Щракнете с десния бутон върху kprm_ (версия) .exe и изберете Изпълни като администратор. 
  • Когато инструментът се отвори, уверете се, че всички квадратчета са отметнати и изберете Изпълни ( Run ).

111.PNG

 

  • След като приключите, щракнете върху OK. 
  • В Notepad ще се отвори журнал, озаглавен kprm- (date) .txt
  • Моля, копирайте и поставете съдържанието му в следващия си отговор.
Линк към коментара
Сподели в други сайтове

# Run at 4.8.2019 'г.' 20:29:45
# KpRm (Kernel-panik) version 1.7.3
# Website https://kernel-panik.me/tool/kprm/
# Run by Beco from C:\Users\Beco\Downloads
# Computer Name: BECO-PC
# OS: Windows 10 X86 (18362) 

- Create Registry Backup -

  [OK] Registry Backup: C:\KPRM\backup\2019-08-04-20-29

- Search Tools -


  ## AdwCleaner
     [OK] C:\Users\Beco\Downloads\adwcleaner_7.1.1.exe deleted (1)
     [OK] C:\AdwCleaner deleted (1)

  ## ESET Online Scanner
     [OK] HKLM\SOFTWARE\ESET\ESET Online Scanner deleted (1)

  ## FRST
     [OK] C:\Users\Beco\Downloads\Addition.txt deleted (1)
     [OK] C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt deleted (1)
     [OK] C:\Users\Beco\Downloads\Fixlog.txt deleted (1)
     [OK] C:\Users\Beco\Downloads\FRST.exe deleted (1)
     [OK] C:\Users\Beco\Downloads\FRST.txt deleted (1)
     [OK] C:\FRST deleted (1)

  ## SecurityCheck
     [OK] C:\Users\Beco\Downloads\SecurityCheck.exe deleted (1)

- Restore Default System Settings -

  [OK] Flush DNS
  [OK] Reset WinSock
  [OK] Hide Hidden file.
  [OK] Show Extensions for known file types
  [OK] Hide protected operating system files

- Restore UAC Default Value -

  [OK] Set ConsentPromptBehaviorAdmin with default (5) value
  [OK] Set ConsentPromptBehaviorUser with default (3) value
  [OK] Set EnableInstallerDetection with default (0) value
  [OK] Set EnableLUA with default (1) value
  [OK] Set EnableSecureUIAPaths with default (1) value
  [OK] Set EnableUIADesktopToggle with default (0) value
  [OK] Set EnableVirtualization with default (1) value
  [OK] Set FilterAdministratorToken with default (0) value
  [OK] Set PromptOnSecureDesktop with default (1) value
  [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear All System Restore Points -

    ~ [OK] RP named Windows Update created at 08/01/2019 10:54:17 deleted
    ~ [OK] RP named Driver Booster : Microsoft ACPI-Compliant Control Method Battery created at 08/03/2019 15:20:34 deleted

  [OK] All system restore points have been successfully deleted

- Create New System Restore Point -

  [OK] Enable System Restore
  [OK] System Restore Point created

- Display All System Restore Point -

    ~ RP named KpRm created at 08/04/2019 17:31:23 found
 

Линк към коментара
Сподели в други сайтове

Това е от мен..! Ако няма други проблеми , маркирам темата като "Решена" ..! Пожелавам приятна вечер и безопасен интернет..! :)

Линк към коментара
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.

  • Разглеждащи това в момента   0 потребители

    • Няма регистрирани потребители разглеждащи тази страница.
  • Подобни теми

    • от Wizard
      Здравейте, имам съмнение, че системата ми е заразена, тъй като наскоро пробваха да ми източат дебитната карта през Фейсбук, въпреки че паролите ми са силни и ги сменям често. Не ходя по порносайтове, но въпреки това... Благодаря предварително за помощта!
      Addition.txt FRST.txt
    • от Yavor Stoyanov
      Здравейте, става дума за Windows 8 64б. 
      Съветвам се с вас и моля за помощ, тъй като компютъра имаше сериозни проблеми с този лаптоп. Като цяло с инсталациите на множество програми беше вкарала няколко гадни червея с които се справих с лекота, но остана проблема с свалянето на файлове като цяло, като дава грешка ( сканирането за вируси не може да бъде завършено). Абсолютно всяка програма която се слага на лаптопа минава през флашка и моя компютър. На лаптопа преди моята намеса имаше инсталирани съвместно множество антивирусни, които премахнах, или поне тези които можах, възможни са останки от тях!
      Пробвах да активирам дефендъра на уиндоус ама и той ми каза да си гледам работата, защото е забранен от груповите правила, а познайте какво не виждам там: раздел Windows Defender
      Прикрепям логовете, и моля за помощ, с вързани ръце съм...
       
      Addition.txt FRST.txt
    • от miroslav24
      Здравейте,странно нещо се случи след като си пуснах компютъра и опитах да си вляза в пощата,установих че при натискане на един бутон се изписват две букви.Прави го само на горния ред и на някои от цифрите.Сканирах с Malwarebytes и публикувам резултата.Не съм предприемал никакви действия по карантиниране или изчистване на намереното.
      Malwarebytes
      www.malwarebytes.com
      -Log Details-
      Scan Date: 11/5/21
      Scan Time: 11:58 AM
      Log File: e0e93651-3e1e-11ec-93b7-180373dd34b3.json
      -Software Information-
      Version: 4.4.10.144
      Components Version: 1.0.1499
      Update Package Version: 1.0.46810
      License: Trial
      -System Information-
      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: m-PC\user
      -Scan Summary-
      Scan Type: Threat Scan
      Scan Initiated By: Manual
      Result: Completed
      Objects Scanned: 314020
      Threats Detected: 1
      Threats Quarantined: 0
      Time Elapsed: 5 min, 16 sec
      -Scan Options-
      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Disabled
      Heuristics: Enabled
      PUP: Detect
      PUM: Detect
      -Scan Details-
      Process: 0
      (No malicious items detected)
      Module: 0
      (No malicious items detected)
      Registry Key: 0
      (No malicious items detected)
      Registry Value: 0
      (No malicious items detected)
      Registry Data: 0
      (No malicious items detected)
      Data Stream: 0
      (No malicious items detected)
      Folder: 0
      (No malicious items detected)
      File: 1
      Adware.InstallCore, C:\USERS\USER\APPDATA\LOCAL\TEMP\BITC986.TMP.EXE, No Action By User, 517, 640569, 1.0.46810, 760370905C2B1C149042EF74, dds, 01496465, C292D40EF8D20CA5CCCEBA246BE70754, 622A4F58BBAE04994DFA4625E24009DE2B1AE01FE6B7691C6D24BCA0014BAE21
      Physical Sector: 0
      (No malicious items detected)
      WMI: 0
      (No malicious items detected)

      (end)
      прикачам и файлове от сканиране с FRST
       
       
      FRST.txt Addition.txt
    • от valyo_93
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2021
      Ran by Administrator (administrator) on GLBG1543PC04 (Hewlett-Packard HP Compaq 6005 Pro SFF PC) (16-09-2021 11:56:16)
      Running from D:\Users\Administrator\Desktop
      Loaded Profiles: Administrator
      Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) Language: English (United States)
      Default browser: IE
      Boot Mode: Normal
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      () [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe
      () [File not signed] C:\Windows\System32\xWD35bgnd.exe
      () [File not signed] C:\Windows\Xerox\PanelMgr\SSMMgr.exe
      (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
      (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
      (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
      (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
      (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
      (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
      (Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.102\GoogleCrashHandler.exe
      (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
      (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
      (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
      (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
      (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
      (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
      (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
      (OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsService.exe
      (OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsSystray.exe
      (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
      (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
      (Skype Software Sarl -> Skype Technologies) C:\Program Files\Skype\Browser\SkypeBrowserHost.exe
      (TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
      (TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
      (TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
      (Xerox Corporation) [File not signed] C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe
      ==================== Registry (Whitelisted) ===================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [IME JPN 2007 Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEJP\IMJPKLMG.EXE [63856 2011-09-19] (Microsoft Corporation -> Microsoft Corporation)
      HKLM\...\Run: [Korean IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
      HKLM\...\Run: [Microsoft Pinyin IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation -> Microsoft Corporation)
      HKLM\...\Run: [XeroxScanUtility] => C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe [430080 2008-04-15] (Xerox Corporation) [File not signed]
      HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xWD35bgnd.exe [80896 2008-04-14] () [File not signed]
      HKLM\...\Run: [Xerox PanelMgr] => C:\Windows\Xerox\PanelMgr\SSMMgr.exe [626688 2010-01-26] () [File not signed]
      HKLM\...\Run: [Stanley-H_XRX_S2P] => C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe [253952 2010-01-26] () [File not signed]
      HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
      HKLM\...\Run: [StartCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
      HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [112920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
      HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
      HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Run: [Google Update] => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [LogonHoursAction] 2
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DisableTaskMgr] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [NoDispScrSavPage] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [DisablePersonalDirChange] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [NoRun] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [LogonHoursAction] 2
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DisableTaskMgr] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [NoDispScrSavPage] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [DisablePersonalDirChange] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [NoRun] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\MountPoints2: {6a2c2d8e-b410-11e3-9029-3cd92b632c53} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [AvastBrowserAutoLaunch_8901C211194C0DFF277C9606C1448E31] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [LogonHoursAction] 2
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DisableTaskMgr] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [NoDispScrSavPage] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [DisablePersonalDirChange] 1
      HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [NoRun] 1
      HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
      HKLM\...\Windows NT x86\Print Processors\sxs2mPC: C:\Windows\System32\spool\prtprocs\W32X86\sxs2mpc.dll [19968 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) 2000 DDK provider)
      HKLM\...\Windows NT x86\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\W32X86\x5print.dll [10752 2008-05-09] (Xerox Corporation) [File not signed]
      HKLM\...\Windows NT x86\Print Processors\xp3220: C:\Windows\System32\spool\prtprocs\W32X86\xp3220pp.dll [56320 2009-06-17] (Windows (R) Codename Longhorn DDK provider) [File not signed]
      HKLM\...\Print\Monitors\Language Monitor for Xerox Phaser 6125N: C:\Windows\SYSTEM32\XRZWSLBI.DLL [135284 2009-08-30] (Xerox Co., Ltd.) [File not signed]
      HKLM\...\Print\Monitors\sxs2m Langmon: C:\Windows\SYSTEM32\sxs2ml3.dll [22723 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
      HKLM\...\Print\Monitors\Xerox PC Fax Port: C:\Windows\SYSTEM32\XeroxFaxPort.dll [94208 2009-04-02] () [File not signed]
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\Installer\chrmstp.exe [2021-09-03] (Avast Software s.r.o. -> AVAST Software)
      HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
      HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk [2013-09-20]
      ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG) [File not signed]
      GroupPolicy: Restriction ? <==== ATTENTION
      GroupPolicy\User: Restriction ? <==== ATTENTION
      GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Restriction <==== ATTENTION
      GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Restriction <==== ATTENTION
      Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
      Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
      Policies: C:\Users\Librarian\NTUSER.pol: Restriction <==== ATTENTION
      Policies: C:\Users\Visitor\NTUSER.pol: Restriction <==== ATTENTION
      HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
      ==================== Scheduled Tasks (Whitelisted) ============
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      Task: {08DF9C6D-7CB5-4684-B618-67D60F53BEA0} - System32\Tasks\Del Old File => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
      Task: {30793A5D-DAF8-4DCF-9F2D-90350B4C812B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-09-07] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
      Task: {3267B5BB-592E-4EB5-BABA-3B6CFF35A841} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
      Task: {3559AB34-18E1-482D-8F96-4536BA328936} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1546480 2021-06-25] (Avast Software s.r.o. -> Avast Software)
      Task: {3910E168-A173-4EF4-A61E-E5D13CCE99DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{671B1A2E-C698-451F-BF5F-C59EABFF1053}" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{B082BF56-1FC4-46B4-A49A-712889734CCB}" /ENABLE
      Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
      Task: {4E4163B2-2F9B-40BC-BCE1-8CA082945A05} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      Task: {59788F2F-057B-497D-AD10-26F6EBE7DD6E} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core -> No File <==== ATTENTION
      Task: {5CC8CDED-13A6-4AB9-B10C-ADC7F2CE961B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
      Task: {5F353FD2-DAE7-4B61-B6D2-013DE73E0D84} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4364056 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
      Task: {67F3E56F-BF81-40A9-9B43-E0B8D326CF35} - System32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053} => C:\Program Files\Skype\\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
      Task: {6D041990-9703-495B-922D-A29D1E951CF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
      Task: {6D725850-4BEA-4C22-ADFF-0B008091ECAD} - System32\Tasks\delete => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
      Task: {6E99A771-BE6E-4451-865F-6FB9DCBBDFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)
      Task: {88F25EBE-0AD6-45B2-BB52-208CF5A62B03} - System32\Tasks\Log off => C:\Windows\Scripts\logoff.bat [16 2010-10-31] () [File not signed]
      Task: {982A605B-F3AD-4C0D-8BBF-E7630ADB1F1E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
      Task: {9F2A0AEF-F85F-4784-A1C3-68726ED402A0} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001UA -> No File <==== ATTENTION
      Task: {A2DF1937-8BB7-429B-838F-9BB6B671ABA2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
      Task: {AED1AD05-FC83-4BAD-945F-721B4890EC84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-15] (Adobe Inc. -> Adobe)
      Task: {B1AE9B04-84F1-4831-8527-D76B753CBA2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)
      Task: {BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
      Task: {BD743956-DC62-4307-843F-D62CE84AD182} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
      Task: {C55964AC-A211-4B5D-B595-C77C191E72DB} - System32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB} => "C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain
      Task: {DDA3604F-53D8-4D74-AB76-64F76053088A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      Task: {EF23F159-7109-499A-A25E-2BF8A8FE9116} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)
      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
      Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
      Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
      Tcpip\..\Interfaces\{A753DA6E-FE95-49B7-AA56-3DC81D3E4609}: [DhcpNameServer] 192.168.0.1
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
      FireFox:
      ========
      FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\c21lr0at.default [2018-09-27]
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
      FF Plugin: @IPC/WebClient -> C:\windows\system32\SuperClient2\npSuperClient.dll [2013-09-26] (Chipspoint Electronics Co., Ltd -> )
      FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-25] (Oracle America, Inc. -> Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
      FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-11-26] (Nullsoft, Inc.) [File not signed]
      FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
      FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
      FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
      FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Visitor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies SF -> Unity Technologies ApS)
      FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
      FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
      FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
      FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
      FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION
      Chrome: 
      =======
      CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2021-09-16]
      CHR Notifications: Default -> hxxps://www.facebook.com
      CHR Extension: (Документи) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-27]
      CHR Extension: (Google Диск) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-31]
      CHR Extension: (Google Документи офлайн) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-01]
      CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31]
      CHR Extension: (Skype) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-09-27]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-31]
      CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-31]
      CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
      CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
      CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
      ==================== Services (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
      S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)
      S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
      R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
      R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
      R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7466064 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
      S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [575768 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
      R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [357656 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
      S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\elevation_service.exe [1197032 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
      R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
      R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
      R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
      R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
      R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
      ===================== Drivers (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
      R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [8395776 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
      R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [