gpkenny
2020-04-11, 15:53
Hi, my PC is infected with a number of PUPs and running slowly. Id appreciate your time to help with this.
Unfortunately, I'm unable to download the aswMBR logs as my computer went to a blue screen when I tried
Many Thanks
Gary
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-04-2020
Ran by Asus (administrator) on G751 (ASUSTeK COMPUTER INC. G751JT) (11-04-2020 13:40:20)
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Turnipsoft) C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.32.4.0_x64__ypmq2qh89vmny\Freda_W10.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238512 2020-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [uTorrent] => C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-08] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [] => [X]
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4622280 2020-03-12] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraVPN.lnk [2019-09-18]
ShortcutTarget: UltraVPN.lnk -> C:\Program Files (x86)\UltraVPN\UltraVPN.exe (No File)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1089DAE2-B70A-4520-ADC7-C72F52229C4F} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228368 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {197254E7-B3F6-4087-8103-A071C78A1B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2845934F-678F-497D-90EA-3F9F993EA8CD} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {3E942A1F-35C7-4B21-844D-CD33FA238456} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {58E91FF8-84E5-4BF1-BD70-51A6D659DF4F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {7E61B81C-F63D-4655-BDC1-EA2D6750D722} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92B5EA2A-A0AD-4055-9947-49C1431CF809} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe)
Task: {A0014F2C-8B12-4661-9506-B43AC7DBB876} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0DFC932-23F2-44A6-B74F-FE36C16AD22E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {AB1B57D0-C67C-4DED-9CA8-B52CA12BA003} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B7EB2BBD-1394-4BDC-9AE2-D5D457147949} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD895479-FB26-4567-9221-B79426525DF7} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {F5FEDB29-7A98-4A1F-8ACA-202B61DA57B4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ba438379-86f2-4ec3-b67b-89579a5ec09a}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-gb
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FireFox:
========
FF DefaultProfile: 6fqedbzr.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\6fqedbzr.default [2019-09-18]
FF Extension: (Avira Password Manager) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\6fqedbzr.default\Extensions\passwordmanager@avira.com [2019-09-17]
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\27m3taej.default-release-1581420443565 [2020-04-11]
FF Extension: (Grammarly for Firefox) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\27m3taej.default-release-1581420443565\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2020-02-11]
FF Extension: (AdBlock ? best ad blocker) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\27m3taej.default-release-1581420443565\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-04-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209856 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537144 2020-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485960 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485960 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573760 2020-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [631944 2020-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [382992 2020-03-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [242448 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [151248 2020-02-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529904 2019-01-17] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-09] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [236576 2020-04-03] (TEFINCOM S.A. -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel(R) Software -> Intel Corporation)
S3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [105384 2019-07-12] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208360 2020-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [196560 2020-04-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [107208 2014-01-17] (Genesys Logic,INC. -> GenesysLogic)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [123544 2019-07-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [239608 2019-01-17] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel(R) Software -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-02-28] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-09] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation - Intel? Management Engine Firmware -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3587232 2018-12-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-12] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PXGX112; C:\WINDOWS\system32\drivers\PXGX112.sys [23552 2011-07-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49152 2019-03-19] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel(R) Software -> Intel Corporation)
S3 cpuz136; \??\C:\Users\Asus\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-11 13:40 - 2020-04-11 13:40 - 000020196 _____ C:\Users\Asus\Downloads\FRST.txt
2020-04-11 13:39 - 2020-04-11 13:40 - 000000000 ____D C:\FRST
2020-04-11 13:39 - 2020-04-11 13:39 - 002281472 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2020-04-11 13:38 - 2020-04-11 13:38 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-G751-Windows-10-Home-(64-bit).dat
2020-04-11 13:38 - 2020-04-11 13:38 - 000000000 ____D C:\Users\Asus\Documents\tweaking.com_registry_backup_portable
2020-04-11 13:38 - 2020-04-11 13:38 - 000000000 ____D C:\RegBackup
2020-04-11 13:07 - 2020-04-11 13:07 - 000100058 _____ C:\Users\Asus\Downloads\Important letter to view_ Your Account is overlimit, action required.pdf
2020-04-09 22:38 - 2020-04-09 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-09 21:21 - 2020-04-10 15:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-09 15:22 - 2020-04-09 15:22 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-09 10:54 - 2020-04-11 08:43 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\uTorrent
2020-04-09 08:14 - 2020-04-09 08:14 - 000045205 _____ C:\Users\Asus\Downloads\Important_ Notice of Variation Withdrawal.pdf
2020-04-08 13:39 - 2020-04-08 13:47 - 000000000 ____D C:\Program Files (x86)\OSTotoSoft
2020-04-08 13:39 - 2020-04-08 13:39 - 000000000 ____D C:\ProgramData\PlugCache
2020-04-08 13:39 - 2020-04-08 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Talent
2020-04-08 13:33 - 2020-04-08 13:33 - 000023040 _____ C:\WINDOWS\system32\Drivers\JitDriver.sys
2020-04-08 13:33 - 2020-04-08 13:33 - 000000000 ____D C:\ProgramData\Driver Support
2020-04-08 13:32 - 2020-04-08 13:32 - 000255320 _____ (Asurvio, LP) C:\Users\Asus\Downloads\DSOne.exe
2020-04-08 12:57 - 2020-04-08 13:00 - 227287138 _____ C:\Users\Asus\Downloads\jimmy.kimmel.2020.04.07.ellen.degeneres.web.h264-trump[eztv].mkv
2020-04-08 12:56 - 2020-04-08 13:07 - 600996523 _____ C:\Users\Asus\Downloads\Jimmy.Fallon.2020.04.07.At.Home.Edition.Justin.Timberlake.WEB.x264-XLF[eztv.io].mkv
2020-04-08 12:56 - 2020-04-08 13:05 - 409855965 _____ C:\Users\Asus\Downloads\conan.2020.04.07.stephen.colbert.web.x264-xlf[eztv].mkv
2020-04-07 12:46 - 2020-04-07 12:46 - 008196784 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.4(1).exe
2020-04-07 09:09 - 2020-04-07 09:09 - 000397840 _____ C:\Users\Asus\Downloads\statement-2020-3-6(2).pdf
2020-04-06 08:20 - 2020-04-06 08:20 - 000397840 _____ C:\Users\Asus\Downloads\statement-2020-3-6.pdf
2020-04-06 08:20 - 2020-04-06 08:20 - 000397840 _____ C:\Users\Asus\Downloads\statement-2020-3-6(1).pdf
2020-04-05 10:52 - 2020-04-05 10:52 - 008196784 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.4.exe
2020-04-04 05:47 - 2020-04-04 05:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-04-04 05:47 - 2020-04-04 05:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-04-02 10:50 - 2020-04-02 10:50 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3(3).exe
2020-04-02 09:42 - 2019-09-17 22:29 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200402-094236.backup
2020-04-02 09:25 - 2020-04-02 09:25 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(13).exe
2020-03-30 11:07 - 2020-03-30 11:09 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3(2).exe
2020-03-30 10:11 - 2020-03-30 10:11 - 000000000 ____D C:\Users\Asus\AppData\Local\IsolatedStorage
2020-03-24 15:13 - 2020-03-24 15:14 - 022267336 _____ (Piriform Software Ltd) C:\Users\Asus\Downloads\ccsetup565.exe
2020-03-24 14:51 - 2020-03-24 14:51 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-03-24 14:48 - 2020-03-24 14:49 - 000000000 ____D C:\Users\Asus\AppData\Local\Blizzard Entertainment
2020-03-24 14:47 - 2020-03-24 14:47 - 004901872 _____ (Blizzard Entertainment) C:\Users\Asus\Downloads\World-of-Warcraft-Setup.exe
2020-03-24 14:47 - 2020-03-24 14:47 - 000000000 ____D C:\ProgramData\Battle.net
2020-03-24 14:00 - 2020-03-24 14:00 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(12).exe
2020-03-24 14:00 - 2020-03-24 14:00 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(11).exe
2020-03-22 12:27 - 2020-03-22 12:27 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(10).exe
2020-03-21 15:00 - 2020-04-04 05:48 - 000000000 ____D C:\Users\Asus\AppData\Local\NordVPN
2020-03-21 15:00 - 2020-03-21 15:00 - 014075160 _____ (NordVPN) C:\Users\Asus\Downloads\NordVPNSetup.exe
2020-03-21 15:00 - 2020-03-21 15:00 - 000000000 ____D C:\ProgramData\NordVPN
2020-03-21 15:00 - 2020-03-21 15:00 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-03-21 14:24 - 2020-03-21 14:24 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3(1).exe
2020-03-19 09:52 - 2020-03-19 09:52 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(9).exe
2020-03-14 10:49 - 2020-03-14 10:49 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-13 01:24 - 2020-03-13 01:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-12 01:40 - 2020-03-12 01:40 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 01:40 - 2020-03-12 01:40 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 01:39 - 2020-03-12 01:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 01:39 - 2020-03-12 01:39 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-12 01:39 - 2020-03-12 01:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-12 01:39 - 2020-03-12 01:39 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-12 01:39 - 2020-03-12 01:39 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-12 01:39 - 2020-03-12 01:39 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-12 01:39 - 2020-03-12 01:39 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-12 01:38 - 2020-03-12 01:39 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-12 01:33 - 2020-03-12 01:33 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-12 01:33 - 2020-03-12 01:33 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-11 13:40 - 2019-09-18 06:06 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
2020-04-11 13:36 - 2016-11-18 09:20 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2020-04-11 13:26 - 2019-09-18 10:23 - 000000000 ____D C:\Users\Asus\AppData\Roaming\vlc
2020-04-11 12:56 - 2019-09-17 22:30 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-11 12:56 - 2019-09-17 21:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-11 11:24 - 2019-09-17 22:29 - 000000000 ____D C:\WINDOWS\INF
2020-04-11 11:20 - 2019-09-18 06:06 - 000000897 _____ C:\Users\Asus\Desktop\?Torrent.lnk
2020-04-11 10:17 - 2019-09-18 06:06 - 000000000 ____D C:\Users\Asus\AppData\Local\BitTorrentHelper
2020-04-11 09:24 - 2019-09-17 22:04 - 000000000 ____D C:\Users\Asus\AppData\Local\PokerStars.UK
2020-04-11 08:50 - 2019-12-01 08:11 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-11 08:50 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-11 08:46 - 2019-09-17 21:48 - 000776296 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-11 08:42 - 2019-09-18 06:41 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-04-11 08:42 - 2019-09-17 21:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-11 08:42 - 2019-09-17 21:38 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-10 22:16 - 2019-09-17 22:30 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-10 22:16 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-10 15:56 - 2019-09-17 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-10 15:56 - 2019-09-17 21:40 - 000000000 ____D C:\Users\Asus
2020-04-09 22:38 - 2019-09-17 21:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-09 15:21 - 2019-09-17 22:26 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-08 13:33 - 2019-09-17 21:58 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-08 13:29 - 2019-09-17 22:00 - 000196560 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2020-04-07 12:42 - 2019-12-24 11:45 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashDumps
2020-04-07 04:03 - 2015-12-18 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-04-06 18:42 - 2020-01-29 19:42 - 000003550 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-04-02 11:02 - 2019-09-18 06:04 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-30 16:54 - 2019-09-17 22:00 - 000208360 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2020-03-28 10:15 - 2019-09-18 05:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-03-27 01:12 - 2019-09-17 22:26 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-25 17:29 - 2019-09-17 21:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-24 19:18 - 2019-09-29 13:05 - 000000000 ____D C:\Users\Asus\AppData\Local\D3DSCache
2020-03-23 22:19 - 2019-10-21 09:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-22 10:52 - 2019-09-17 21:49 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4202764557-1761152932-1492796901-1001
2020-03-22 10:52 - 2019-09-17 21:40 - 000002366 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 10:52 - 2015-03-06 15:34 - 000000000 ___RD C:\Users\Asus\OneDrive
2020-03-18 18:55 - 2019-11-04 15:39 - 000045056 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\phantomtap.sys
2020-03-13 08:37 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-13 08:37 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-12 02:31 - 2019-09-17 21:36 - 000258768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-12 02:31 - 2015-08-02 13:21 - 000000000 ___RD C:\Users\Asus\3D Objects
2020-03-12 02:31 - 2015-03-03 11:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-12 02:30 - 2019-09-17 22:26 - 000000000 ____D C:\WINDOWS\servicing
2020-03-12 00:02 - 2019-09-17 23:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-12 00:01 - 2019-09-17 23:59 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2020-02-27 13:15 - 2020-02-27 14:19 - 000000081 _____ () C:\Users\Asus\AppData\Local\.bidstack.fault
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2020
Ran by Asus (11-04-2020 13:41:12)
Running from C:\Users\Asus\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 20:46:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4202764557-1761152932-1492796901-500 - Administrator - Disabled)
Asus (S-1-5-21-4202764557-1761152932-1492796901-1001 - Administrator - Enabled) => C:\Users\Asus
DefaultAccount (S-1-5-21-4202764557-1761152932-1492796901-503 - Limited - Disabled)
Guest (S-1-5-21-4202764557-1761152932-1492796901-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4202764557-1761152932-1492796901-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4202764557-1761152932-1492796901-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
?Torrent (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Avira (HKLM-x32\...\{59215620-90F4-474B-AB7F-C6FD9CE4CC71}) (Version: 1.2.144.30330 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{7ff7e40a-a321-45a2-a6d4-2ab2ae8ce908}) (Version: 1.2.144.30330 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2004.1828 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.32.2.34115 - Avira Operations GmbH & Co. KG)
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.2.0.1945 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.26.9000 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{B1F4C85F-D3BD-4672-934B-1E10AEB5E50F}) (Version: 2.0.6.27476 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Free Stopwatch (HKLM-x32\...\{A1FAC1AF-5615-47FE-B5C8-5E981EC8522B}_is1) (Version: 4.0.0.0 - Comfort Software Group)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 en-GB) (HKLM\...\Mozilla Firefox 75.0 (x64 en-GB)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NordVPN (HKLM-x32\...\{61912B8D-78D2-4C3A-B566-F72B189F9E30}) (Version: 6.28.13 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.28.13) (Version: 6.28.13 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Packages:
=========
BT Sport -> C:\Program Files\WindowsApps\BRITISHTELECOMMUNICATIONS.232108916781E_1.8.0.0_x64__p4cqfe0ssz2sj [2019-09-19] (BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.32.4.0_x64__ypmq2qh89vmny [2020-03-13] (Turnipsoft) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-13 01:16 - 2020-03-13 01:16 - 052530176 _____ () [File not signed] C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.32.4.0_x64__ypmq2qh89vmny\Freda_W10.dll
2020-03-27 20:39 - 2020-03-27 20:39 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\522aeaee8c19c7104b15b25bc1271e82\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7941 more sites.
IE trusted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123simsen.com -> www.123simsen.com
There are 7941 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-09-17 22:30 - 2019-09-17 22:29 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{675D2D74-1FD6-4C0A-9865-A2676697843B}C:\users\asus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{645DD9C1-9179-48B9-B601-18BD04E36D2C}C:\users\asus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E643E92B-837A-4814-8E54-CAE02B67E22F}] => (Block) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6CAD3FB3-5A77-402E-B98B-03369523643C}] => (Block) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C36CAE76-8BBE-45B3-A6F2-CBFA35561332}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A2C4F438-CDE6-40BF-9568-8AFED5D3EE6F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EA8BB482-C4DE-44FA-97F9-EF82C522D5B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8A4B912B-A418-4019-A11E-D0A16001E10B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{80FA5F7C-8769-437C-9062-9FD079499F19}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{92991828-6328-4C79-978B-C6139DA0BEF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8B15BA60-2EB1-4406-BF11-E6EAAD92BC2F}] => (Allow) C:\Program Files (x86)\UltraVPN\ovpn\openvpn.exe No File
FirewallRules: [{60B42C04-0536-43E8-8A6D-8B5BE2767277}] => (Allow) C:\Program Files (x86)\UltraVPN\ovpn\openvpn.exe No File
FirewallRules: [{C87EB44B-27F6-4777-84BA-85967F1A06A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2016 Test App\fm.exe No File
FirewallRules: [{ABF94669-5352-4943-92AA-3C4C920EE58C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2016 Test App\fm.exe No File
FirewallRules: [{95F0BF5D-2732-45D6-809D-9848B040CC44}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F6F72518-628C-47E8-9C06-491901587ABB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{14E935A3-9489-4A6B-A14B-D809DD6F72EE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.35 GB) (Free:69.5 GB) (59%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/11/2020 01:33:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12892,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 01:03:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13900,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 12:30:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 12:05:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4976,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 11:31:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10792,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 11:19:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4952,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 11:10:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3164,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 10:53:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8384,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (04/11/2020 12:21:25 PM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 11:24:57 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 10:45:49 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 10:33:38 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 10:05:43 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 09:58:32 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 08:50:29 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 08:42:07 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xffffa48395947060, 0xffff8108d783ec00, 0xffffa483a8e924b0). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: b0cc4eea-0c78-4fd9-9469-067d321a1a5b.
Windows Defender:
===================================
Date: 2020-04-07 13:27:10.577
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E6BDD135-D258-465D-BBCA-70B556E5A1C0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-24 14:24:15.304
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {84CE9CF3-DD26-4072-914A-089CF086485C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-22 12:40:37.631
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AEEE89F6-F55E-4F20-B30C-8A63AA485CF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-21 09:25:48.556
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {67A26EF6-0AE0-461F-B48B-BFA398F5ED06}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-16 18:40:29.404
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D2BAA11D-2305-4044-B093-7E172DF67978}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-04-11 08:42:04.363
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-11 08:42:04.316
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-10 15:56:50.516
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-10 15:56:50.459
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-09 15:22:08.088
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-09 15:22:08.013
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-08 16:07:19.316
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-08 16:07:19.263
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. G751JT.202 09/10/2014
Motherboard: ASUSTeK COMPUTER INC. G751JT
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 16333.1 MB
Available physical RAM: 11161.97 MB
Total Virtual: 18765.1 MB
Available Virtual: 13046.66 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:117.35 GB) (Free:69.5 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data1) (Fixed) (Total:455.75 GB) (Free:397.36 GB) NTFS
Drive e: (Data2) (Fixed) (Total:455.75 GB) (Free:454.93 GB) NTFS
\\?\Volume{4c59311a-d340-4fea-92c8-bd15b1ad0d8d}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.51 GB) NTFS
\\?\Volume{509ef456-8956-4f61-9b0d-10629df599b9}\ () (Fixed) (Total:0.79 GB) (Free:0.19 GB) NTFS
\\?\Volume{1c27a6c4-000e-4499-bf2a-9e4de4645b20}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.89 GB) NTFS
\\?\Volume{b2f9285a-58e9-44be-b928-0ae4bfa60c51}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 8FFEFB6B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 82EB289F)
Partition: GPT.
==================== End of Addition.txt =======================
Unfortunately, I'm unable to download the aswMBR logs as my computer went to a blue screen when I tried
Many Thanks
Gary
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-04-2020
Ran by Asus (administrator) on G751 (ASUSTeK COMPUTER INC. G751JT) (11-04-2020 13:40:20)
Running from C:\Users\Asus\Downloads
Loaded Profiles: Asus (Available Profiles: Asus)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\protectedservice.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\updates\3.5.5_45628\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Turnipsoft) C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.32.4.0_x64__ypmq2qh89vmny\Freda_W10.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238512 2020-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [uTorrent] => C:\Users\Asus\AppData\Roaming\uTorrent\uTorrent.exe [2072816 2020-04-08] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Run: [] => [X]
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4622280 2020-03-12] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraVPN.lnk [2019-09-18]
ShortcutTarget: UltraVPN.lnk -> C:\Program Files (x86)\UltraVPN\UltraVPN.exe (No File)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1089DAE2-B70A-4520-ADC7-C72F52229C4F} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228368 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {197254E7-B3F6-4087-8103-A071C78A1B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2845934F-678F-497D-90EA-3F9F993EA8CD} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27848432 2020-01-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {3E942A1F-35C7-4B21-844D-CD33FA238456} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {58E91FF8-84E5-4BF1-BD70-51A6D659DF4F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {7E61B81C-F63D-4655-BDC1-EA2D6750D722} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92B5EA2A-A0AD-4055-9947-49C1431CF809} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe)
Task: {A0014F2C-8B12-4661-9506-B43AC7DBB876} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0DFC932-23F2-44A6-B74F-FE36C16AD22E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {AB1B57D0-C67C-4DED-9CA8-B52CA12BA003} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759304 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B7EB2BBD-1394-4BDC-9AE2-D5D457147949} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD895479-FB26-4567-9221-B79426525DF7} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {F5FEDB29-7A98-4A1F-8ACA-202B61DA57B4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ba438379-86f2-4ec3-b67b-89579a5ec09a}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-gb
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FireFox:
========
FF DefaultProfile: 6fqedbzr.default
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\6fqedbzr.default [2019-09-18]
FF Extension: (Avira Password Manager) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\6fqedbzr.default\Extensions\passwordmanager@avira.com [2019-09-17]
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\27m3taej.default-release-1581420443565 [2020-04-11]
FF Extension: (Grammarly for Firefox) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\27m3taej.default-release-1581420443565\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2020-02-11]
FF Extension: (AdBlock ? best ad blocker) - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\27m3taej.default-release-1581420443565\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-04-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> )
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1209856 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537144 2020-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485960 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485960 2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573760 2020-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [631944 2020-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [382992 2020-03-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [242448 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [151248 2020-02-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529904 2019-01-17] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-09] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [236576 2020-04-03] (TEFINCOM S.A. -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel(R) Software -> Intel Corporation)
S3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [105384 2019-07-12] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208360 2020-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [196560 2020-04-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [107208 2014-01-17] (Genesys Logic,INC. -> GenesysLogic)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [123544 2019-07-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [239608 2019-01-17] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2014-08-04] (Intel(R) Software -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-02-28] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-09] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation - Intel? Management Engine Firmware -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3587232 2018-12-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-12] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 PXGX112; C:\WINDOWS\system32\drivers\PXGX112.sys [23552 2011-07-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek Semiconductor Corp -> Realtek )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49152 2019-03-19] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel(R) Software -> Intel Corporation)
S3 cpuz136; \??\C:\Users\Asus\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-11 13:40 - 2020-04-11 13:40 - 000020196 _____ C:\Users\Asus\Downloads\FRST.txt
2020-04-11 13:39 - 2020-04-11 13:40 - 000000000 ____D C:\FRST
2020-04-11 13:39 - 2020-04-11 13:39 - 002281472 _____ (Farbar) C:\Users\Asus\Downloads\FRST64.exe
2020-04-11 13:38 - 2020-04-11 13:38 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-G751-Windows-10-Home-(64-bit).dat
2020-04-11 13:38 - 2020-04-11 13:38 - 000000000 ____D C:\Users\Asus\Documents\tweaking.com_registry_backup_portable
2020-04-11 13:38 - 2020-04-11 13:38 - 000000000 ____D C:\RegBackup
2020-04-11 13:07 - 2020-04-11 13:07 - 000100058 _____ C:\Users\Asus\Downloads\Important letter to view_ Your Account is overlimit, action required.pdf
2020-04-09 22:38 - 2020-04-09 22:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-09 21:21 - 2020-04-10 15:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-09 15:22 - 2020-04-09 15:22 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-09 10:54 - 2020-04-11 08:43 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\uTorrent
2020-04-09 08:14 - 2020-04-09 08:14 - 000045205 _____ C:\Users\Asus\Downloads\Important_ Notice of Variation Withdrawal.pdf
2020-04-08 13:39 - 2020-04-08 13:47 - 000000000 ____D C:\Program Files (x86)\OSTotoSoft
2020-04-08 13:39 - 2020-04-08 13:39 - 000000000 ____D C:\ProgramData\PlugCache
2020-04-08 13:39 - 2020-04-08 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Talent
2020-04-08 13:33 - 2020-04-08 13:33 - 000023040 _____ C:\WINDOWS\system32\Drivers\JitDriver.sys
2020-04-08 13:33 - 2020-04-08 13:33 - 000000000 ____D C:\ProgramData\Driver Support
2020-04-08 13:32 - 2020-04-08 13:32 - 000255320 _____ (Asurvio, LP) C:\Users\Asus\Downloads\DSOne.exe
2020-04-08 12:57 - 2020-04-08 13:00 - 227287138 _____ C:\Users\Asus\Downloads\jimmy.kimmel.2020.04.07.ellen.degeneres.web.h264-trump[eztv].mkv
2020-04-08 12:56 - 2020-04-08 13:07 - 600996523 _____ C:\Users\Asus\Downloads\Jimmy.Fallon.2020.04.07.At.Home.Edition.Justin.Timberlake.WEB.x264-XLF[eztv.io].mkv
2020-04-08 12:56 - 2020-04-08 13:05 - 409855965 _____ C:\Users\Asus\Downloads\conan.2020.04.07.stephen.colbert.web.x264-xlf[eztv].mkv
2020-04-07 12:46 - 2020-04-07 12:46 - 008196784 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.4(1).exe
2020-04-07 09:09 - 2020-04-07 09:09 - 000397840 _____ C:\Users\Asus\Downloads\statement-2020-3-6(2).pdf
2020-04-06 08:20 - 2020-04-06 08:20 - 000397840 _____ C:\Users\Asus\Downloads\statement-2020-3-6.pdf
2020-04-06 08:20 - 2020-04-06 08:20 - 000397840 _____ C:\Users\Asus\Downloads\statement-2020-3-6(1).pdf
2020-04-05 10:52 - 2020-04-05 10:52 - 008196784 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.4.exe
2020-04-04 05:47 - 2020-04-04 05:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-04-04 05:47 - 2020-04-04 05:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-04-02 10:50 - 2020-04-02 10:50 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3(3).exe
2020-04-02 09:42 - 2019-09-17 22:29 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200402-094236.backup
2020-04-02 09:25 - 2020-04-02 09:25 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(13).exe
2020-03-30 11:07 - 2020-03-30 11:09 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3(2).exe
2020-03-30 10:11 - 2020-03-30 10:11 - 000000000 ____D C:\Users\Asus\AppData\Local\IsolatedStorage
2020-03-24 15:13 - 2020-03-24 15:14 - 022267336 _____ (Piriform Software Ltd) C:\Users\Asus\Downloads\ccsetup565.exe
2020-03-24 14:51 - 2020-03-24 14:51 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-03-24 14:48 - 2020-03-24 14:49 - 000000000 ____D C:\Users\Asus\AppData\Local\Blizzard Entertainment
2020-03-24 14:47 - 2020-03-24 14:47 - 004901872 _____ (Blizzard Entertainment) C:\Users\Asus\Downloads\World-of-Warcraft-Setup.exe
2020-03-24 14:47 - 2020-03-24 14:47 - 000000000 ____D C:\ProgramData\Battle.net
2020-03-24 14:00 - 2020-03-24 14:00 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(12).exe
2020-03-24 14:00 - 2020-03-24 14:00 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(11).exe
2020-03-22 12:27 - 2020-03-22 12:27 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(10).exe
2020-03-21 15:00 - 2020-04-04 05:48 - 000000000 ____D C:\Users\Asus\AppData\Local\NordVPN
2020-03-21 15:00 - 2020-03-21 15:00 - 014075160 _____ (NordVPN) C:\Users\Asus\Downloads\NordVPNSetup.exe
2020-03-21 15:00 - 2020-03-21 15:00 - 000000000 ____D C:\ProgramData\NordVPN
2020-03-21 15:00 - 2020-03-21 15:00 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-03-21 14:24 - 2020-03-21 14:24 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3(1).exe
2020-03-19 09:52 - 2020-03-19 09:52 - 001573568 _____ C:\Users\Asus\Downloads\SteamSetup(9).exe
2020-03-14 10:49 - 2020-03-14 10:49 - 008199856 _____ (Malwarebytes) C:\Users\Asus\Downloads\adwcleaner_8.0.3.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-13 01:24 - 2020-03-13 01:24 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-13 01:24 - 2020-03-13 01:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-13 01:24 - 2020-03-13 01:24 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-12 01:40 - 2020-03-12 01:40 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-12 01:40 - 2020-03-12 01:40 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-12 01:39 - 2020-03-12 01:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-12 01:39 - 2020-03-12 01:39 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-12 01:39 - 2020-03-12 01:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-12 01:39 - 2020-03-12 01:39 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-12 01:39 - 2020-03-12 01:39 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-12 01:39 - 2020-03-12 01:39 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-12 01:39 - 2020-03-12 01:39 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-12 01:39 - 2020-03-12 01:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-12 01:39 - 2020-03-12 01:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-12 01:39 - 2020-03-12 01:39 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-12 01:39 - 2020-03-12 01:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-12 01:38 - 2020-03-12 01:39 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-12 01:38 - 2020-03-12 01:38 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-12 01:33 - 2020-03-12 01:33 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-12 01:33 - 2020-03-12 01:33 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-11 13:40 - 2019-09-18 06:06 - 000000000 ____D C:\Users\Asus\AppData\Roaming\uTorrent
2020-04-11 13:36 - 2016-11-18 09:20 - 000000000 ____D C:\Users\Asus\AppData\LocalLow\Mozilla
2020-04-11 13:26 - 2019-09-18 10:23 - 000000000 ____D C:\Users\Asus\AppData\Roaming\vlc
2020-04-11 12:56 - 2019-09-17 22:30 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-11 12:56 - 2019-09-17 21:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-11 11:24 - 2019-09-17 22:29 - 000000000 ____D C:\WINDOWS\INF
2020-04-11 11:20 - 2019-09-18 06:06 - 000000897 _____ C:\Users\Asus\Desktop\?Torrent.lnk
2020-04-11 10:17 - 2019-09-18 06:06 - 000000000 ____D C:\Users\Asus\AppData\Local\BitTorrentHelper
2020-04-11 09:24 - 2019-09-17 22:04 - 000000000 ____D C:\Users\Asus\AppData\Local\PokerStars.UK
2020-04-11 08:50 - 2019-12-01 08:11 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-11 08:50 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-11 08:46 - 2019-09-17 21:48 - 000776296 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-11 08:42 - 2019-09-18 06:41 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-04-11 08:42 - 2019-09-17 21:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-11 08:42 - 2019-09-17 21:38 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-10 22:16 - 2019-09-17 22:30 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-10 22:16 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-10 15:56 - 2019-09-17 21:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-10 15:56 - 2019-09-17 21:40 - 000000000 ____D C:\Users\Asus
2020-04-09 22:38 - 2019-09-17 21:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-09 15:21 - 2019-09-17 22:26 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-08 13:33 - 2019-09-17 21:58 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-08 13:29 - 2019-09-17 22:00 - 000196560 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2020-04-07 12:42 - 2019-12-24 11:45 - 000000000 ____D C:\Users\Asus\AppData\Local\CrashDumps
2020-04-07 04:03 - 2015-12-18 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-04-06 18:42 - 2020-01-29 19:42 - 000003550 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-04-02 11:02 - 2019-09-18 06:04 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-30 16:54 - 2019-09-17 22:00 - 000208360 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2020-03-28 10:15 - 2019-09-18 05:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-03-27 01:12 - 2019-09-17 22:26 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-25 17:29 - 2019-09-17 21:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-24 19:18 - 2019-09-29 13:05 - 000000000 ____D C:\Users\Asus\AppData\Local\D3DSCache
2020-03-23 22:19 - 2019-10-21 09:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-22 10:52 - 2019-09-17 21:49 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4202764557-1761152932-1492796901-1001
2020-03-22 10:52 - 2019-09-17 21:40 - 000002366 _____ C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 10:52 - 2015-03-06 15:34 - 000000000 ___RD C:\Users\Asus\OneDrive
2020-03-18 18:55 - 2019-11-04 15:39 - 000045056 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\phantomtap.sys
2020-03-13 08:37 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-13 08:37 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-12 02:31 - 2019-09-17 21:36 - 000258768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-12 02:31 - 2015-08-02 13:21 - 000000000 ___RD C:\Users\Asus\3D Objects
2020-03-12 02:31 - 2015-03-03 11:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-12 02:30 - 2019-09-17 22:30 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-12 02:30 - 2019-09-17 22:26 - 000000000 ____D C:\WINDOWS\servicing
2020-03-12 00:02 - 2019-09-17 23:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-12 00:01 - 2019-09-17 23:59 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2020-02-27 13:15 - 2020-02-27 14:19 - 000000081 _____ () C:\Users\Asus\AppData\Local\.bidstack.fault
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2020
Ran by Asus (11-04-2020 13:41:12)
Running from C:\Users\Asus\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 20:46:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4202764557-1761152932-1492796901-500 - Administrator - Disabled)
Asus (S-1-5-21-4202764557-1761152932-1492796901-1001 - Administrator - Enabled) => C:\Users\Asus
DefaultAccount (S-1-5-21-4202764557-1761152932-1492796901-503 - Limited - Disabled)
Guest (S-1-5-21-4202764557-1761152932-1492796901-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4202764557-1761152932-1492796901-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4202764557-1761152932-1492796901-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
?Torrent (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Avira (HKLM-x32\...\{59215620-90F4-474B-AB7F-C6FD9CE4CC71}) (Version: 1.2.144.30330 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{7ff7e40a-a321-45a2-a6d4-2ab2ae8ce908}) (Version: 1.2.144.30330 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2004.1828 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.32.2.34115 - Avira Operations GmbH & Co. KG)
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.2.0.1945 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.26.9000 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{B1F4C85F-D3BD-4672-934B-1E10AEB5E50F}) (Version: 2.0.6.27476 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.1.10871 - Avira Operations GmbH & Co. KG)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Free Stopwatch (HKLM-x32\...\{A1FAC1AF-5615-47FE-B5C8-5E981EC8522B}_is1) (Version: 4.0.0.0 - Comfort Software Group)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 en-GB) (HKLM\...\Mozilla Firefox 75.0 (x64 en-GB)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
NordVPN (HKLM-x32\...\{61912B8D-78D2-4C3A-B566-F72B189F9E30}) (Version: 6.28.13 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.28.13) (Version: 6.28.13 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Packages:
=========
BT Sport -> C:\Program Files\WindowsApps\BRITISHTELECOMMUNICATIONS.232108916781E_1.8.0.0_x64__p4cqfe0ssz2sj [2019-09-19] (BRITISH TELECOMMUNICATIONS PUBLIC LIMITED COMPANY)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.32.4.0_x64__ypmq2qh89vmny [2020-03-13] (Turnipsoft) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-18] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-04-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-03-13 01:16 - 2020-03-13 01:16 - 052530176 _____ () [File not signed] C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.32.4.0_x64__ypmq2qh89vmny\Freda_W10.dll
2020-03-27 20:39 - 2020-03-27 20:39 - 000913920 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\522aeaee8c19c7104b15b25bc1271e82\ServiceStack.Text.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7941 more sites.
IE trusted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\123simsen.com -> www.123simsen.com
There are 7941 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-09-17 22:30 - 2019-09-17 22:29 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-4202764557-1761152932-1492796901-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{675D2D74-1FD6-4C0A-9865-A2676697843B}C:\users\asus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{645DD9C1-9179-48B9-B601-18BD04E36D2C}C:\users\asus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E643E92B-837A-4814-8E54-CAE02B67E22F}] => (Block) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6CAD3FB3-5A77-402E-B98B-03369523643C}] => (Block) C:\users\asus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C36CAE76-8BBE-45B3-A6F2-CBFA35561332}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A2C4F438-CDE6-40BF-9568-8AFED5D3EE6F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EA8BB482-C4DE-44FA-97F9-EF82C522D5B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8A4B912B-A418-4019-A11E-D0A16001E10B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{80FA5F7C-8769-437C-9062-9FD079499F19}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{92991828-6328-4C79-978B-C6139DA0BEF3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{8B15BA60-2EB1-4406-BF11-E6EAAD92BC2F}] => (Allow) C:\Program Files (x86)\UltraVPN\ovpn\openvpn.exe No File
FirewallRules: [{60B42C04-0536-43E8-8A6D-8B5BE2767277}] => (Allow) C:\Program Files (x86)\UltraVPN\ovpn\openvpn.exe No File
FirewallRules: [{C87EB44B-27F6-4777-84BA-85967F1A06A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2016 Test App\fm.exe No File
FirewallRules: [{ABF94669-5352-4943-92AA-3C4C920EE58C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2016 Test App\fm.exe No File
FirewallRules: [{95F0BF5D-2732-45D6-809D-9848B040CC44}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{F6F72518-628C-47E8-9C06-491901587ABB}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{14E935A3-9489-4A6B-A14B-D809DD6F72EE}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:117.35 GB) (Free:69.5 GB) (59%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/11/2020 01:33:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12892,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 01:03:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13900,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 12:30:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7472,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 12:05:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4976,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 11:31:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10792,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 11:19:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4952,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 11:10:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3164,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/11/2020 10:53:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8384,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (04/11/2020 12:21:25 PM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 11:24:57 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 10:45:49 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 10:33:38 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 10:05:43 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 09:58:32 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 08:50:29 AM) (Source: DCOM) (EventID: 10000) (User: G751)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/11/2020 08:42:07 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xffffa48395947060, 0xffff8108d783ec00, 0xffffa483a8e924b0). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: b0cc4eea-0c78-4fd9-9469-067d321a1a5b.
Windows Defender:
===================================
Date: 2020-04-07 13:27:10.577
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E6BDD135-D258-465D-BBCA-70B556E5A1C0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-24 14:24:15.304
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {84CE9CF3-DD26-4072-914A-089CF086485C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-22 12:40:37.631
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AEEE89F6-F55E-4F20-B30C-8A63AA485CF0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-21 09:25:48.556
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {67A26EF6-0AE0-461F-B48B-BFA398F5ED06}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-16 18:40:29.404
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D2BAA11D-2305-4044-B093-7E172DF67978}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-04-11 08:42:04.363
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-11 08:42:04.316
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-10 15:56:50.516
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-10 15:56:50.459
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-09 15:22:08.088
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-09 15:22:08.013
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-08 16:07:19.316
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-04-08 16:07:19.263
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\avirasecuritycenteragent.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. G751JT.202 09/10/2014
Motherboard: ASUSTeK COMPUTER INC. G751JT
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 16333.1 MB
Available physical RAM: 11161.97 MB
Total Virtual: 18765.1 MB
Available Virtual: 13046.66 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:117.35 GB) (Free:69.5 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data1) (Fixed) (Total:455.75 GB) (Free:397.36 GB) NTFS
Drive e: (Data2) (Fixed) (Total:455.75 GB) (Free:454.93 GB) NTFS
\\?\Volume{4c59311a-d340-4fea-92c8-bd15b1ad0d8d}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.51 GB) NTFS
\\?\Volume{509ef456-8956-4f61-9b0d-10629df599b9}\ () (Fixed) (Total:0.79 GB) (Free:0.19 GB) NTFS
\\?\Volume{1c27a6c4-000e-4499-bf2a-9e4de4645b20}\ (Restore) (Fixed) (Total:20.01 GB) (Free:9.89 GB) NTFS
\\?\Volume{b2f9285a-58e9-44be-b928-0ae4bfa60c51}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 8FFEFB6B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 82EB289F)
Partition: GPT.
==================== End of Addition.txt =======================