Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Проверка на системата


Препоръчан отговор

Напоследък Chrome зарежда бавно имам чувството че сякаш системата е тромава , днес при опитите да изтегля Farbar страницата се зареждаше около 1:30 минути докато започне самото изтегляне и то неуспешно

Addition_04-08-2019 17.09.48.txt FRST_04-08-2019 17.09.48.txt

Линк към коментара
Сподели в други сайтове

Здравейте..! Вие някакви опити на самолечение сте правили ....и хубаво сте омазали ситуацията....!

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Цитат
Driver Booster 6 (HKLM\...\Driver Booster_is1) (Version: 6.5.0 - IObit)
RogueKiller version 13.3.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.3.2.0 - Adlice Software)
Zemana AntiMalware, версия 3.1.375 (HKLM\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.375 - Zemana)
Malwarebytes, версия 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

 

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл
fixlist.txt  и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt
Линк към коментара
Сподели в други сайтове

Свежо ново сканиране с:

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 
 
Линк към коментара
Сподели в други сайтове

Днес писах с колегата ви  B-boy/StyLe/     защото не можех да изтегля Farbar , браузърите го блокираха като вирус и накрая реших да правя опити сам за което знам че не е редно

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019
Ran by Beco (administrator) on BECO-PC (Hewlett-Packard HP EliteBook 6930p) (04-08-2019 18:28:47)
Running from C:\Users\Beco\Downloads
Loaded Profiles: Beco (Available Profiles: Beco)
Platform: Microsoft Windows 10 Pro Version 1903 18362.267 (X86) Language: Английски (Съединени щати)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HPMessageService] => C:\Program Files\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007EB50E-306C-4243-A051-E9CD96BD6478} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02368336-6FC1-4641-AC1C-AF3E2FBAFA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.)
Task: {09CD826E-432A-424E-9075-D474750087E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {0AC7D9DD-906E-4B7B-847E-273A28E54C7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CD5E731-3C97-48A0-89D3-4BE6DE9D3197} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {10F238F1-61B3-4FF4-B5F0-8DDC8322392A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {1B3EB7B5-BC28-4B91-AE3A-F9EED593562F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [137592 2019-06-12] (HP Inc. -> HP Inc.)
Task: {1ECBFDA8-5C75-484C-9609-D69F88A27FC2} - System32\Tasks\{C5F4DFD8-894D-40BF-9817-EDD70197CF73} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\LeagueOfAngels3-gtarcade-5c84c94d5b7d1.exe -d C:\Users\Beco\Downloads
Task: {2237D89C-8BA2-4D66-8621-5F8040BA7EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {23C30DE0-3363-4410-9EB8-2B31B3D0ECEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {25AB2260-9353-403C-90EC-CC7BD098D295} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2671536C-6AFE-4BA9-B77B-1D42B06C7FB1} - System32\Tasks\Uninstaller_SkipUac_Beco => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [5293328 2019-03-19] (IObit Information Technology -> IObit)
Task: {2BDBC731-7714-481B-B2BC-27EC77EACFFB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {36942695-8A2A-42ED-A030-4B8E54984C38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {36FF84BD-F80B-4AC0-A3CD-CEA552F511CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B8B0FF6-5976-4CD4-868A-6EFD55AC20EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CC255DE-9A77-4339-B257-97BEED1F30CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D8A7ED4-7E07-4834-9592-460518EE157F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {43CBF981-9207-415B-A43F-EA808D674483} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5286E90C-81E4-4622-9F35-2E63C86A789E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files\PrivaZer\PrivaZer.exe [17307864 2019-07-31] (Goversoft LLC -> Goversoft LLC)
Task: {5CCA8EB2-1044-43C2-83EF-14AFD88A23FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6247CC29-3BAC-4EB6-AD0A-8D6CF73982B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6927372A-A3E3-4697-84F8-4492DE198CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70D1EB0E-4134-4D8A-B28B-71D12D891637} - System32\Tasks\{55AAC5B5-BEF5-4E5F-BF9A-95DAFA22D058} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\SharewareOnSale_Giveaway_IObit_Uninstaller_8_PRO_hub.exe -d C:\Users\Beco\Downloads
Task: {70D4EC4B-4DC4-4743-8A18-19650406D2DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {76A1CED5-E44E-41BC-88E4-53FFAC64AC3F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DF081FE-AF3E-4B1F-A713-015169C165F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7E391591-2447-4B71-8C46-9F851D3C62B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8573BFA5-38FD-40AC-9800-8EC04403FFEC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {863D0715-8EC5-4308-B25B-A1A49453A5E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9E9DB093-650D-4AC1-AE74-EFF09DAA28AF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A00C8D46-8534-4496-96EE-C950CC0D41C6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A37D69BB-3628-4340-9743-AC2FA5585724} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B265CC37-CE62-4823-8496-5957A29C4EED} - System32\Tasks\HPCeeScheduleForBeco => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.)
Task: {B9FB55F4-5977-4236-9F75-7569B987B420} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB75632B-EC31-4185-A0E7-CE9618974674} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC00F4DF-2168-4200-B664-82D78875D451} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE834CB4-A940-4395-A30D-42B461E75614} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C118C4DD-2CC4-42CB-BA9E-FA5E7EE07C24} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8C95506-2926-45B9-B2BC-6D645180D789} - System32\Tasks\{B4FF3079-1C8A-4E12-8782-220F860F7F4E} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\EraOfCelestials-gtarcade-5c839784bff81.exe -d C:\Users\Beco\Downloads
Task: {CB047417-746E-40BA-902A-815AC8FA6C7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D3D93664-7AD4-4496-BF89-348597AE5BC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D83BAE58-18BB-4010-9F0E-054149DAE465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {D988B398-1B45-483C-AA40-86B6646D65A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {DB531726-7852-4C5C-8C8E-7E643191E42A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E0E8C45C-FE64-4087-8E0C-2193CDC81717} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7356B7D-5DD6-4890-B4AF-6B1E94A3EF8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Beco\Downloads\esetonlinescanner_enu.exe [7969304 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {EC15E52E-DA43-4DCC-A275-1158D0C511BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F153981F-F55F-4D98-B828-A6E1A197FAF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF8FD040-EFED-4F3F-B025-E7200A94FA01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{338C8A04-E5A4-41C0-A592-06F731151E59}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{50FBF5F3-CB8C-4AC9-A764-9C2251E7FE43}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c92b2e9a-dca7-4503-a7ab-bc7c831445cd}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f048b2a6-1866-46e6-b7f4-e6a65c07e85b}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit Information Technology -> IObit)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001 -> hxxp://google.bg/

FireFox:
========
FF DefaultProfile: oytl87x0.default
FF ProfilePath: C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default [2019-07-16]
FF user.js: detected! => C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
FF Homepage: K-Meleon\oytl87x0.default -> google.bg
FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin HKU\S-1-5-21-2920239448-2505446405-2311763162-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Beco\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.bg/
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Презентации) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Документи) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Диск) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05]
CHR Extension: (YouTube) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-02]
CHR Extension: (Таблици) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Документи офлайн) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-24]
CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-24]
CHR Extension: (Gmail) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-04]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\WINDOWS\system32\AEADISRV.EXE [90112 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation -> LSI Corporation)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology -> IObit)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3735832 2019-08-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [304680 2018-05-22] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [1879960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [82984 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [37696 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 ADIHdAudAddService; C:\WINDOWS\system32\drivers\ADIHdAud.sys [381440 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [1163328 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [199608 2019-02-20] (BayHub Technology Inc. -> BayHubTech/O2Micro )
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [47504 2019-08-03] (IVT CORPORATION -> IVT Corporation.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-05-31] (Malwarebytes Corporation -> Malwarebytes)
R3 HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [15544 2010-02-25] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [27968 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [15872 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2019-01-06] (Martin Malik - REALiX -> REALiX(tm))
R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IUProcessFilter.sys [35136 2018-10-16] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IURegistryFilter.sys [41336 2018-10-16] (IObit Information Technology -> IObit)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\System32\DRIVERS\mbam.sys [63760 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [83648 2019-01-12] (Malwarebytes Corporation -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\System32\DRIVERS\MEmuDrv.sys [257512 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [18448 2019-08-03] (Microsoft Windows Hardware Compatibility Publisher -> NEC Personal Computers, Ltd.)
S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6755840 2010-01-13] (Intel Corporation) [File not signed]
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2019-01-06] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmptsk.sys [48128 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rismc32; C:\WINDOWS\system32\DRIVERS\rismc32.sys [49152 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-08-04] (Adlice -> )
S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [50224 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [269024 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39136 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 18:21 - 2019-08-04 18:21 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-08-04 18:16 - 2019-08-04 18:19 - 000007694 _____ C:\Users\Beco\Downloads\Fixlog.txt
2019-08-04 17:49 - 2019-08-04 17:49 - 000029543 _____ C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt
2019-08-04 17:07 - 2019-08-04 17:09 - 000029543 _____ C:\Users\Beco\Downloads\Addition.txt
2019-08-04 17:04 - 2019-08-04 18:30 - 000024833 _____ C:\Users\Beco\Downloads\FRST.txt
2019-08-04 17:02 - 2019-08-04 18:28 - 000000000 ____D C:\FRST
2019-08-04 17:01 - 2019-08-04 17:01 - 001447936 _____ (Farbar) C:\Users\Beco\Downloads\FRST.exe
2019-08-04 16:54 - 2019-08-04 16:54 - 000000299 _____ C:\Users\Beco\Documents\zemana.txt
2019-08-04 16:51 - 2019-08-04 18:11 - 001496275 _____ C:\WINDOWS\ZAM.krnl.trace
2019-08-04 16:51 - 2019-08-04 16:51 - 000000000 ____D C:\Users\Beco\AppData\Local\Zemana
2019-08-04 16:50 - 2019-08-04 18:11 - 000000000 ____D C:\Users\Beco\AppData\Local\AMSDK
2019-08-04 16:50 - 2019-08-04 16:50 - 012664512 _____ (Zemana Ltd. ) C:\Users\Beco\Downloads\AntiMalware_Setup.exe
2019-08-04 16:45 - 2019-08-04 16:45 - 000000078 _____ C:\Users\Beco\Downloads\137bdc50b1.json
2019-08-04 15:45 - 2019-08-04 15:45 - 000008066 _____ C:\Users\Beco\Documents\Rogue killer.txt
2019-08-04 15:19 - 2019-08-04 15:19 - 000024688 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2019-08-04 15:17 - 2019-08-04 15:17 - 030667800 _____ (Adlice Software ) C:\Users\Beco\Downloads\RogueKiller_setup.exe
2019-08-04 15:09 - 2019-08-04 15:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-04 13:11 - 2019-08-04 13:12 - 000001894 _____ C:\Users\Beco\Desktop\Rkill.txt
2019-08-04 13:10 - 2019-08-04 13:10 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Beco\Downloads\rkill-unsigned.exe
2019-08-04 12:29 - 2019-08-04 14:00 - 000000681 _____ C:\Users\Beco\Desktop\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000780 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000000 ____D C:\Users\Beco\AppData\Local\ESET
2019-08-04 12:28 - 2019-08-04 12:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\Beco\Downloads\esetonlinescanner_enu.exe
2019-08-04 11:17 - 2019-08-04 15:19 - 001146190 _____ C:\WINDOWS\ntbtlog.txt
2019-08-04 09:57 - 2019-08-04 09:57 - 000002856 _____ C:\Users\Beco\Unigine_Heaven_Benchmark_4.0_20190804_0957.html
2019-08-04 09:49 - 2019-08-04 09:59 - 000000000 ____D C:\Users\Beco\Heaven
2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:25 - 2019-08-04 10:14 - 000002217 _____ C:\Users\Beco\Desktop\Plarium Play.lnk
2019-08-04 09:13 - 2019-08-04 09:13 - 001159992 _____ (Plarium) C:\Users\Beco\Downloads\PlariumPlaySetup (1).exe
2019-08-03 18:21 - 2019-08-03 18:21 - 000047504 _____ (IVT Corporation.) C:\WINDOWS\system32\Drivers\btcusb.sys
2019-08-03 18:21 - 2019-08-03 18:21 - 000018448 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys
2019-08-01 13:55 - 2019-05-31 06:13 - 000835688 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-08-01 13:55 - 2019-05-31 06:13 - 000179816 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-08-01 09:04 - 2019-08-01 09:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-01 08:59 - 2019-08-01 08:59 - 000000020 ___SH C:\Users\Beco\ntuser.ini
2019-08-01 08:57 - 2019-08-04 18:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-08-01 08:53 - 2019-08-04 18:27 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-01 08:40 - 2019-08-01 08:40 - 000000000 ____D C:\ProgramData\USOShared
2019-08-01 08:36 - 2019-08-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-01 08:36 - 2019-08-01 09:37 - 000264440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-01 08:03 - 2019-08-01 19:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-08-01 08:03 - 2019-08-01 08:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2019-08-01 08:02 - 2019-08-04 11:32 - 000000000 ____D C:\Users\Beco
2019-08-01 08:02 - 2019-03-19 05:41 - 000001105 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-01 08:01 - 2019-08-01 08:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-08-01 07:50 - 2019-08-01 07:50 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000650552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000075480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002863104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-08-01 07:49 - 2019-08-01 07:49 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001219072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001102648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000995800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000916280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000826680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000733136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000625464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000566072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000522552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000478520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000446224 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000363832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000319376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000279864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000258056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000213776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-01 07:49 - 2019-08-01 07:49 - 000183096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000152888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000111416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000091960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-08-01 07:49 - 2019-08-01 07:49 - 000054792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 007067448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002991104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002777600 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002712072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002245432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002204472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002074224 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001392968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2019-08-01 07:48 - 2019-08-01 07:48 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000700912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000699304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000602640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000554720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000553144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000540680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000398648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000374800 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-01 07:48 - 2019-08-01 07:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000309048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000301880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000265744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000142856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000108048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000061448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000033592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 004679168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003042816 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001893888 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001537624 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000091664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000090128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000028672 _____ C:\WINDOWS\system32\usocoreps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 002600960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002066944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001881400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001331976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001097528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000889888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000690488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000564240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000550200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000425488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-01 07:46 - 2019-08-01 07:46 - 000414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000400232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000321848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000284176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000245544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000235536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000191288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000159544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000156472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000140304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000134424 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000096208 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000095184 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000047928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000045384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000023736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-08-01 07:45 - 2019-08-01 07:45 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000244712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2019-08-01 07:29 - 2019-08-01 07:29 - 000000000 ____D C:\WINDOWS\system32\bg
2019-08-01 07:23 - 2019-08-01 07:23 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\inetpub
2019-08-01 07:22 - 2019-08-01 07:22 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\MSBuild
2019-08-01 07:20 - 2019-08-01 07:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-08-01 07:15 - 2019-08-01 07:15 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-08-01 07:08 - 2019-08-01 07:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-08-01 04:44 - 2019-08-01 08:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-31 19:53 - 2019-07-31 19:53 - 025776848 _____ (Goversoft LLC) C:\Users\Beco\Downloads\PrivaZer_free (2).exe
2019-07-31 15:21 - 2019-07-31 15:23 - 000000000 ____D C:\Users\Beco\Documents\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c
2019-07-31 10:46 - 2019-07-31 10:46 - 000000000 ____D C:\ProgramData\Thunder Network
2019-07-31 10:45 - 2019-08-01 10:06 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2019-07-31 10:45 - 2019-07-31 10:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Xiaomi
2019-07-31 10:42 - 2019-08-04 11:02 - 000000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job
2019-07-31 10:18 - 2019-07-31 10:34 - 1390856692 _____ C:\Users\Beco\Downloads\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c.tgz
2019-07-29 11:31 - 2019-07-29 11:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-07-28 09:45 - 2019-07-28 09:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\AndroidTbox
2019-07-28 09:36 - 2019-07-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2019-07-28 09:36 - 2019-07-28 09:43 - 000000000 ____D C:\ProgramData\Tencent
2019-07-28 09:36 - 2019-07-28 09:36 - 000000000 ____D C:\Users\Beco\AppData\Local\Tencent
2019-07-28 09:35 - 2019-07-28 10:25 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Tencent
2019-07-28 09:35 - 2019-07-28 09:35 - 000000000 ____D C:\Temp
2019-07-21 16:47 - 2019-07-21 16:47 - 004196408 _____ C:\Users\Beco\Downloads\2019-07-10_16-29-20.861.bmp
2019-07-18 17:34 - 2019-07-31 19:53 - 000000000 ____D C:\Program Files\PrivaZer
2019-07-11 13:08 - 2019-07-11 13:22 - 000000775 _____ C:\Users\Beco\Documents\new tournament.txt
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.QtWebEngineProcess
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.LINE
2019-07-07 11:09 - 2019-07-07 11:09 - 000000000 ____D C:\Users\Beco\AppData\Local\HP_Inc
2019-07-07 11:05 - 2019-08-01 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-07-07 11:05 - 2019-07-07 11:05 - 000002262 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Hewlett-Packard
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Local\Hewlett-Packard
2019-07-07 10:44 - 2019-07-07 10:45 - 039926088 _____ (Hewlett Packard ) C:\Users\Beco\Downloads\sp54177.exe
2019-07-07 10:37 - 2019-07-07 11:04 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-07 10:37 - 2019-07-07 10:37 - 000000000 ____D C:\Users\Beco\AppData\Local\HP
2019-07-07 10:36 - 2019-07-07 10:36 - 003510048 _____ (Oleg N. Scherbakov) C:\Users\Beco\Downloads\HPSupportSolutionsFramework-12.11.24.11.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 18:27 - 2019-03-19 05:44 - 000000000 ____D C:\WINDOWS\INF
2019-08-04 18:26 - 2019-01-06 07:56 - 000000000 ____D C:\ProgramData\ProductData
2019-08-04 18:21 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-04 18:20 - 2019-03-19 05:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-04 18:17 - 2009-07-14 05:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-08-04 18:14 - 2019-01-06 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-04 18:09 - 2019-01-06 07:52 - 000000000 ____D C:\Users\Beco\AppData\Roaming\IObit
2019-08-04 16:43 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\System
2019-08-04 16:43 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-04 10:14 - 2019-04-13 12:35 - 000002131 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Plarium Play.lnk
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Plarium
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Package Cache
2019-08-04 09:30 - 2019-01-06 10:16 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\Unity
2019-08-04 07:29 - 2019-03-19 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-03 23:50 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-02 04:34 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2019-08-01 19:35 - 2019-06-19 04:27 - 000000000 ____D C:\Program Files\UNP
2019-08-01 19:35 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2019-08-01 19:35 - 2019-04-03 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX H.264 decoder
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\spool
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\IME
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ServiceState
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\schemas
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\Registration
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-08-01 19:35 - 2019-03-19 05:43 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-02-24 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-08-01 19:35 - 2019-01-06 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2019-08-01 19:35 - 2019-01-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8K Player
2019-08-01 19:35 - 2019-01-06 07:51 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
2019-08-01 19:35 - 2019-01-05 21:52 - 000000000 ____D C:\Program Files\Intel
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-08-01 15:17 - 2019-04-19 19:53 - 000000000 ____D C:\Users\Beco\AppData\Local\Packages
2019-08-01 10:28 - 2019-02-24 13:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-01 10:28 - 2019-02-24 13:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-01 09:18 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 ___RD C:\Users\Beco\3D Objects
2019-08-01 08:59 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-01 08:58 - 2019-03-19 05:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-01 08:57 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-08-01 08:40 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins
2019-08-01 08:40 - 2019-01-05 22:05 - 000000000 ____D C:\Program Files\LSI SoftModem
2019-08-01 08:39 - 2019-01-05 22:00 - 000000000 ____D C:\WINDOWS\QLB
2019-08-01 08:32 - 2019-03-19 05:49 - 000000000 ____D C:\WINDOWS\Setup
2019-08-01 08:16 - 2019-03-19 05:46 - 000000000 __RHD C:\Users\Public\Libraries
2019-08-01 08:03 - 2019-04-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-08-01 08:03 - 2019-01-12 14:52 - 000000000 ____D C:\Program Files\Synaptics
2019-08-01 08:03 - 2019-01-06 07:59 - 000000000 ____D C:\Program Files\AuthenTec
2019-08-01 08:03 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Microsoft Games
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-01 07:29 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-01 07:29 - 2019-03-19 06:38 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\IME
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\System
2019-08-01 07:29 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\servicing
2019-08-01 07:23 - 2019-03-19 06:39 - 000000000 ____D C:\WINDOWS\OCR
2019-08-01 07:23 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-01 04:23 - 2019-01-05 20:39 - 000000000 ____D C:\Users\Beco\AppData\Local\ElevatedDiagnostics
2019-07-31 20:16 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Local\PrivaZer
2019-07-31 20:01 - 2019-04-18 03:25 - 000000000 ____D C:\Users\Beco\AppData\Local\CrashDumps
2019-07-31 19:53 - 2019-06-02 18:07 - 000001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2019-07-31 19:53 - 2019-06-02 18:07 - 000001904 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2019-07-26 16:30 - 2019-04-19 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-11 12:23 - 2019-01-05 19:50 - 000000000 ____D C:\Users\Beco\AppData\Local\VirtualStore
2019-07-11 12:21 - 2019-04-19 20:32 - 000000000 ____D C:\ProgramData\Packages
2019-07-11 12:21 - 2019-04-19 20:02 - 000000000 ____D C:\Users\Beco\AppData\Local\PlaceholderTileLogoFolder
2019-07-11 05:03 - 2019-04-19 21:24 - 000000000 ___RD C:\Users\Beco\OneDrive
2019-07-10 19:32 - 2019-01-05 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 19:26 - 2019-01-05 21:56 - 133475400 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 12:28 - 2019-01-05 20:17 - 000606264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-07 11:05 - 2019-01-05 22:00 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-07-07 11:04 - 2019-05-04 17:11 - 000000000 ____D C:\Program Files\HP
2019-07-07 11:04 - 2019-04-19 19:43 - 000000000 ____D C:\Users\Beco\AppData\Roaming\hpqLog
2019-07-07 11:04 - 2019-01-05 22:00 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-07-07 10:45 - 2019-05-04 17:09 - 000000000 ____D C:\SWSetup

==================== Files in the root of some directories ================

2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ () C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:14 - 2019-08-04 10:14 - 000061590 _____ () C:\Users\Beco\AppData\Local\PlariumPlay.log
2019-01-05 22:44 - 2019-01-05 22:44 - 000000000 _____ () C:\Users\Beco\AppData\Local\QSwitch.txt
2019-01-26 19:23 - 2019-01-26 19:23 - 000007605 _____ () C:\Users\Beco\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019
Ran by Beco (04-08-2019 18:31:23)
Running from C:\Users\Beco\Downloads
Microsoft Windows 10 Pro Version 1903 18362.267 (X86) (2019-08-01 05:59:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2920239448-2505446405-2311763162-500 - Administrator - Disabled)
Beco (S-1-5-21-2920239448-2505446405-2311763162-1001 - Administrator - Enabled) => C:\Users\Beco
DefaultAccount (S-1-5-21-2920239448-2505446405-2311763162-503 - Limited - Disabled)
Guest (S-1-5-21-2920239448-2505446405-2311763162-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2920239448-2505446405-2311763162-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2920239448-2505446405-2311763162-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8K Player version 4.4.0 (HKLM\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.4.0 - DimoSoft, Inc.)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
DivX H.264 decoder 8.2.0.26 (HKLM\...\divxh264_is1) (Version: 8.2.0.26 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{A2926515-9BCE-4785-AFAD-98233D52C3AE}) (Version: 12.11.27.1 - HP Inc.)
HP System Event Utility (HKLM\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.)
IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.4.0.11 - IObit)
K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Plarium Play (HKLM\...\{12D4088C-8ED7-4218-B9FF-10E8FA3D7B57}) (Version: 3.1.0.0 - Plarium) Hidden
Plarium Play (HKLM\...\{FBD9CDDD-13B0-406B-BDFA-79703D34C153}) (Version: 3.1.0 - Plarium) Hidden
Plarium Play (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\{b06aff34-801f-46e9-9690-9d16b8f33092}) (Version: 3.1.0 - Plarium)
PrivaZer (HKLM\...\PrivaZer) (Version: 3.0.75.0 - Goversoft LLC)
QLBCASL (HKLM\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Skype, версия 8.45 (HKLM\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x86__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x86__8wekyb3d8bbwe [2019-04-20] (Microsoft Corporation)
Поща и календар -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Beco\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies SF -> Unity Technologies ApS)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Деинсталирай Privazer.lnk -> C:\Program Files\PrivaZer\privazer_remover.exe (Goversoft LLC) <==== Cyrillic
Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\Control Panel\Desktop\\Wallpaper -> c:\users\beco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\diy.jpg
DNS Servers: 192.168.0.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: SafeDNS Agent => 2
HKLM\...\StartupApproved\Run: => "QlbCtrl.exe"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "SafeDNS Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{155B760F-5E54-482B-8365-6665EC03CC2C}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{44B11955-F926-4A9B-AA9D-6B5A18DAAF61}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{08CAA098-8E08-4DD6-AB80-2885F8050FD9}] => (Allow) C:\Users\Beco\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B0A739B5-4232-4958-9C1D-486DC1047518}] => (Allow) C:\Users\Beco\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{90A20652-3E5F-405C-B8E5-AF6D9A4EC0E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{612CBEB6-20A2-448D-99E9-FCB1F2B34F23}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF4C1CD7-FED9-470D-B329-7F50331D7D0B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{77363016-8846-4DB7-AD51-2B727580DA68}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [TCP Query User{45A74C76-06A8-4563-9550-548C167DE0D2}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [UDP Query User{340FE0D8-F433-4684-8EEE-555FA3D5CC3D}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [TCP Query User{353B7826-2A8F-493D-A1F1-2AC837AF0B3C}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [UDP Query User{24C96F24-BD78-4B3B-8CC8-CCD439113A9E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F80ACAFA-F1DD-447C-8EF2-F8CFE0A3F99F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06598060-8173-4526-85B1-326A8EADE9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-08-2019 13:54:17 Windows Update
03-08-2019 18:20:34 Driver Booster : Microsoft ACPI-Compliant Control Method Battery

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2019 06:26:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2400,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 06:17:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (08/04/2019 06:16:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Грешка в услугата "Криптографски услуги" при обработка на обръщение на OnIdentity() към обекта System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (08/04/2019 06:16:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {73ac7222-9583-4e9c-aeca-ddf782586332}


System errors:
=============
Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:17:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга Windows Search беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 30000 милисекунди ще бъде предприето следното коригиращо действие: Restart the service.

Error: (08/04/2019 06:17:23 PM) (Source: WAS) (EventID: 5175) (User: )
Description: The listener adapter serving the 'net.msmq' protocol disconnected unexpectedly.

Error: (08/04/2019 06:17:23 PM) (Source: WAS) (EventID: 5175) (User: )
Description: The listener adapter serving the 'net.pipe' protocol disconnected unexpectedly.


Windows Defender:
===================================
Date: 2019-08-04 16:39:23.995
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:34.363
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:16.939
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/459d5f08a7|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:34:50.615
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/3e4192f681|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:31:18.836
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/d814e79dee|pid:7088,ProcessStart:132093990433000700
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 15:19:12.432
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 15:09:07.516
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 12:37:18.611
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 12:27:12.471
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 11:52:30.958
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Hewlett-Packard 68PCU Ver. F.20 12/08/2011
Motherboard: Hewlett-Packard 30DB
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 3000.26 MB
Available physical RAM: 1096.62 MB
Total Virtual: 5542.26 MB
Available Virtual: 3503.47 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:365.12 GB) (Free:312.59 GB) NTFS
Drive d: () (Fixed) (Total:100.1 GB) (Free:85.36 GB) NTFS

\\?\Volume{35691345-1108-11e9-812b-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{35691348-1108-11e9-812b-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0FD73A73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Не видях че сте писали погоре - потърсих съвет от него защото не можех да изтегля Farbar и да направя сканиране и да пусна тема , а не по тази тема

Линк към коментара
Сподели в други сайтове

Някаква промяна след изпълнението на последните инструкции..? Как се държи компютъра ви ....?

+

25.jpg?1426074241   Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с име SecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • SecurityCheck.txt
Линк към коментара
Сподели в други сайтове

Системата се държи по добре , ето и резултата от сканирането:

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 04.08.2019 18:54:10
Path starting: C:\Users\Beco\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Beco
VersionXML: 6.67is-31.07.2019
___________________________________________________________________________

Windows 10(6.3.18362) (x86) Professional Release: 1903 Lang: English(0409)
Installation date OS: 01.08.2019 05:59:11
LicenseStatus: Windows(R), Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: 😄 FS: [NTFS] Capacity: [365.1 Gb] Used: [52.6 Gb] Free: [312.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.239.18362.0
User Account Control enabled (Level 3)
Never check for updates
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Защитна стена на Windows Defender (mpssvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft .NET Framework 4.7.2 v.4.7.03062
-------------------------------- [ Arch ] ---------------------------------
WinRAR 5.70 (32-bit) v.5.70.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype, версия 8.45 v.8.45 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 32 NPAPI v.32.0.0.223
Adobe Flash Player 32 PPAPI v.32.0.0.223
------------------------------- [ Browser ] -------------------------------
Google Chrome v.76.0.3809.87
K-Meleon 75.0 (x86 en-US) v.75.0
------------------ [ AntivirusFirewallProcessServices ] -------------------
Malwarebytes Service (MBAMService) - The service has stopped
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe v.4.18.1907.4
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe v.4.18.1907.4
Услуга Windows Defender Antivirus (WinDefend) - The service is running
Услуга за мрежова проверка на Windows Defender Antivirus (WdNisSvc) - The service is running
Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
IObit Uninstaller 8 v.8.4.0.11 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Unity Web Player v.5.3.8f2 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
IObit Uninstaller Service (IObitUnSvr) - The service has stopped
----------------------------- [ End of Log ] ------------------------------
 

Линк към коментара
Сподели в други сайтове

Цитат

Obit Uninstaller 8 v.8.4.0.11 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Unity Web Player v.5.3.8f2 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.

 

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Цитат

Unity Web Player (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)

IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.4.0.11 - IObit)

 

 

BY4dvz9.png Сканиране с AdwCleaner

  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner 7.4.0
  • Натиснете бутона Scan Now (или Сканиране сега, ако ви е на български)

4lqbd6J.png

  • AdwCleaner ще обнови базата с дефинициите си и ще започне да проверява компютъра. Проверката ще отнеме не повече от няколко секунди.
  • След като проверката приключи ако има намерени обекти ще се появи диалогов прозорец подканващ ви да натиснете бутона Clean & Repair (Почисти & Поправи).
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.

FCuQiuz.png

  • Ако не бъдат открити зарази ще видите следния прозорец:

CWWivYK.png

  • Натиснете бутона Skip Basic Repair (Пропускане на основното поправяне).
  • И в двата случая ако няма открити зарази или ако програмата е почистила такива, стартирайте пак програмата и отидете до табът Log files
  • Кликнете с двукратен клил на мишката върху лог файла с последната дата и част (новите файлове са най-отдолу в списъка) и публикувайте съдържанието на файла в следващия си коментар.

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • AdwCleaner .txt
Линк към коментара
Сподели в други сайтове

# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-24-2018
# Database: 
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-04-2019
# Duration: 00:00:04
# OS:       Windows 10 Pro
# Cleaned:  18
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted       C:\Users\Beco\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\Beco\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\ProgramData\IOBIT\Driver Booster
Deleted       C:\Program Files\IOBIT\Driver Booster
Deleted       C:\Users\Beco\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\Users\Beco\AppData\Roaming\DRPSu
Deleted       C:\ProgramData\Tencent
Deleted       C:\Users\Beco\AppData\Local\Tencent
Deleted       C:\Users\Beco\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\IObit\RealTimeProtector
Deleted       HKLM\Software\IObit\Advanced SystemCare
Deleted       HKLM\Software\IOBIT\ASC
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\Software\IObit\Driver Booster
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B0A739B5-4232-4958-9C1D-486DC1047518}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{08CAA098-8E08-4DD6-AB80-2885F8050FD9}
Deleted       HKLM\Software\Classes\METNSD

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Линк към коментара
Сподели в други сайтове

Понеже бях намесен в темата искам да кажа, че аз давах само съвети как да изтегли и заобиколи забраните, а НЕ да се сканира с различни инструменти и не съм писал скриптове. Споменавам го, защото нямаме практика да помагаме по ЛИЧНИ СЪОБЩЕНИЯ.

И се оказах прав....невъзможността за изтеглянето на инструмента се е дължало точно на Windows Defender, както писах и на лично съобщение на потребителя:

ALABALA.exe е преименуваната от мен версия на FRST.exe, която качих на dox.bg и пратих на потребителя в опит да преодолеем забраните (в случай, че се окажеше Malware):
 

Цитат

 

Windows Defender:
===================================
Date: 2019-08-04 16:39:23.995
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:34.363
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

 

Докладвано е и на Farbar.

Линк към коментара
Сподели в други сайтове

Аз не съм казал нищо по различно освен че съм ви потърсил за помощ за изтеглянето на инструмента тъй като имах затруднения . Сканиранията сам съм правил без ваши препоръки

Линк към коментара
Сподели в други сайтове

преди 1 минута, v3cko написа:

Аз не съм казал нищо по различно освен че съм ви потърсил за помощ за изтеглянето на инструмента тъй като имах затруднения . Сканиранията сам съм правил без ваши препоръки

Добре де разбрахме....! Кажете ми последно за системата ...Кака работи ..?

Още веднъж:

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).
Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019
Ran by Beco (administrator) on BECO-PC (Hewlett-Packard HP EliteBook 6930p) (04-08-2019 19:42:13)
Running from C:\Users\Beco\Downloads
Loaded Profiles: Beco (Available Profiles: Beco)
Platform: Microsoft Windows 10 Pro Version 1903 18362.267 (X86) Language: Английски (Съединени щати)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] (Hewlett-Packard Company ->  Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HPMessageService] => C:\Program Files\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007EB50E-306C-4243-A051-E9CD96BD6478} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02368336-6FC1-4641-AC1C-AF3E2FBAFA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.)
Task: {09CD826E-432A-424E-9075-D474750087E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {0AC7D9DD-906E-4B7B-847E-273A28E54C7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CD5E731-3C97-48A0-89D3-4BE6DE9D3197} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.)
Task: {10F238F1-61B3-4FF4-B5F0-8DDC8322392A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {1B3EB7B5-BC28-4B91-AE3A-F9EED593562F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [137592 2019-06-12] (HP Inc. -> HP Inc.)
Task: {1ECBFDA8-5C75-484C-9609-D69F88A27FC2} - System32\Tasks\{C5F4DFD8-894D-40BF-9817-EDD70197CF73} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\LeagueOfAngels3-gtarcade-5c84c94d5b7d1.exe -d C:\Users\Beco\Downloads
Task: {2237D89C-8BA2-4D66-8621-5F8040BA7EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {23C30DE0-3363-4410-9EB8-2B31B3D0ECEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {25AB2260-9353-403C-90EC-CC7BD098D295} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2BDBC731-7714-481B-B2BC-27EC77EACFFB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {36942695-8A2A-42ED-A030-4B8E54984C38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {36FF84BD-F80B-4AC0-A3CD-CEA552F511CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B8B0FF6-5976-4CD4-868A-6EFD55AC20EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CC255DE-9A77-4339-B257-97BEED1F30CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D8A7ED4-7E07-4834-9592-460518EE157F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {43CBF981-9207-415B-A43F-EA808D674483} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5286E90C-81E4-4622-9F35-2E63C86A789E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files\PrivaZer\PrivaZer.exe [17307864 2019-07-31] (Goversoft LLC -> Goversoft LLC)
Task: {5CCA8EB2-1044-43C2-83EF-14AFD88A23FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6247CC29-3BAC-4EB6-AD0A-8D6CF73982B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6927372A-A3E3-4697-84F8-4492DE198CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70D1EB0E-4134-4D8A-B28B-71D12D891637} - System32\Tasks\{55AAC5B5-BEF5-4E5F-BF9A-95DAFA22D058} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\SharewareOnSale_Giveaway_IObit_Uninstaller_8_PRO_hub.exe -d C:\Users\Beco\Downloads
Task: {70D4EC4B-4DC4-4743-8A18-19650406D2DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {76A1CED5-E44E-41BC-88E4-53FFAC64AC3F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7DF081FE-AF3E-4B1F-A713-015169C165F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7E391591-2447-4B71-8C46-9F851D3C62B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8573BFA5-38FD-40AC-9800-8EC04403FFEC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {863D0715-8EC5-4308-B25B-A1A49453A5E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9E9DB093-650D-4AC1-AE74-EFF09DAA28AF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A00C8D46-8534-4496-96EE-C950CC0D41C6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A37D69BB-3628-4340-9743-AC2FA5585724} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B265CC37-CE62-4823-8496-5957A29C4EED} - System32\Tasks\HPCeeScheduleForBeco => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.)
Task: {B9FB55F4-5977-4236-9F75-7569B987B420} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB75632B-EC31-4185-A0E7-CE9618974674} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC00F4DF-2168-4200-B664-82D78875D451} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BE834CB4-A940-4395-A30D-42B461E75614} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C118C4DD-2CC4-42CB-BA9E-FA5E7EE07C24} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C8C95506-2926-45B9-B2BC-6D645180D789} - System32\Tasks\{B4FF3079-1C8A-4E12-8782-220F860F7F4E} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\EraOfCelestials-gtarcade-5c839784bff81.exe -d C:\Users\Beco\Downloads
Task: {CB047417-746E-40BA-902A-815AC8FA6C7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D3D93664-7AD4-4496-BF89-348597AE5BC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D83BAE58-18BB-4010-9F0E-054149DAE465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.)
Task: {D988B398-1B45-483C-AA40-86B6646D65A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {DB531726-7852-4C5C-8C8E-7E643191E42A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E0E8C45C-FE64-4087-8E0C-2193CDC81717} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7356B7D-5DD6-4890-B4AF-6B1E94A3EF8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Beco\Downloads\esetonlinescanner_enu.exe [7969304 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {EC15E52E-DA43-4DCC-A275-1158D0C511BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F153981F-F55F-4D98-B828-A6E1A197FAF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF8FD040-EFED-4F3F-B025-E7200A94FA01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{338C8A04-E5A4-41C0-A592-06F731151E59}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{50FBF5F3-CB8C-4AC9-A764-9C2251E7FE43}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c92b2e9a-dca7-4503-a7ab-bc7c831445cd}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f048b2a6-1866-46e6-b7f4-e6a65c07e85b}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001 -> hxxp://google.bg/

FireFox:
========
FF DefaultProfile: oytl87x0.default
FF ProfilePath: C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default [2019-07-16]
FF user.js: detected! => C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06]
FF Homepage: K-Meleon\oytl87x0.default -> google.bg
FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.bg/
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Презентации) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Документи) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Диск) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05]
CHR Extension: (YouTube) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05]
CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-02]
CHR Extension: (Таблици) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Документи офлайн) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-24]
CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-24]
CHR Extension: (Gmail) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-04]
CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\WINDOWS\system32\AEADISRV.EXE [90112 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation -> LSI Corporation)
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3735832 2019-08-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [304680 2018-05-22] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [1879960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [82984 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [37696 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 ADIHdAudAddService; C:\WINDOWS\system32\drivers\ADIHdAud.sys [381440 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.)
R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [1163328 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [199608 2019-02-20] (BayHub Technology Inc. -> BayHubTech/O2Micro )
R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [47504 2019-08-03] (IVT CORPORATION -> IVT Corporation.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-05-31] (Malwarebytes Corporation -> Malwarebytes)
R3 HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [15544 2010-02-25] (Hewlett-Packard Company -> Hewlett-Packard Company)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [27968 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [15872 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2019-01-06] (Martin Malik - REALiX -> REALiX(tm))
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\System32\DRIVERS\mbam.sys [63760 2019-01-11] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [83648 2019-01-12] (Malwarebytes Corporation -> Malwarebytes)
R1 MEmuDrv; C:\WINDOWS\System32\DRIVERS\MEmuDrv.sys [257512 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [18448 2019-08-03] (Microsoft Windows Hardware Compatibility Publisher -> NEC Personal Computers, Ltd.)
S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6755840 2010-01-13] (Intel Corporation) [File not signed]
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2019-01-06] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmptsk.sys [48128 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rismc32; C:\WINDOWS\system32\DRIVERS\rismc32.sys [49152 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-08-04] (Adlice -> )
S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [50224 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [269024 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39136 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 19:18 - 2019-08-04 19:19 - 000000000 ____D C:\AdwCleaner
2019-08-04 19:18 - 2019-08-04 19:18 - 007277776 _____ (Malwarebytes) C:\Users\Beco\Downloads\adwcleaner_7.1.1.exe
2019-08-04 18:54 - 2019-08-04 18:54 - 000000000 ____D C:\SecurityCheck
2019-08-04 18:53 - 2019-08-04 18:53 - 000528638 _____ (glax24 (safezone.cc)) C:\Users\Beco\Downloads\SecurityCheck.exe
2019-08-04 18:21 - 2019-08-04 18:21 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-08-04 18:16 - 2019-08-04 18:19 - 000007694 _____ C:\Users\Beco\Downloads\Fixlog.txt
2019-08-04 17:49 - 2019-08-04 17:49 - 000029543 _____ C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt
2019-08-04 17:07 - 2019-08-04 18:34 - 000025876 _____ C:\Users\Beco\Downloads\Addition.txt
2019-08-04 17:04 - 2019-08-04 19:43 - 000023644 _____ C:\Users\Beco\Downloads\FRST.txt
2019-08-04 17:02 - 2019-08-04 19:42 - 000000000 ____D C:\FRST
2019-08-04 17:01 - 2019-08-04 17:01 - 001447936 _____ (Farbar) C:\Users\Beco\Downloads\FRST.exe
2019-08-04 16:54 - 2019-08-04 16:54 - 000000299 _____ C:\Users\Beco\Documents\zemana.txt
2019-08-04 16:51 - 2019-08-04 18:11 - 001496275 _____ C:\WINDOWS\ZAM.krnl.trace
2019-08-04 16:51 - 2019-08-04 16:51 - 000000000 ____D C:\Users\Beco\AppData\Local\Zemana
2019-08-04 16:50 - 2019-08-04 18:11 - 000000000 ____D C:\Users\Beco\AppData\Local\AMSDK
2019-08-04 16:50 - 2019-08-04 16:50 - 012664512 _____ (Zemana Ltd. ) C:\Users\Beco\Downloads\AntiMalware_Setup.exe
2019-08-04 16:45 - 2019-08-04 16:45 - 000000078 _____ C:\Users\Beco\Downloads\137bdc50b1.json
2019-08-04 15:45 - 2019-08-04 15:45 - 000008066 _____ C:\Users\Beco\Documents\Rogue killer.txt
2019-08-04 15:19 - 2019-08-04 15:19 - 000024688 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2019-08-04 15:17 - 2019-08-04 15:17 - 030667800 _____ (Adlice Software ) C:\Users\Beco\Downloads\RogueKiller_setup.exe
2019-08-04 15:09 - 2019-08-04 15:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-04 13:11 - 2019-08-04 13:12 - 000001894 _____ C:\Users\Beco\Desktop\Rkill.txt
2019-08-04 13:10 - 2019-08-04 13:10 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Beco\Downloads\rkill-unsigned.exe
2019-08-04 12:29 - 2019-08-04 14:00 - 000000681 _____ C:\Users\Beco\Desktop\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000780 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-08-04 12:29 - 2019-08-04 12:29 - 000000000 ____D C:\Users\Beco\AppData\Local\ESET
2019-08-04 12:28 - 2019-08-04 12:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\Beco\Downloads\esetonlinescanner_enu.exe
2019-08-04 11:17 - 2019-08-04 15:19 - 001146190 _____ C:\WINDOWS\ntbtlog.txt
2019-08-04 09:57 - 2019-08-04 09:57 - 000002856 _____ C:\Users\Beco\Unigine_Heaven_Benchmark_4.0_20190804_0957.html
2019-08-04 09:49 - 2019-08-04 09:59 - 000000000 ____D C:\Users\Beco\Heaven
2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:25 - 2019-08-04 10:14 - 000002217 _____ C:\Users\Beco\Desktop\Plarium Play.lnk
2019-08-04 09:13 - 2019-08-04 09:13 - 001159992 _____ (Plarium) C:\Users\Beco\Downloads\PlariumPlaySetup (1).exe
2019-08-03 18:21 - 2019-08-03 18:21 - 000047504 _____ (IVT Corporation.) C:\WINDOWS\system32\Drivers\btcusb.sys
2019-08-03 18:21 - 2019-08-03 18:21 - 000018448 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys
2019-08-01 13:55 - 2019-05-31 06:13 - 000835688 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-08-01 13:55 - 2019-05-31 06:13 - 000179816 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-08-01 09:04 - 2019-08-01 09:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-01 08:59 - 2019-08-01 08:59 - 000000020 ___SH C:\Users\Beco\ntuser.ini
2019-08-01 08:57 - 2019-08-04 19:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-08-01 08:53 - 2019-08-04 19:27 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-01 08:40 - 2019-08-01 08:40 - 000000000 ____D C:\ProgramData\USOShared
2019-08-01 08:36 - 2019-08-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-01 08:36 - 2019-08-01 09:37 - 000264440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-01 08:03 - 2019-08-01 19:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-08-01 08:03 - 2019-08-01 08:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2019-08-01 08:02 - 2019-08-04 11:32 - 000000000 ____D C:\Users\Beco
2019-08-01 08:02 - 2019-03-19 05:41 - 000001105 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-01 08:01 - 2019-08-01 08:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-08-01 07:50 - 2019-08-01 07:50 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-01 07:50 - 2019-08-01 07:50 - 000650552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000075480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-01 07:50 - 2019-08-01 07:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-08-01 07:50 - 2019-08-01 07:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-08-01 07:50 - 2019-08-01 07:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002863104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-08-01 07:49 - 2019-08-01 07:49 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001219072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001102648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000995800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000916280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000826680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000733136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000625464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000566072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000522552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000478520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000446224 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000363832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000319376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000279864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000258056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000213776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-01 07:49 - 2019-08-01 07:49 - 000183096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000152888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000111416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000091960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-08-01 07:49 - 2019-08-01 07:49 - 000054792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-08-01 07:49 - 2019-08-01 07:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-08-01 07:49 - 2019-08-01 07:49 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-08-01 07:49 - 2019-08-01 07:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 007067448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002991104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002777600 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002712072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 002245432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002204472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 002074224 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001392968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-01 07:48 - 2019-08-01 07:48 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2019-08-01 07:48 - 2019-08-01 07:48 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000700912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000699304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000602640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000588088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000554720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000553144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000540680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000398648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000374800 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-01 07:48 - 2019-08-01 07:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000309048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000301880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000265744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000206136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000142856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000108048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000061448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000033592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL
2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-08-01 07:48 - 2019-08-01 07:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 004679168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 003042816 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001893888 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001537624 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-08-01 07:47 - 2019-08-01 07:47 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000091664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000090128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-01 07:47 - 2019-08-01 07:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-01 07:47 - 2019-08-01 07:47 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000028672 _____ C:\WINDOWS\system32\usocoreps.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-08-01 07:47 - 2019-08-01 07:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 002600960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 002066944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001881400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001331976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001097528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000889888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000690488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000564240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000550200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000425488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-08-01 07:46 - 2019-08-01 07:46 - 000414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000400232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000321848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000284176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000245544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000235536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000191288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000159544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000156472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000140304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000134424 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000096208 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000095184 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000047928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000045384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-08-01 07:46 - 2019-08-01 07:46 - 000023736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2019-08-01 07:46 - 2019-08-01 07:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-08-01 07:45 - 2019-08-01 07:45 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000244712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-08-01 07:45 - 2019-08-01 07:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2019-08-01 07:29 - 2019-08-01 07:29 - 000000000 ____D C:\WINDOWS\system32\bg
2019-08-01 07:23 - 2019-08-01 07:23 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\inetpub
2019-08-01 07:22 - 2019-08-01 07:22 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-08-01 07:22 - 2019-08-01 07:22 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\MSBuild
2019-08-01 07:20 - 2019-08-01 07:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-08-01 07:20 - 2019-08-01 07:20 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-08-01 07:15 - 2019-08-01 07:15 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-08-01 07:08 - 2019-08-01 07:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-08-01 04:44 - 2019-08-01 08:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-31 19:53 - 2019-07-31 19:53 - 025776848 _____ (Goversoft LLC) C:\Users\Beco\Downloads\PrivaZer_free (2).exe
2019-07-31 15:21 - 2019-07-31 15:23 - 000000000 ____D C:\Users\Beco\Documents\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c
2019-07-31 10:46 - 2019-07-31 10:46 - 000000000 ____D C:\ProgramData\Thunder Network
2019-07-31 10:45 - 2019-08-01 10:06 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi
2019-07-31 10:45 - 2019-07-31 10:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Xiaomi
2019-07-31 10:42 - 2019-08-04 11:02 - 000000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job
2019-07-31 10:18 - 2019-07-31 10:34 - 1390856692 _____ C:\Users\Beco\Downloads\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c.tgz
2019-07-29 11:31 - 2019-07-29 11:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-07-28 09:45 - 2019-07-28 09:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\AndroidTbox
2019-07-28 09:36 - 2019-07-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2019-07-28 09:35 - 2019-07-28 09:35 - 000000000 ____D C:\Temp
2019-07-21 16:47 - 2019-07-21 16:47 - 004196408 _____ C:\Users\Beco\Downloads\2019-07-10_16-29-20.861.bmp
2019-07-18 17:34 - 2019-07-31 19:53 - 000000000 ____D C:\Program Files\PrivaZer
2019-07-11 13:08 - 2019-07-11 13:22 - 000000775 _____ C:\Users\Beco\Documents\new tournament.txt
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.QtWebEngineProcess
2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.LINE
2019-07-07 11:09 - 2019-07-07 11:09 - 000000000 ____D C:\Users\Beco\AppData\Local\HP_Inc
2019-07-07 11:05 - 2019-08-01 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-07-07 11:05 - 2019-07-07 11:05 - 000002262 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Hewlett-Packard
2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Local\Hewlett-Packard
2019-07-07 10:44 - 2019-07-07 10:45 - 039926088 _____ (Hewlett Packard ) C:\Users\Beco\Downloads\sp54177.exe
2019-07-07 10:37 - 2019-07-07 11:04 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-07 10:37 - 2019-07-07 10:37 - 000000000 ____D C:\Users\Beco\AppData\Local\HP
2019-07-07 10:36 - 2019-07-07 10:36 - 003510048 _____ (Oleg N. Scherbakov) C:\Users\Beco\Downloads\HPSupportSolutionsFramework-12.11.24.11.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 19:36 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-04 19:27 - 2019-03-19 05:44 - 000000000 ____D C:\WINDOWS\INF
2019-08-04 19:20 - 2019-03-19 05:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-04 19:19 - 2019-01-06 19:32 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-08-04 19:19 - 2019-01-06 07:53 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\IObit
2019-08-04 19:19 - 2019-01-06 07:53 - 000000000 ____D C:\Program Files\IObit
2019-08-04 19:19 - 2019-01-06 07:52 - 000000000 ____D C:\Users\Beco\AppData\Roaming\IObit
2019-08-04 19:19 - 2019-01-06 07:52 - 000000000 ____D C:\ProgramData\IObit
2019-08-04 19:17 - 2019-04-13 13:26 - 000000000 ____D C:\Users\Beco\AppData\Local\Unity
2019-08-04 19:17 - 2019-01-06 10:16 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\Unity
2019-08-04 18:26 - 2019-01-06 07:56 - 000000000 ____D C:\ProgramData\ProductData
2019-08-04 18:17 - 2009-07-14 05:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-08-04 18:14 - 2019-01-06 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-04 16:43 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\System
2019-08-04 16:43 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-04 10:14 - 2019-04-13 12:35 - 000002131 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Plarium Play.lnk
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Plarium
2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Package Cache
2019-08-04 07:29 - 2019-03-19 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-03 23:50 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-02 04:34 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\appcompat
2019-08-01 19:35 - 2019-06-19 04:27 - 000000000 ____D C:\Program Files\UNP
2019-08-01 19:35 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2019-08-01 19:35 - 2019-04-03 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX H.264 decoder
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\spool
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\IME
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ServiceState
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\schemas
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\Registration
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-08-01 19:35 - 2019-03-19 05:43 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-01 19:35 - 2019-02-24 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-08-01 19:35 - 2019-01-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8K Player
2019-08-01 19:35 - 2019-01-06 07:51 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
2019-08-01 19:35 - 2019-01-05 21:52 - 000000000 ____D C:\Program Files\Intel
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-08-01 15:17 - 2019-04-19 19:53 - 000000000 ____D C:\Users\Beco\AppData\Local\Packages
2019-08-01 10:28 - 2019-02-24 13:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-01 10:28 - 2019-02-24 13:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-01 09:18 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 ___RD C:\Users\Beco\3D Objects
2019-08-01 08:59 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-01 08:58 - 2019-03-19 05:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-01 08:57 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-08-01 08:40 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins
2019-08-01 08:40 - 2019-01-05 22:05 - 000000000 ____D C:\Program Files\LSI SoftModem
2019-08-01 08:39 - 2019-01-05 22:00 - 000000000 ____D C:\WINDOWS\QLB
2019-08-01 08:32 - 2019-03-19 05:49 - 000000000 ____D C:\WINDOWS\Setup
2019-08-01 08:16 - 2019-03-19 05:46 - 000000000 __RHD C:\Users\Public\Libraries
2019-08-01 08:03 - 2019-04-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-08-01 08:03 - 2019-01-12 14:52 - 000000000 ____D C:\Program Files\Synaptics
2019-08-01 08:03 - 2019-01-06 07:59 - 000000000 ____D C:\Program Files\AuthenTec
2019-08-01 08:03 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Microsoft Games
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-01 07:29 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-01 07:29 - 2019-03-19 06:38 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\IME
2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\System
2019-08-01 07:29 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\servicing
2019-08-01 07:23 - 2019-03-19 06:39 - 000000000 ____D C:\WINDOWS\OCR
2019-08-01 07:23 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-01 04:23 - 2019-01-05 20:39 - 000000000 ____D C:\Users\Beco\AppData\Local\ElevatedDiagnostics
2019-07-31 20:16 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Local\PrivaZer
2019-07-31 20:01 - 2019-04-18 03:25 - 000000000 ____D C:\Users\Beco\AppData\Local\CrashDumps
2019-07-31 19:53 - 2019-06-02 18:07 - 000001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2019-07-31 19:53 - 2019-06-02 18:07 - 000001904 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2019-07-26 16:30 - 2019-04-19 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-11 12:23 - 2019-01-05 19:50 - 000000000 ____D C:\Users\Beco\AppData\Local\VirtualStore
2019-07-11 12:21 - 2019-04-19 20:32 - 000000000 ____D C:\ProgramData\Packages
2019-07-11 12:21 - 2019-04-19 20:02 - 000000000 ____D C:\Users\Beco\AppData\Local\PlaceholderTileLogoFolder
2019-07-11 05:03 - 2019-04-19 21:24 - 000000000 ___RD C:\Users\Beco\OneDrive
2019-07-10 19:32 - 2019-01-05 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 19:26 - 2019-01-05 21:56 - 133475400 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 12:28 - 2019-01-05 20:17 - 000606264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-07 11:05 - 2019-01-05 22:00 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-07-07 11:04 - 2019-05-04 17:11 - 000000000 ____D C:\Program Files\HP
2019-07-07 11:04 - 2019-04-19 19:43 - 000000000 ____D C:\Users\Beco\AppData\Roaming\hpqLog
2019-07-07 11:04 - 2019-01-05 22:00 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-07-07 10:45 - 2019-05-04 17:09 - 000000000 ____D C:\SWSetup

==================== Files in the root of some directories ================

2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ () C:\Users\Beco\AppData\Local\file__0.localstorage
2019-08-04 09:14 - 2019-08-04 10:14 - 000061590 _____ () C:\Users\Beco\AppData\Local\PlariumPlay.log
2019-01-05 22:44 - 2019-01-05 22:44 - 000000000 _____ () C:\Users\Beco\AppData\Local\QSwitch.txt
2019-01-26 19:23 - 2019-01-26 19:23 - 000007605 _____ () C:\Users\Beco\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019
Ran by Beco (04-08-2019 19:44:51)
Running from C:\Users\Beco\Downloads
Microsoft Windows 10 Pro Version 1903 18362.267 (X86) (2019-08-01 05:59:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2920239448-2505446405-2311763162-500 - Administrator - Disabled)
Beco (S-1-5-21-2920239448-2505446405-2311763162-1001 - Administrator - Enabled) => C:\Users\Beco
DefaultAccount (S-1-5-21-2920239448-2505446405-2311763162-503 - Limited - Disabled)
Guest (S-1-5-21-2920239448-2505446405-2311763162-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2920239448-2505446405-2311763162-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2920239448-2505446405-2311763162-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

8K Player version 4.4.0 (HKLM\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.4.0 - DimoSoft, Inc.)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
DivX H.264 decoder 8.2.0.26 (HKLM\...\divxh264_is1) (Version: 8.2.0.26 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{A2926515-9BCE-4785-AFAD-98233D52C3AE}) (Version: 12.11.27.1 - HP Inc.)
HP System Event Utility (HKLM\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.)
K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Plarium Play (HKLM\...\{12D4088C-8ED7-4218-B9FF-10E8FA3D7B57}) (Version: 3.1.0.0 - Plarium) Hidden
Plarium Play (HKLM\...\{FBD9CDDD-13B0-406B-BDFA-79703D34C153}) (Version: 3.1.0 - Plarium) Hidden
Plarium Play (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\{b06aff34-801f-46e9-9690-9d16b8f33092}) (Version: 3.1.0 - Plarium)
PrivaZer (HKLM\...\PrivaZer) (Version: 3.0.75.0 - Goversoft LLC)
QLBCASL (HKLM\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Skype, версия 8.45 (HKLM\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x86__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad]
Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x86__8wekyb3d8bbwe [2019-04-20] (Microsoft Corporation)
Поща и календар -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Деинсталирай Privazer.lnk -> C:\Program Files\PrivaZer\privazer_remover.exe (Goversoft LLC) <==== Cyrillic
Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\Control Panel\Desktop\\Wallpaper -> c:\users\beco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\diy.jpg
DNS Servers: 192.168.0.1
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: SafeDNS Agent => 2
HKLM\...\StartupApproved\Run: => "QlbCtrl.exe"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "SafeDNS Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{155B760F-5E54-482B-8365-6665EC03CC2C}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{44B11955-F926-4A9B-AA9D-6B5A18DAAF61}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{90A20652-3E5F-405C-B8E5-AF6D9A4EC0E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{612CBEB6-20A2-448D-99E9-FCB1F2B34F23}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF4C1CD7-FED9-470D-B329-7F50331D7D0B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{77363016-8846-4DB7-AD51-2B727580DA68}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [TCP Query User{45A74C76-06A8-4563-9550-548C167DE0D2}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed]
FirewallRules: [UDP Query User{340FE0D8-F433-4684-8EEE-555FA3D5CC3D}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [TCP Query User{353B7826-2A8F-493D-A1F1-2AC837AF0B3C}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File
FirewallRules: [UDP Query User{24C96F24-BD78-4B3B-8CC8-CCD439113A9E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F80ACAFA-F1DD-447C-8EF2-F8CFE0A3F99F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06598060-8173-4526-85B1-326A8EADE9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-08-2019 13:54:17 Windows Update
03-08-2019 18:20:34 Driver Booster : Microsoft ACPI-Compliant Control Method Battery

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2019 07:41:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 07:26:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3124,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/04/2019 07:00:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8184,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/04/2019 06:53:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга SynTPEnh Caller Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Andrea ADI Filters Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Услуга Message Queuing беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 120000 милисекунди ще бъде предприето следното коригиращо действие: Restart the service.

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга HP Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга HPWMISVC беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Услуга Agere Modem Call Progress Audio беше прекъсната неочаквано. Това се е случвало с нея 1 път(и).

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2019-08-04 16:39:23.995
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:34.363
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:35:16.939
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/459d5f08a7|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:34:50.615
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/3e4192f681|pid:2452,ProcessStart:132093992524073237
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 16:31:18.836
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0
Name: Trojan:Win32/Conteban.B!ml
ID: 2147735507
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/d814e79dee|pid:7088,ProcessStart:132093990433000700
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-04 15:19:12.432
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 15:09:07.516
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 12:37:18.611
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.299.1222.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode 

Date: 2019-08-04 12:27:12.471
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-08-04 11:52:30.958
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info =========================== 

BIOS: Hewlett-Packard 68PCU Ver. F.20 12/08/2011
Motherboard: Hewlett-Packard 30DB
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3000.26 MB
Available physical RAM: 1115.69 MB
Total Virtual: 5542.26 MB
Available Virtual: 3518.26 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:365.12 GB) (Free:312.39 GB) NTFS
Drive d: () (Fixed) (Total:100.1 GB) (Free:85.36 GB) NTFS

\\?\Volume{35691345-1108-11e9-812b-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{35691348-1108-11e9-812b-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0FD73A73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Определено всичко вече е наред и Chrome зарежда по-бързо

Линк към коментара
Сподели в други сайтове

преди 4 минути, v3cko написа:

Определено всичко вече е наред и Chrome зарежда по-бързо

Чудесно..!

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл  
fixlist.txt  и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

 

Линк към коментара
Сподели в други сайтове

Ако няма нещо друго да се ориентираме към финал..!

 

KpRm 
 
Изтеглете  KpRm от kernel-panik и го запишете на вашия работен плот. 

  • Щракнете с десния бутон върху kprm_ (версия) .exe и изберете Изпълни като администратор. 
  • Когато инструментът се отвори, уверете се, че всички квадратчета са отметнати и изберете Изпълни ( Run ).

111.PNG

 

  • След като приключите, щракнете върху OK. 
  • В Notepad ще се отвори журнал, озаглавен kprm- (date) .txt
  • Моля, копирайте и поставете съдържанието му в следващия си отговор.
Линк към коментара
Сподели в други сайтове

# Run at 4.8.2019 'г.' 20:29:45
# KpRm (Kernel-panik) version 1.7.3
# Website https://kernel-panik.me/tool/kprm/
# Run by Beco from C:\Users\Beco\Downloads
# Computer Name: BECO-PC
# OS: Windows 10 X86 (18362) 

- Create Registry Backup -

  [OK] Registry Backup: C:\KPRM\backup\2019-08-04-20-29

- Search Tools -


  ## AdwCleaner
     [OK] C:\Users\Beco\Downloads\adwcleaner_7.1.1.exe deleted (1)
     [OK] C:\AdwCleaner deleted (1)

  ## ESET Online Scanner
     [OK] HKLM\SOFTWARE\ESET\ESET Online Scanner deleted (1)

  ## FRST
     [OK] C:\Users\Beco\Downloads\Addition.txt deleted (1)
     [OK] C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt deleted (1)
     [OK] C:\Users\Beco\Downloads\Fixlog.txt deleted (1)
     [OK] C:\Users\Beco\Downloads\FRST.exe deleted (1)
     [OK] C:\Users\Beco\Downloads\FRST.txt deleted (1)
     [OK] C:\FRST deleted (1)

  ## SecurityCheck
     [OK] C:\Users\Beco\Downloads\SecurityCheck.exe deleted (1)

- Restore Default System Settings -

  [OK] Flush DNS
  [OK] Reset WinSock
  [OK] Hide Hidden file.
  [OK] Show Extensions for known file types
  [OK] Hide protected operating system files

- Restore UAC Default Value -

  [OK] Set ConsentPromptBehaviorAdmin with default (5) value
  [OK] Set ConsentPromptBehaviorUser with default (3) value
  [OK] Set EnableInstallerDetection with default (0) value
  [OK] Set EnableLUA with default (1) value
  [OK] Set EnableSecureUIAPaths with default (1) value
  [OK] Set EnableUIADesktopToggle with default (0) value
  [OK] Set EnableVirtualization with default (1) value
  [OK] Set FilterAdministratorToken with default (0) value
  [OK] Set PromptOnSecureDesktop with default (1) value
  [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear All System Restore Points -

    ~ [OK] RP named Windows Update created at 08/01/2019 10:54:17 deleted
    ~ [OK] RP named Driver Booster : Microsoft ACPI-Compliant Control Method Battery created at 08/03/2019 15:20:34 deleted

  [OK] All system restore points have been successfully deleted

- Create New System Restore Point -

  [OK] Enable System Restore
  [OK] System Restore Point created

- Display All System Restore Point -

    ~ RP named KpRm created at 08/04/2019 17:31:23 found
 

Линк към коментара
Сподели в други сайтове

Това е от мен..! Ако няма други проблеми , маркирам темата като "Решена" ..! Пожелавам приятна вечер и безопасен интернет..! :)

Линк към коментара
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.

 Сподели

×