Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019
Ran by homeuser (administrator) on SIMPC (Gigabyte Technology Co., Ltd. G1.Guerrilla) (12-10-2019 17:13:23)
Running from C:\Users\homeuser\Desktop\FRST
Loaded Profiles: homeuser (Available Profiles: homeuser)
Platform: Windows 10 Pro Version 1903 18362.418 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Clipdiary\Clipdiary.exe
() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
() [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
() [File not signed] C:\TCPU71\Programm\ClockTC\ClockTC.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(AnchorFree Inc -> AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(AnchorFree Inc -> AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\x64\hydra.exe
(AnchorFree Inc.) [File not signed] C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessGovernor.exe
(Bitsum LLC -> Bitsum LLC) [File not signed] C:\Program Files\Process Lasso\ProcessLasso.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Discord Inc. -> Discord Inc.) C:\Users\homeuser\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\homeuser\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\homeuser\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\homeuser\AppData\Local\Discord\app-0.0.305\Discord.exe
(FxSound, LLC -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(FxSound, LLC -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Ghisler Software GmbH) [File not signed] C:\TCPU71\TOTALCMD.EXE
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel Pro\HDSentinel.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\cda.exe
(Jeppesen Sanderson, Inc -> ) C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.411_none_5f53d2d858cf8961\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\homeuser\AppData\Local\Viber\Viber.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2019-09-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5035416 2019-09-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2019-09-23] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2019-10-10] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1780728 2019-07-26] (FxSound, LLC -> ) [File not signed]
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [117680 2019-09-16] (VMware, Inc. -> VMware, Inc.)
HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1592440 2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\Run: [Discord] => C:\Users\homeuser\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\Run: [Clipdiary] => C:\Program Files (x86)\Clipdiary\clipdiary.exe [6735360 2019-05-06] () [File not signed]
HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\Run: [Viber] => C:\Users\homeuser\AppData\Local\Viber\Viber.exe [41029704 2019-09-25] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [15906544 2019-09-27] (A FOUR TECH CO., LTD. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-10-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Killer Network Manager.lnk [2019-10-10]
ShortcutTarget: Bigfoot Killer Network Manager.lnk -> C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CDA Monitor.lnk [2019-10-10]
ShortcutTarget: CDA Monitor.lnk -> C:\Program Files (x86)\Jeppesen\CDA\CDAMonitor.exe (Jeppesen Sanderson, Inc -> )
Startup: C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-10-10]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E25192C-9BE3-4FB1-BE68-D59CC76ECADF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1269051C-87EB-48C7-8E34-EE0356A144FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Task: {1FDF2843-2647-404C-B0E2-9153C685F929} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {270D6A16-FBD6-4C5A-A423-10423B4C444F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Task: {3E33B2C9-4B77-42D5-9B3C-7A4158EDDA41} - System32\Tasks\Core Temp Autostart homeuser => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-30] (ALCPU -> ALCPU)
Task: {4B8FFC2A-0F8A-4D8B-9C43-E3196AB515F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4CAC860A-F0F5-4EBC-849B-BD0659C8A775} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {4F0750B2-34A1-4E37-B9D0-FF077F401CA7} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3024691867-316160702-395545048-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-09-06] (Mega Limited -> Mega Limited)
Task: {76DFCE02-CA7D-471B-87E9-B42C8997390A} - System32\Tasks\BlueStacksHelper => E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {881AAC14-1DD6-4347-8953-2FBB65A325A1} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {889EFEA1-29FA-493C-9790-4939CA8C37B1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2696520 2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {912AD4A3-C202-4C25-A670-DF6E007876E7} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [1541520 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {AA932CE1-F8D2-4578-B244-789D687F25E0} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_homeuser => C:\Program Files (x86)\Hard Disk Sentinel Pro\HDSentinel.exe [5658384 2019-07-10] (Janos Mathe -> H.D.S. Hungary)
Task: {BF240BCC-00E8-4226-9055-13BC13076D75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D64CD868-2345-47BD-87C7-CE8B96B28987} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [1029512 2019-09-18] (Bitsum LLC -> Bitsum LLC) [File not signed]
Task: {D79C8EFF-FF41-4878-8761-CB67B8A959B3} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [6982216 2019-09-26] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {EA7B3E22-B462-4093-AF64-51433F922EE9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-10] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9 19 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Winsock: Catalog9-x64 19 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.) [File not signed]
Tcpip\..\Interfaces\{15071d1f-12aa-4cf3-98d9-4f4c345bd3bc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{78f881c0-e8f5-4114-8046-f70414a39f91}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Edge:
======
DownloadDir:
Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.10.0.0_neutral__v68kp9n051hdp [2019-10-10]
FireFox:
========
FF DefaultProfile: cpldss12.default
FF ProfilePath: C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\cpldss12.default [2019-10-10]
FF ProfilePath: C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release [2019-10-12]
FF Homepage: Mozilla\Firefox\Profiles\s2ccsxum.default-release -> hxxps://yandex.ru/?clid=2224022
FF NetworkProxy: Mozilla\Firefox\Profiles\s2ccsxum.default-release -> type", 0
FF HomepageOverride: Mozilla\Firefox\Profiles\s2ccsxum.default-release -> Enabled:
homeutil@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\s2ccsxum.default-release -> Enabled:
vb@yandex.ru
FF NewTabOverride: Mozilla\Firefox\Profiles\s2ccsxum.default-release -> Enabled: {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
FF Extension: (Hoxx VPN Proxy) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\@hoxx-vpn.xpi [2019-10-09]
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\@setupvpncom.xpi [2019-10-09]
FF Extension: (WebRTC Leak Shield) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\@webrtc-leak-shield.xpi [2018-02-24]
FF Extension: (anonymoX) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
client@anonymox.net.xpi [2018-12-14]
FF Extension: (FireX Proxy) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
divanproger@gmail.com.xpi [2019-08-19]
FF Extension: (Free Download Manager) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
fdm_ffext2@freedownloadmanager.org.xpi [2019-09-25]
FF Extension: (Ghostery – Конфиденциальный Блокировщик Рекламы) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
firefox@ghostery.com.xpi [2019-08-29]
FF Extension: (MEGA) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
firefox@mega.co.nz.xpi [2019-10-03] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Tampermonkey) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
firefox@tampermonkey.net.xpi [2019-05-30]
FF Extension: (Стартовая — Яндекс) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
homeutil@yandex.ru.xpi [2019-09-09]
FF Extension: (Кнопка «Сохранить» в Pinterest) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
jid1-YcMV6ngYmQRA2w@jetpack.xpi [2019-09-25]
FF Extension: (Доступ к Рутрекеру) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
public.proartex@gmail.com.xpi [2018-05-08]
FF Extension: (S3.Переводчик) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
s3google@translator.xpi [2018-10-10]
FF Extension: (uBlock Origin) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
uBlock0@raymondhill.net.xpi [2019-09-27]
FF Extension: (Avast Online Security) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
wrc@avast.com.xpi [2019-10-11]
FF Extension: (minerBlock) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
xd4rker@gmail.com.xpi [2019-02-04]
FF Extension: (Zoom Page WE) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\
zoompage-we@DW-dev.xpi [2019-10-09]
FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2019-05-14]
FF Extension: (Web of Trust) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - бесплатный блокировщик рекламы) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-22]
FF Extension: (Greasemonkey) - C:\Users\homeuser\AppData\Roaming\Mozilla\Firefox\Profiles\s2ccsxum.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-06-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-10] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-10] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-10] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-10] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.mail.ru/cnt/9516
CHR StartupUrls: Default -> "hxxp://www.mail.ru/cnt/9516","hxxp://mail.ru/cnt/10445?gp=812208"
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B792CA924-60DD-4AE5-BF89-099626812133%7D&gp=812209
CHR DefaultSearchKeyword: Default -> go.mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default [2019-10-12]
CHR Extension: (Slides) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-10]
CHR Extension: (Docs) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-10]
CHR Extension: (Google Drive) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-10-10]
CHR Extension: (YouTube) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-10]
CHR Extension: (Sheets) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-10]
CHR Extension: (Google Docs Offline) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-10-10]
CHR Extension: (Avast Online Security) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-10-10]
CHR Extension: (Direct.Fastix ) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\lknnjfgcgglncamgpbbdfkianokjohlh [2019-10-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Gmail) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-10]
CHR Extension: (Chrome Media Router) - C:\Users\homeuser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10316304 2019-09-23] (Acronis International GmbH -> )
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [844888 2019-09-27] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 Bigfoot Networks Killer Service; C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [File not signed]
R2 CDA; C:\Program Files (x86)\Jeppesen\CDA\CDA.exe [134088 2016-04-01] (Jeppesen Sanderson, Inc -> )
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2124104 2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [136512 2019-10-10] (SurfRight B.V. -> SurfRight B.V.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [258560 2019-10-11] (AnchorFree Inc.) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2019-09-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-09-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1912488 2019-09-23] (Acronis International GmbH -> )
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2489984 2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2019-09-23] (Acronis International GmbH -> Acronis International GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15476144 2019-09-16] (VMware, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALSysIO; C:\Users\homeuser\AppData\Local\Temp\ALSysIO64.sys [47240 2019-10-12] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 BfEdge7x64; C:\Windows\System32\drivers\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\drivers\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-10-07] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-10-10] (Malwarebytes Corporation -> Malwarebytes)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [687768 2019-10-10] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2019-10-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R3 ip100Avista; C:\Windows\System32\drivers\ipfnd51.sys [36864 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-10-12] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-10-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-10-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-10-12] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116832 2019-10-12] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830a0263f2ee97ce\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [883256 2019-10-10] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171968 2019-10-10] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [693768 2019-10-10] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [330176 2019-10-10] (Acronis International GmbH -> Acronis International GmbH)
R1 vmkbd3; C:\Windows\system32\DRIVERS\vmkbd.sys [52288 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2019-10-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46688 2019-10-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [350136 2019-10-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-12 16:57 - 2019-10-12 16:57 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-10-12 16:57 - 2019-10-12 16:57 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-10-12 16:57 - 2019-10-12 16:57 - 000116832 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-10-12 16:57 - 2019-10-12 16:57 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-10-12 15:31 - 2019-10-12 15:32 - 000000000 ____D C:\Users\homeuser\Cisco Packet Tracer 7.2.1
2019-10-12 15:31 - 2019-10-12 15:31 - 000000182 _____ C:\Users\homeuser\.packettracer
2019-10-12 15:31 - 2019-10-12 15:31 - 000000000 ____D C:\Users\homeuser\AppData\Local\PacketTracer7
2019-10-12 15:28 - 2019-10-12 15:28 - 000001093 _____ C:\Users\homeuser\Desktop\Cisco Packet Tracer.lnk
2019-10-12 15:28 - 2019-10-12 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
2019-10-12 15:27 - 2019-10-12 15:28 - 000000000 ____D C:\Program Files\Cisco Packet Tracer 7.2.1
2019-10-12 15:08 - 2019-10-12 15:08 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-10-12 14:50 - 2019-10-12 14:50 - 000257824 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-12 14:39 - 2007-09-28 16:11 - 000036864 _____ (ASUSTek Computer Inc) C:\Windows\system32\Drivers\ipfnd51.sys
2019-10-11 21:50 - 2019-10-11 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2019-10-11 21:49 - 2019-10-12 17:12 - 000000000 ____D C:\ProgramData\Hotspot Shield
2019-10-11 21:49 - 2019-10-12 14:48 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2019-10-11 21:49 - 2019-10-11 21:50 - 000001141 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2019-10-11 21:49 - 2019-10-11 21:50 - 000001141 _____ C:\ProgramData\Desktop\Hotspot Shield.lnk
2019-10-11 21:09 - 2019-10-11 22:58 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\VMware
2019-10-11 21:09 - 2019-10-11 22:58 - 000000000 ____D C:\Users\homeuser\AppData\Local\VMware
2019-10-11 20:01 - 2019-10-11 20:14 - 000000000 ____D C:\Program Files\Recuva
2019-10-11 20:01 - 2019-10-11 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-10-11 19:18 - 2019-10-12 16:57 - 000000000 ____D C:\ProgramData\VMware
2019-10-11 19:18 - 2019-10-11 19:18 - 000001024 _____ C:\Windows\SysWOW64\%TMP%
2019-10-11 19:18 - 2019-10-11 19:18 - 000000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2019-10-11 19:18 - 2019-10-11 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2019-10-11 19:18 - 2019-10-11 19:18 - 000000000 ____D C:\ProgramData\Documents\Shared Virtual Machines
2019-10-11 19:18 - 2019-10-11 19:18 - 000000000 ____D C:\Program Files\Common Files\VMware
2019-10-11 19:18 - 2019-10-11 19:18 - 000000000 ____D C:\Program Files (x86)\VMware
2019-10-11 19:18 - 2019-09-16 18:56 - 001271728 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2019-10-11 19:18 - 2019-09-16 18:55 - 000399280 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2019-10-11 19:18 - 2019-09-16 18:55 - 000370096 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2019-10-11 19:18 - 2019-09-16 18:54 - 000116536 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll
2019-10-11 19:18 - 2019-09-16 18:54 - 000043840 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2019-10-11 19:18 - 2019-09-16 18:48 - 000100368 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2019-10-11 19:18 - 2019-09-16 18:48 - 000052288 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys
2019-10-11 19:18 - 2019-08-21 08:12 - 000083984 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2019-10-11 19:18 - 2019-08-14 01:36 - 000103224 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2019-10-11 19:18 - 2019-08-14 01:36 - 000046392 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2019-10-11 19:18 - 2019-08-14 01:36 - 000042296 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2019-10-11 17:29 - 2019-10-11 17:29 - 000001009 _____ C:\Users\Public\Desktop\µTorrent.lnk
2019-10-11 17:29 - 2019-10-11 17:29 - 000001009 _____ C:\ProgramData\Desktop\µTorrent.lnk
2019-10-11 17:29 - 2019-10-11 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\µTorrent
2019-10-11 17:25 - 2019-10-11 17:25 - 000000000 ___RD C:\Sandbox
2019-10-11 17:24 - 2019-10-11 19:07 - 000000000 ____D C:\Program Files\Sandboxie
2019-10-11 17:24 - 2019-10-11 17:37 - 000002852 _____ C:\Windows\Sandboxie.ini
2019-10-11 17:22 - 2019-10-12 15:26 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\uTorrent
2019-10-11 17:22 - 2019-10-11 17:22 - 000002699 _____ C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-10-11 16:58 - 2019-10-11 16:58 - 000000000 ____D C:\Program Files\TAP-Windows
2019-10-11 16:52 - 2019-10-11 16:55 - 000000000 ____D C:\ProgramData\Avira
2019-10-11 05:08 - 2019-10-11 05:08 - 004745808 _____ (Acronis) C:\Windows\system32\auto_reactivate.exe
2019-10-11 05:08 - 2019-10-11 05:08 - 000286736 _____ (Acronis International GmbH) C:\Windows\system32\snapapiar64.dll
2019-10-10 23:28 - 2019-10-11 19:18 - 000825898 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-10-10 23:04 - 2019-10-10 23:04 - 000002094 _____ C:\Users\Public\Desktop\Bloody7.lnk
2019-10-10 23:04 - 2019-10-10 23:04 - 000002094 _____ C:\ProgramData\Desktop\Bloody7.lnk
2019-10-10 23:04 - 2019-10-10 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2019-10-10 23:04 - 2019-10-10 23:04 - 000000000 ____D C:\ProgramData\Bloody7
2019-10-10 23:04 - 2019-10-10 23:04 - 000000000 ____D C:\Program Files (x86)\Bloody7
2019-10-10 22:43 - 2019-10-10 23:02 - 034333904 _____ C:\Users\homeuser\Downloads\Bloody7_V2019.0927_MUI.exe
2019-10-10 22:27 - 2019-10-10 22:33 - 000000000 ____D C:\ProgramData\HitmanPro
2019-10-10 22:27 - 2019-10-10 22:27 - 000001994 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-10-10 22:27 - 2019-10-10 22:27 - 000001994 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2019-10-10 22:27 - 2019-10-10 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-10-10 22:27 - 2019-10-10 22:27 - 000000000 ____D C:\Program Files\HitmanPro
2019-10-10 22:20 - 2019-10-10 22:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-10 21:59 - 2019-10-10 21:59 - 000000000 ____D C:\KVRT_Data
2019-10-10 21:10 - 2019-10-10 21:10 - 000000655 _____ C:\Windows\system32\Drivers\etc\hosts.zip
2019-10-10 21:08 - 2019-10-12 17:13 - 000000000 ____D C:\Users\homeuser\Desktop\FRST
2019-10-10 21:08 - 2019-10-12 17:13 - 000000000 ____D C:\FRST
2019-10-10 20:57 - 2019-10-10 20:58 - 000000000 ____D C:\Program Files\HyperSnap
2019-10-10 20:57 - 2019-10-10 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperSnap
2019-10-10 20:46 - 2019-10-12 17:12 - 000000000 ____D C:\Users\homeuser\AppData\Local\CrashDumps
2019-10-10 20:44 - 2019-10-10 20:44 - 000000000 ____D C:\Users\homeuser\AppData\Local\Viber Media S.à r.l
2019-10-10 20:35 - 2019-10-11 19:15 - 000000000 ____D C:\Users\homeuser\Documents\ViberDownloads
2019-10-10 20:34 - 2019-10-12 15:09 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\ViberPC
2019-10-10 20:34 - 2019-10-10 20:44 - 000000000 ____D C:\Users\homeuser\AppData\Local\Viber
2019-10-10 20:34 - 2019-10-10 20:34 - 000001032 _____ C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2019-10-10 20:34 - 2019-10-10 20:34 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2019-10-10 20:34 - 2019-10-10 20:34 - 000000000 ____D C:\Users\homeuser\AppData\Local\Package Cache
2019-10-10 20:22 - 2019-10-10 20:22 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium
2019-10-10 20:22 - 2019-10-10 20:22 - 000000000 ____D C:\Program Files (x86)\WinTools Software
2019-10-10 20:15 - 2019-10-10 20:15 - 000000121 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2019-10-10 20:15 - 2019-10-10 20:15 - 000000000 ____D C:\Users\homeuser\Documents\Boson NetSim Labs
2019-10-10 20:15 - 2019-10-10 20:15 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Boson Software, LLC
2019-10-10 20:15 - 2019-10-10 20:15 - 000000000 ____D C:\Users\homeuser\AppData\Local\Boson_Software,_LLC
2019-10-10 20:14 - 2019-10-10 20:14 - 000002118 _____ C:\Users\Public\Desktop\Boson NetSim 11.lnk
2019-10-10 20:14 - 2019-10-10 20:14 - 000002118 _____ C:\ProgramData\Desktop\Boson NetSim 11.lnk
2019-10-10 20:14 - 2019-10-10 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boson Software
2019-10-10 20:14 - 2019-10-10 20:14 - 000000000 ____D C:\ProgramData\Boson Software
2019-10-10 20:14 - 2019-10-10 20:14 - 000000000 ____D C:\Program Files (x86)\Boson Software
2019-10-10 20:02 - 2019-10-12 17:12 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Clipdiary
2019-10-10 20:02 - 2019-10-10 20:02 - 000001114 _____ C:\Users\homeuser\Desktop\Clipdiary.lnk
2019-10-10 20:02 - 2019-10-10 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clipdiary
2019-10-10 20:02 - 2019-10-10 20:02 - 000000000 ____D C:\Program Files (x86)\Clipdiary
2019-10-10 19:25 - 2019-10-10 20:34 - 000001030 _____ C:\Users\homeuser\Desktop\Viber.lnk
2019-10-10 19:22 - 2019-10-11 01:09 - 000001411 _____ C:\Users\homeuser\Desktop\Mamba.lnk
2019-10-10 19:22 - 2019-10-10 19:22 - 000001407 _____ C:\Users\homeuser\Desktop\VK.lnk
2019-10-10 19:15 - 2007-10-12 02:00 - 000490008 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2.dll
2019-10-10 19:15 - 2007-10-12 02:00 - 000486936 _____ (Logitech Inc.) C:\Windows\system32\LVUIRC64.dll
2019-10-10 19:15 - 2007-10-12 02:00 - 000465432 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2RC.dll
2019-10-10 19:15 - 2007-10-12 02:00 - 000050072 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LVUSBS64.sys
2019-10-10 19:15 - 2007-10-12 01:59 - 000685080 _____ (Logitech Inc.) C:\Windows\system32\LVUI64.dll
2019-10-10 19:15 - 2007-10-12 01:57 - 000416280 _____ (Logitech Inc.) C:\Windows\SysWOW64\lvcodec2.dll
2019-10-10 19:15 - 2007-10-12 01:57 - 000257560 _____ (Logitech Inc.) C:\Windows\system32\lvco1150.dll
2019-10-10 19:15 - 2007-10-12 01:56 - 001214488 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LV302V64.SYS
2019-10-10 19:15 - 2007-10-12 01:56 - 000475672 _____ (Logitech Inc.) C:\Windows\system32\lvcod64.dll
2019-10-10 19:15 - 2007-10-12 01:18 - 000021138 _____ C:\Windows\system32\Repository.reg
2019-10-10 19:15 - 2007-10-12 01:11 - 000059500 _____ C:\Windows\system32\lvcoin64.ini
2019-10-10 19:00 - 2019-10-10 19:00 - 000003908 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2019-10-10 18:57 - 2019-10-10 18:57 - 000000000 ____D C:\Users\homeuser\AppData\Local\CEF
2019-10-10 18:43 - 2019-10-10 18:43 - 000000000 ____D C:\Users\homeuser\Downloads\Telegram Desktop
2019-10-10 18:15 - 2019-10-10 18:15 - 000001571 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2019-10-10 18:15 - 2019-10-10 18:15 - 000001571 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
2019-10-10 18:15 - 2019-10-10 18:15 - 000001571 _____ C:\ProgramData\Desktop\BlueStacks.lnk
2019-10-10 18:15 - 2019-10-10 18:15 - 000001261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
2019-10-10 18:15 - 2019-10-10 18:15 - 000001249 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
2019-10-10 18:15 - 2019-10-10 18:15 - 000001249 _____ C:\ProgramData\Desktop\BlueStacks Multi-Instance Manager.lnk
2019-10-10 18:12 - 2019-10-10 18:12 - 000000000 ____D C:\Program Files\BlueStacks
2019-10-10 16:54 - 2019-10-10 16:54 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\ChemTable Software
2019-10-10 16:54 - 2019-10-10 16:54 - 000000000 ____D C:\Users\homeuser\AppData\Local\ChemTable Software
2019-10-10 16:53 - 2019-10-10 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Organizer
2019-10-10 16:53 - 2019-10-10 16:53 - 000000000 ____D C:\Program Files (x86)\Reg Organizer
2019-10-10 16:44 - 2019-10-11 23:08 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Telegram Desktop
2019-10-10 16:44 - 2019-10-10 16:44 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2019-10-10 16:35 - 2019-10-10 16:35 - 000004522 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-10 16:35 - 2019-10-10 16:35 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Macromedia
2019-10-10 16:34 - 2019-10-10 16:37 - 000000000 ____D C:\Users\homeuser\AppData\Local\Adobe
2019-10-10 16:27 - 2019-10-10 18:12 - 000000000 ____D C:\Users\Public\BlueStacks
2019-10-10 16:27 - 2019-10-10 18:12 - 000000000 ____D C:\Users\homeuser\AppData\Local\BlueStacksSetup
2019-10-10 16:27 - 2019-10-10 18:12 - 000000000 ____D C:\Users\homeuser\AppData\Local\BlueStacks
2019-10-10 16:20 - 2019-10-10 16:20 - 000000000 ____D C:\Users\homeuser\Jeppesen
2019-10-10 16:17 - 2019-10-10 16:17 - 000000000 ____D C:\Users\homeuser\AppData\Local\Jeppesen
2019-10-10 16:06 - 2019-10-10 16:06 - 000002070 _____ C:\Users\Public\Desktop\CDA Monitor.lnk
2019-10-10 16:06 - 2019-10-10 16:06 - 000002070 _____ C:\ProgramData\Desktop\CDA Monitor.lnk
2019-10-10 16:05 - 2015-12-10 00:47 - 000124928 _____ (Jeppesen Sanderson, Inc.) C:\Windows\system32\JFPDView.dll
2019-10-10 16:04 - 2019-10-10 16:04 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Softland
2019-10-10 16:04 - 2019-10-10 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\novaPDF 7
2019-10-10 16:04 - 2019-10-10 16:04 - 000000000 ____D C:\Program Files\Softland
2019-10-10 16:04 - 2014-03-19 15:10 - 000029472 _____ (Softland) C:\Windows\system32\novamnk7.dll
2019-10-10 16:04 - 2014-03-19 15:10 - 000022304 _____ (Softland) C:\Windows\system32\novamik7.dll
2019-10-10 16:04 - 2014-01-10 15:43 - 000007549 _____ C:\Windows\system32\novak7.ctm
2019-10-10 16:03 - 2019-10-12 15:23 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-10 16:03 - 2019-10-10 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeppesen
2019-10-10 16:02 - 2019-10-10 16:06 - 000000000 ____D C:\Program Files (x86)\Jeppesen
2019-10-10 15:57 - 2019-10-12 16:58 - 000000000 ____D C:\ProgramData\Jeppesen
2019-10-10 15:57 - 2019-10-10 16:02 - 000000000 ____D C:\Users\Public\Documents\Jeppesen
2019-10-10 15:57 - 2019-10-10 16:02 - 000000000 ____D C:\ProgramData\Documents\Jeppesen
2019-10-10 15:23 - 2019-10-10 15:23 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2019-10-10 15:23 - 2019-10-10 15:23 - 000000000 ____D C:\Users\homeuser\AppData\Local\Mega Limited
2019-10-10 15:22 - 2019-10-10 15:22 - 000003642 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2019-10-10 15:22 - 2019-10-10 15:22 - 000000799 _____ C:\Users\Public\Desktop\MEGAsync.lnk
2019-10-10 15:22 - 2019-10-10 15:22 - 000000799 _____ C:\ProgramData\Desktop\MEGAsync.lnk
2019-10-10 15:22 - 2019-10-10 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2019-10-10 15:22 - 2019-10-10 15:22 - 000000000 ____D C:\ProgramData\MEGAsync
2019-10-10 15:20 - 2019-10-12 16:39 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\WhatsApp
2019-10-10 15:20 - 2019-10-10 15:20 - 000002212 _____ C:\Users\homeuser\Desktop\WhatsApp.lnk
2019-10-10 15:20 - 2019-10-10 15:20 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-10-10 15:20 - 2019-10-10 15:20 - 000000000 ____D C:\Users\homeuser\AppData\Local\WhatsApp
2019-10-10 12:49 - 2019-10-10 12:49 - 000000000 ____D C:\ProgramData\Apple
2019-10-10 12:49 - 2019-10-10 12:49 - 000000000 ____D C:\Program Files\Bonjour
2019-10-10 12:49 - 2019-10-10 12:49 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-10-10 12:29 - 2019-10-10 12:29 - 000000000 ____D C:\Users\homeuser\AppData\Local\NVIDIA
2019-10-10 12:27 - 2019-10-10 06:10 - 000000000 ____D C:\Users\homeuser\AppData\Local\D3DSCache
2019-10-10 12:26 - 2019-10-10 12:26 - 000000000 ____D C:\Users\homeuser\AppData\Local\PeerDistRepub
2019-10-10 12:13 - 2019-10-10 12:14 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\ProcessLasso
2019-10-10 12:13 - 2019-10-10 12:13 - 000003106 _____ C:\Windows\system32\Tasks\Process Lasso Management Console (GUI)
2019-10-10 12:13 - 2019-10-10 12:13 - 000003096 _____ C:\Windows\system32\Tasks\Process Lasso Core Engine Only
2019-10-10 12:13 - 2019-10-10 12:13 - 000000000 ____D C:\ProgramData\ProcessLasso
2019-10-10 12:13 - 2019-10-10 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Lasso Pro
2019-10-10 12:13 - 2019-10-10 12:13 - 000000000 ____D C:\Program Files\Process Lasso
2019-10-10 11:55 - 2019-10-10 11:56 - 000000000 ____D C:\Windows\system32\MRT
2019-10-10 11:55 - 2019-10-10 11:55 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-10-10 11:53 - 2019-10-12 00:00 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel Pro
2019-10-10 11:53 - 2019-10-10 11:53 - 025443840 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 019811840 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 018019840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 007015936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 006232064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 005915648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 004481536 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 004129616 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 003525592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-10-10 11:53 - 2019-10-10 11:53 - 002494440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 002422592 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-10-10 11:53 - 2019-10-10 11:53 - 002314648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 002236144 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 002190864 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 002138472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-10-10 11:53 - 2019-10-10 11:53 - 001716752 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001611792 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001510752 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001505320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001501712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001386000 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001297936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001273392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001244944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001152016 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001098712 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001043984 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000960512 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000957240 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000939008 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000904704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000827408 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000816648 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000741392 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000722944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000666128 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000659456 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000649016 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2019-10-10 11:53 - 2019-10-10 11:53 - 000537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000502784 _____ C:\Windows\system32\AssignedAccessCsp.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000495120 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000417280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000394256 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000387832 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000376832 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000258064 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glu32.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000231440 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000228880 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000202768 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000181776 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000173072 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000145208 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvvmtransport.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000037904 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000021816 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe
2019-10-10 11:53 - 2019-10-10 11:53 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll
2019-10-10 11:53 - 2019-10-10 11:53 - 000001184 _____ C:\Users\homeuser\Desktop\Hard Disk Sentinel Pro.lnk
2019-10-10 11:53 - 2019-10-10 11:53 - 000000000 ____D C:\Windows\system32\Tasks\HardDiskSentinel
2019-10-10 11:53 - 2019-10-10 11:53 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel Pro
2019-10-10 11:53 - 2019-10-10 11:53 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Hard Disk Sentinel
2019-10-10 11:52 - 2019-10-10 11:53 - 019849216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 025900544 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 022628352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 017787392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 014816256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 009928504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 008010752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 007905000 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 007848192 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 007754240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 007600664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 007195648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 006517640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 006425600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 006227624 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 006164480 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 006084048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 005865272 _____ (Microsoft Corporation) C:\Windows\system32\spwizimg.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 005764872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 005105152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 005041664 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 004612520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 004562688 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 004046336 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 004012544 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003964056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 003947008 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003771392 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003742032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003727360 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 003701760 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003590968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 003553280 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003386880 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003184128 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 003105280 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002861568 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002821120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002799616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 002772032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002762504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-10 11:52 - 2019-10-10 11:52 - 002723328 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 002703360 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002590208 _____ C:\Windows\system32\dwmscene.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002552120 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002466304 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002456064 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002448712 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002284032 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002258856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002160640 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002132280 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002120704 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002120272 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002114048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002095104 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002081976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002069504 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 002000168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001957008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001952360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001940952 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001913296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001857024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001847808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001845408 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001819136 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001788728 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-10-10 11:52 - 2019-10-10 11:52 - 001748480 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001743672 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001730560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001721144 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001692160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001687040 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001664928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001664376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001656392 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001616784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001616608 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001607680 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001563648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001562424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001543168 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001512320 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 001473488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001439744 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001394488 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001383856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001372160 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-10-10 11:52 - 2019-10-10 11:52 - 001334064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001283072 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001263616 _____ (Microsoft Corporation) C:\Windows\system32\opengl32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001261800 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001217904 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001182240 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001178816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001154656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001150240 _____ (Microsoft Corporation) C:\Windows\system32\InputHost.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001091584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001084432 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001054872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001047968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001036800 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001029432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 001023128 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000984376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000975872 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000944664 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000931840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000904208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000890472 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000880088 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000856576 _____ C:\Windows\system32\MBR2GPT.EXE
2019-10-10 11:52 - 2019-10-10 11:52 - 000844800 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000839680 _____ (Microsoft Corporation) C:\Windows\system32\d3d9on12.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000833312 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000829536 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000818688 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000792296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputHost.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000784384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000775768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000774672 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000772656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000759488 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000758584 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000732176 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\mousocoreworker.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000702464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000679880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000674072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000673080 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000656960 _____ (Microsoft Corporation) C:\Windows\system32\d3d11on12.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000652800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000647168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000639400 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000617784 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000612864 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000599040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000598024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000598016 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000595456 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000587776 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_PCDisplay.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000568336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000563200 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000558592 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000551952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000551424 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000541696 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000541480 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9on12.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000520192 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000516408 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000515896 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000507704 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000501232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000500736 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-10 11:52 - 2019-10-10 11:52 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000487576 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000466416 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000463272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000452408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000450360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11on12.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000449888 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000442704 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000436536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000422008 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-10-10 11:52 - 2019-10-10 11:52 - 000415808 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000412152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000404392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000398728 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000383984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000380216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000379840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000375720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000363624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000342896 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000334936 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\ComposableShellProxyStub.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000315392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000300184 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000293344 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\directxdatabaseupdater.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000285256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000283688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000278080 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000261632 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\ManageCI.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Gpu.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000236520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000225080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-10-10 11:52 - 2019-10-10 11:52 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000223032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000221696 _____ (Microsoft Corporation) C:\Windows\system32\dxgiadaptercache.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000220472 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000208184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000202040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000201016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000199480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-10-10 11:52 - 2019-10-10 11:52 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000176440 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000176152 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000165832 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\glu32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000159112 _____ (Microsoft Corporation) C:\Windows\system32\devobj.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComposableShellProxyStub.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000150328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000140496 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000137864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ForceSync.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000132096 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000125232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationControlCSP.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000119840 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000117048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000116904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\EaseOfAccessDialog.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000110080 _____ C:\Windows\system32\ResBParser.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CoreShellExtFramework.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000105272 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000100664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000092624 _____ (Microsoft Corporation) C:\Windows\system32\taskhostw.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EaseOfAccessDialog.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000089544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000084496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000079376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uaspstor.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000073024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000066832 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidspi.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\devrtl.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\pnppolicy.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000053248 _____ C:\Windows\system32\Drivers\UsbPmApi.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000052752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringconfigsp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollCtrl.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000047616 _____ C:\Windows\system32\UsbPmApi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000043536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000037176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\IcsEntitlementHost.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000033048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-10-10 11:52 - 2019-10-10 11:52 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\Win32_DeviceGuard.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000021544 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\wmsgapi.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\bindflt.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000016696 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\d3d8thk.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDJPN.DLL
2019-10-10 11:52 - 2019-10-10 11:52 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2019-10-10 11:52 - 2019-10-10 11:52 - 000011576 _____ (Microsoft Corporation) C:\Windows\system32\uxlibres.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2019-10-10 11:52 - 2019-10-10 11:52 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-10-10 11:48 - 2019-09-20 07:36 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-10-10 11:48 - 2019-09-20 07:14 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-10-10 11:47 - 2019-10-10 11:47 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-10-10 11:44 - 2019-10-12 16:57 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-10 11:44 - 2019-10-10 23:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-10-10 11:44 - 2019-10-10 11:44 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-10-10 11:44 - 2019-10-10 11:44 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-10 11:44 - 2019-09-05 22:49 - 005468144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-10-10 11:44 - 2019-09-05 22:49 - 002634608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-10-10 11:44 - 2019-09-05 22:49 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-10-10 11:44 - 2019-09-05 22:49 - 000654320 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-10-10 11:44 - 2019-09-05 22:49 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-10-10 11:44 - 2019-09-05 22:49 - 000125240 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-10-10 11:44 - 2019-09-05 22:49 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-10-10 11:44 - 2019-09-05 04:04 - 008709382 _____ C:\Windows\system32\nvcoproc.bin
2019-10-10 11:44 - 2019-08-01 16:07 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-10-10 11:43 - 2019-09-06 21:29 - 001012432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-10-10 11:43 - 2019-09-06 21:29 - 001012432 _____ C:\Windows\system32\vulkan-1.dll
2019-10-10 11:43 - 2019-09-06 21:29 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-10 11:43 - 2019-09-06 21:29 - 000876240 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-10-10 11:43 - 2019-09-06 21:29 - 000447368 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-10-10 11:43 - 2019-09-06 21:29 - 000351944 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-10-10 11:43 - 2019-09-06 21:29 - 000301264 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-10 11:43 - 2019-09-06 21:29 - 000301264 _____ C:\Windows\system32\vulkaninfo.exe
2019-10-10 11:43 - 2019-09-06 21:29 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-10 11:43 - 2019-09-06 21:29 - 000273104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-10-10 11:43 - 2019-09-06 21:28 - 011562376 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-10-10 11:43 - 2019-09-06 21:28 - 009937104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 002051008 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 001550080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 001477512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 001247432 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 001140616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000959424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000812800 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000676096 _____ C:\Windows\system32\nvofapi64.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000658880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000632768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000544648 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-10-10 11:43 - 2019-09-06 21:27 - 000524168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 040444856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 035334536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 017300360 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 014921096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 005358472 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 004696968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 001726400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6443630.dll
2019-10-10 11:43 - 2019-09-06 21:26 - 001491336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6443630.dll
2019-10-10 11:43 - 2019-09-06 18:24 - 005002192 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-10-10 11:43 - 2019-09-06 18:24 - 004263840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-10-10 11:43 - 2019-09-06 00:19 - 000054700 _____ C:\Windows\system32\nvinfo.pb
2019-10-10 11:42 - 2019-10-10 11:42 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2019-10-10 11:42 - 2019-10-10 11:42 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-10 11:42 - 2019-10-10 11:42 - 000000000 ___RD C:\Users\Default\OneDrive
2019-10-10 11:42 - 2019-10-10 11:42 - 000000000 ___RD C:\Users\Default User\OneDrive
2019-10-10 11:42 - 2019-10-10 11:42 - 000000000 ___HD C:\OneDriveTemp
2019-10-10 11:41 - 2019-10-10 14:32 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2019-10-10 11:41 - 2019-10-10 11:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-10-10 11:28 - 2019-10-10 11:28 - 000000000 ____D C:\Users\homeuser\AppData\Local\OneDrive
2019-10-10 11:20 - 2019-10-10 11:33 - 000000000 ____D C:\ProgramData\DisplayDriverUninstaller
2019-10-10 11:17 - 2019-10-10 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-10-10 11:17 - 2019-10-10 11:17 - 000000000 ____D C:\Program Files (x86)\7-Zip
2019-10-10 10:50 - 2019-10-10 11:51 - 000000000 ____D C:\Temp torrents
2019-10-10 10:27 - 2019-03-18 15:20 - 008628736 _____ (Microsoft Corporation) C:\Windows\system32\prm0019.dll
2019-10-10 10:26 - 2019-10-09 21:18 - 000002317 _____ C:\Users\homeuser\Documents\indexfile.txt
2019-10-10 10:23 - 2019-10-12 16:59 - 000000000 ____D C:\Users\homeuser\AppData\LocalLow\Mozilla
2019-10-10 10:23 - 2019-10-11 15:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-10 10:23 - 2019-10-10 22:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-10 10:23 - 2019-10-10 10:23 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-10-10 10:23 - 2019-10-10 10:23 - 000000993 _____ C:\ProgramData\Desktop\Firefox.lnk
2019-10-10 10:23 - 2019-10-10 10:23 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Mozilla
2019-10-10 10:23 - 2019-10-10 10:23 - 000000000 ____D C:\Users\homeuser\AppData\Local\Mozilla
2019-10-10 10:23 - 2019-10-10 10:23 - 000000000 ____D C:\ProgramData\Mozilla
2019-10-10 10:19 - 2019-10-10 10:19 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Google
2019-10-10 10:16 - 2019-10-10 10:16 - 000001635 _____ C:\Users\Public\Desktop\Total Commander HomeUser v71.lnk
2019-10-10 10:16 - 2019-10-10 10:16 - 000001635 _____ C:\ProgramData\Desktop\Total Commander HomeUser v71.lnk
2019-10-10 10:16 - 2019-10-10 10:16 - 000000777 _____ C:\Users\Public\Desktop\Total Commander PowerUser v71.lnk
2019-10-10 10:16 - 2019-10-10 10:16 - 000000777 _____ C:\ProgramData\Desktop\Total Commander PowerUser v71.lnk
2019-10-10 10:16 - 2019-10-10 10:16 - 000000000 ____D C:\Users\Public\Desktop\TC PU Programs
2019-10-10 10:16 - 2019-10-10 10:16 - 000000000 ____D C:\ProgramData\Desktop\TC PU Programs
2019-10-10 10:16 - 2019-08-29 15:36 - 000286208 _____ C:\Windows\SysWOW64\lame_enc.dll
2019-10-10 10:16 - 2014-01-13 04:46 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2019-10-10 10:16 - 2009-12-29 23:27 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2019-10-10 10:16 - 2009-12-29 23:27 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2019-10-10 10:16 - 2009-12-29 23:27 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2019-10-10 10:15 - 2019-10-10 10:22 - 000000000 ____D C:\Users\homeuser\AppData\Local\Google
2019-10-10 10:15 - 2019-10-10 10:15 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-10 10:15 - 2019-10-10 10:15 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-10 10:15 - 2019-10-10 10:15 - 000002332 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-10 10:14 - 2019-10-10 10:14 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-10 10:14 - 2019-10-10 10:14 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-10 10:14 - 2019-10-10 10:14 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-10 10:13 - 2019-10-10 10:13 - 000000000 ___HD C:\Users\homeuser\MicrosoftEdgeBackups
2019-10-10 10:12 - 2019-10-10 10:23 - 000000000 ____D C:\TCPU71
2019-10-10 10:09 - 2019-10-12 14:15 - 000000000 ____D C:\Windows\Panther
2019-10-10 09:58 - 2019-10-10 07:19 - 000000000 ____D C:\Users\homeuser\AppData\Local\PlaceholderTileLogoFolder
2019-10-10 09:55 - 2019-10-12 16:58 - 000000000 ____D C:\ProgramData\Bigfoot Networks
2019-10-10 09:55 - 2019-10-10 20:14 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-10 09:55 - 2019-10-10 09:55 - 000002311 _____ C:\Users\Public\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-10-10 09:55 - 2019-10-10 09:55 - 000002311 _____ C:\ProgramData\Desktop\Bigfoot Networks Killer Network Manager.lnk
2019-10-10 09:55 - 2019-10-10 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bigfoot Networks
2019-10-10 09:55 - 2019-10-10 09:55 - 000000000 ____D C:\Program Files\Bigfoot Networks
2019-10-10 09:53 - 2019-10-10 09:53 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-10 09:53 - 2010-03-02 11:04 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2019-10-10 09:52 - 2019-10-10 09:52 - 000000000 ____D C:\Intel
2019-10-10 09:48 - 2019-10-10 18:09 - 000001134 _____ C:\Windows\system32\config\VSMIDK
2019-10-10 09:45 - 2019-10-11 00:14 - 000000000 ____D C:\ProgramData\Packages
2019-10-10 09:41 - 2019-10-10 11:08 - 000000000 ____D C:\Users\homeuser\AppData\Local\Comms
2019-10-10 09:37 - 2019-10-12 16:58 - 000000000 ___RD C:\Users\homeuser\OneDrive
2019-10-10 09:36 - 2019-10-10 14:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-10-10 09:36 - 2019-10-10 10:13 - 000000000 ____D C:\Users\homeuser\AppData\Local\MicrosoftEdge
2019-10-10 09:36 - 2019-10-10 09:36 - 000001450 _____ C:\Users\homeuser\Desktop\Microsoft Edge.lnk
2019-10-10 09:35 - 2019-10-11 00:13 - 000000000 ____D C:\Users\homeuser\AppData\Local\Packages
2019-10-10 09:35 - 2019-10-10 16:37 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Adobe
2019-10-10 09:35 - 2019-10-10 12:01 - 000000000 ___RD C:\Users\homeuser\3D Objects
2019-10-10 09:35 - 2019-10-10 11:27 - 000000000 ____D C:\Users\homeuser\AppData\Local\ConnectedDevicesPlatform
2019-10-10 09:35 - 2019-10-10 10:17 - 000000000 ____D C:\Users\homeuser\AppData\Local\Publishers
2019-10-10 09:35 - 2019-10-10 09:35 - 000000000 ____D C:\Users\homeuser\AppData\Local\VirtualStore
2019-10-10 09:35 - 2019-10-10 07:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-10 09:34 - 2019-10-12 15:31 - 000000000 ____D C:\Users\homeuser
2019-10-10 09:34 - 2019-10-10 09:34 - 000000020 ___SH C:\Users\homeuser\ntuser.ini
2019-10-10 09:33 - 2019-10-12 17:03 - 000812210 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-10 09:30 - 2019-10-10 09:30 - 000000000 ____D C:\Windows\CSC
2019-10-10 09:30 - 2019-10-10 09:30 - 000000000 ____D C:\ProgramData\USOShared
2019-10-10 09:30 - 2019-09-09 20:47 - 002874368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-10-10 09:28 - 2019-10-10 20:50 - 000000000 ____D C:\Windows\minidump
2019-10-10 09:28 - 2019-10-10 09:28 - 000000000 _SHDL C:\Documents and Settings
2019-10-10 09:11 - 2019-10-12 16:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-10 09:11 - 2019-10-10 12:10 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-10-10 09:11 - 2019-10-10 09:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-10-10 09:10 - 2019-10-11 19:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-10-10 09:10 - 2019-10-10 09:10 - 000000000 ____D C:\Windows\ServiceProfiles
2019-10-10 08:21 - 2019-10-10 08:21 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FxSound Enhancer
2019-10-10 08:21 - 2019-10-10 08:21 - 000000000 ____D C:\Users\homeuser\AppData\Local\DFX
2019-10-10 08:21 - 2019-10-10 08:21 - 000000000 ____D C:\Program Files (x86)\DFX
2019-10-10 08:14 - 2019-10-10 08:14 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-10-10 08:14 - 2019-10-10 08:14 - 000000000 ____D C:\Program Files\Realtek
2019-10-10 08:14 - 2019-10-10 08:14 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-10-10 08:14 - 2017-06-29 18:55 - 003509256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000914016 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000768808 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000642920 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000577832 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000410032 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2019-10-10 08:14 - 2017-06-29 18:55 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2019-10-10 08:14 - 2017-06-29 18:54 - 004059960 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2019-10-10 08:14 - 2017-06-29 18:54 - 000330552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2019-10-10 08:14 - 2017-06-29 18:52 - 005826560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2019-10-10 08:14 - 2017-06-29 18:52 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2019-10-10 08:14 - 2017-06-29 18:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2019-10-10 08:14 - 2017-06-29 18:52 - 000574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2019-10-10 08:14 - 2017-06-29 18:52 - 000118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2019-10-10 08:14 - 2017-06-29 18:51 - 002210304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2019-10-10 08:14 - 2017-06-29 18:51 - 002050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2019-10-10 08:14 - 2017-06-29 18:51 - 000041088 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2019-10-10 08:14 - 2017-06-29 18:51 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2019-10-10 08:14 - 2017-06-29 18:50 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2019-10-10 08:14 - 2017-06-29 03:05 - 012334923 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2019-10-10 08:14 - 2017-06-29 03:05 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2019-10-10 08:14 - 2016-09-22 14:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-10-10 07:35 - 2019-10-10 08:15 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-10-10 07:28 - 2019-10-10 17:10 - 000000000 ____D C:\Users\homeuser\AppData\Local\ElevatedDiagnostics
2019-10-10 07:23 - 2019-10-10 07:23 - 000000000 ____D C:\Windows\pss
2019-10-10 06:56 - 2019-10-10 19:15 - 000000000 ____D C:\Program Files\Common Files\logishrd
2019-10-10 06:44 - 2019-10-10 06:44 - 000036408 _____ (Sysinternals -
www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2019-10-10 06:43 - 2019-10-10 06:43 - 000000000 ____D C:\SysinternalsSuite
2019-10-10 06:38 - 2019-10-12 16:06 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\vlc
2019-10-10 06:38 - 2019-10-10 06:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-10-10 06:37 - 2019-10-10 06:37 - 000000000 ____D C:\Program Files\VideoLAN
2019-10-10 06:33 - 2019-10-12 16:57 - 000000000 ____D C:\Program Files\Core Temp
2019-10-10 06:33 - 2019-10-10 06:33 - 000002914 _____ C:\Windows\system32\Tasks\Core Temp Autostart homeuser
2019-10-10 06:33 - 2019-10-10 06:33 - 000000989 _____ C:\Users\homeuser\Desktop\Core Temp.lnk
2019-10-10 06:33 - 2019-10-10 06:33 - 000000067 _____ C:\Users\homeuser\Desktop\Core Temp Gadget & Addons.url
2019-10-10 06:33 - 2019-10-10 06:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2019-10-10 06:30 - 2019-10-10 06:30 - 000000000 ____D C:\Users\homeuser\AppData\Local\Apps\2.0
2019-10-10 05:50 - 2019-10-12 14:49 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Wise Disk Cleaner
2019-10-10 05:50 - 2019-10-10 05:50 - 000001277 _____ C:\Users\Public\Desktop\Wise Disk Cleaner.lnk
2019-10-10 05:50 - 2019-10-10 05:50 - 000001277 _____ C:\ProgramData\Desktop\Wise Disk Cleaner.lnk
2019-10-10 05:50 - 2019-10-10 05:50 - 000000000 ____D C:\Windows\system32\Tasks\WiseCleaner
2019-10-10 05:50 - 2019-10-10 05:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2019-10-10 05:50 - 2019-10-10 05:50 - 000000000 ____D C:\Program Files (x86)\Wise
2019-10-10 05:46 - 2019-10-10 05:46 - 000000000 ____D C:\AdwCleaner
2019-10-10 05:39 - 2019-10-10 05:44 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-10-10 05:39 - 2019-10-10 05:39 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-10 05:39 - 2019-10-10 05:39 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-10 05:39 - 2019-10-10 05:39 - 000000000 ____D C:\Users\homeuser\AppData\Local\mbamtray
2019-10-10 05:39 - 2019-10-10 05:39 - 000000000 ____D C:\Users\homeuser\AppData\Local\mbam
2019-10-10 05:39 - 2019-10-10 05:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-10 05:39 - 2019-10-10 05:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-10 05:39 - 2019-10-10 05:39 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-10 05:39 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-10-10 04:18 - 2019-10-12 15:05 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Discord
2019-10-10 04:18 - 2019-10-10 15:20 - 000000000 ____D C:\Users\homeuser\AppData\Local\SquirrelTemp
2019-10-10 04:18 - 2019-10-10 04:18 - 000002248 _____ C:\Users\homeuser\Desktop\Discord.lnk
2019-10-10 04:18 - 2019-10-10 04:18 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-10-10 04:18 - 2019-10-10 04:18 - 000000000 ____D C:\Users\homeuser\AppData\Local\Discord
2019-10-10 04:18 - 2019-10-10 04:18 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2019-10-10 03:28 - 2019-10-10 03:59 - 000000000 ____D C:\Users\homeuser\AppData\Roaming\Acronis
2019-10-10 03:27 - 2019-10-10 14:50 - 000000000 ____D C:\ProgramData\Acronis
2019-10-10 03:27 - 2019-10-10 04:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2019-10-10 03:27 - 2019-10-10 04:10 - 000000000 ____D C:\Program Files (x86)\Acronis
2019-10-10 03:27 - 2019-10-10 03:27 - 000883256 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000693768 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tnd.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000687768 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_protector.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000390592 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000371144 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000330176 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\virtual_file.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000243472 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\volume_tracker.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000182832 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000171968 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2019-10-10 03:27 - 2019-10-10 03:27 - 000001286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-10-10 03:27 - 2019-10-10 03:27 - 000001274 _____ C:\Users\Public\Desktop\Acronis True Image.lnk
2019-10-10 03:27 - 2019-10-10 03:27 - 000001274 _____ C:\ProgramData\Desktop\Acronis True Image.lnk
2019-10-10 03:27 - 2019-10-10 03:27 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2019-10-10 03:10 - 2019-10-12 16:57 - 000000208 _____ C:\Windows\SysWOW64\AbBakConfig.dat
2019-10-10 03:10 - 2019-10-12 16:57 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat
2019-10-10 03:10 - 2019-10-10 23:20 - 000001024 ____H C:\SYSTAG.BIN
2019-10-10 03:10 - 2019-10-10 03:10 - 000000000 ____D C:\ProgramData\Aomei
2019-10-10 03:09 - 2019-10-12 16:57 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2019-10-10 03:09 - 2019-10-10 03:10 - 000001130 _____ C:\Users\Public\Desktop\AOMEI Backupper.lnk
2019-10-10 03:09 - 2019-10-10 03:10 - 000001130 _____ C:\ProgramData\Desktop\AOMEI Backupper.lnk
2019-10-10 03:09 - 2019-10-10 03:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2019-10-10 03:09 - 2017-09-01 18:12 - 000038320 _____ C:\Windows\system32\amwrtdrv.sys
2019-10-10 03:09 - 2016-12-21 22:54 - 000051120 _____ C:\Windows\system32\ambakdrv.sys
2019-10-10 03:09 - 2016-12-21 22:52 - 000171952 _____ C:\Windows\system32\ammntdrv.sys
2019-10-10 03:08 - 2019-10-10 14:55 - 000000000 ____D C:\ProgramData\AomeiBR
2019-09-16 18:54 - 2019-09-16 18:54 - 000099648 _____ (VMware, Inc.) C:\Windows\system32\vmnetbridge.dll
2019-09-16 18:54 - 2019-09-16 18:54 - 000066368 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetbridge.sys
2019-09-16 18:54 - 2019-09-16 18:54 - 000045880 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetadapter.sys
2019-09-16 18:54 - 2019-09-16 18:54 - 000045880 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnet.sys
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-12 17:03 - 2019-03-19 07:50 - 000000000 ____D C:\Windows\INF
2019-10-12 16:57 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-12 16:40 - 2019-03-19 07:37 - 000524288 _____ C:\Windows\system32\config\BBI
2019-10-12 15:45 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\AppReadiness
2019-10-11 23:54 - 2019-03-19 07:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-11 23:33 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\CbsTemp
2019-10-11 14:30 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\appcompat
2019-10-10 22:21 - 2019-03-19 07:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-10-10 20:39 - 2019-03-19 07:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-10-10 16:35 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-10 16:35 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-10 12:10 - 2019-03-19 07:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-10 11:59 - 2019-03-19 09:23 - 000000000 ___SD C:\Windows\system32\AppV
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ___RD C:\Windows\PrintDialog
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SystemResources
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\WinMetadata
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\oobe
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\migwiz
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\Dism
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-10-10 11:59 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\bcastdvr
2019-10-10 11:55 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\servicing
2019-10-10 11:44 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\Help
2019-10-10 10:27 - 2019-03-19 09:22 - 000000000 ____D C:\Windows\OCR
2019-10-10 10:08 - 2019-03-19 07:49 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-10-10 09:46 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-10-10 09:45 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\ServiceState
2019-10-10 09:34 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-10-10 09:30 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\spool
2019-10-10 09:30 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-10-10 09:10 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\LiveKernelReports
2019-10-10 05:54 - 2019-03-19 07:52 - 000000000 ___SD C:\Windows\Downloaded Program Files
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019
Ran by homeuser (12-10-2019 17:15:14)
Running from C:\Users\homeuser\Desktop\FRST
Windows 10 Pro Version 1903 18362.418 (X64) (2019-10-10 06:28:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3024691867-316160702-395545048-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3024691867-316160702-395545048-503 - Limited - Disabled)
Guest (S-1-5-21-3024691867-316160702-395545048-501 - Limited - Disabled)
homeuser (S-1-5-21-3024691867-316160702-395545048-1001 - Administrator - Enabled) => C:\Users\homeuser
WDAGUtilityAccount (S-1-5-21-3024691867-316160702-395545048-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\uTorrent) (Version: 3.5.5.45365 - BitTorrent Inc.)
µTorrent 3.5.5 (HKLM-x32\...\µTorrent 3.5.5 Build 45365) (Version: - )
7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Acronis True Image (HKLM-x32\...\{862C72C1-E306-424D-A030-B8DB22A1AC8A}) (Version: 24.4.21400 - Acronis)
Acronis Universal Restore Bootable Media Builder (HKLM-x32\...\{D8DCEF7C-9698-46FF-A1CB-89FAB7712E9E}) (Version: 11.7.40250 - Acronis)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
AOMEI Backupper Professional Trial (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Bigfoot Networks Killer Network Manager (HKLM\...\{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks) Hidden
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 19.09.0012 - Bloody)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.2.1004 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boson NetSim 11 (HKLM-x32\...\{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC) Hidden
Boson NetSim 11 (HKLM-x32\...\InstallShield_{FFC473CA-A239-47D5-8B57-40055095196F}) (Version: 11.7.0000 - Boson Software, LLC)
Cisco Packet Tracer 7.2.1 64Bit (HKLM\...\Cisco Packet Tracer 7.2.1 64Bit_is1) (Version: - Cisco Systems, Inc.)
Clipdiary 5.3 (HKLM-x32\...\Clipdiary) (Version: 5.3 - Tiushkov Nikolay)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
Discord (HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
FxSound Enhancer (HKLM-x32\...\FxSound Enhancer) (Version: 13.027 - FxSound)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Hard Disk Sentinel Pro (HKLM-x32\...\Hard Disk Sentinel Pro) (Version: 5.50.10482 - )
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
Hotspot Shield 8.4.6 (HKLM-x32\...\HotspotShield) (Version: 8.4.6 - AnchorFree Inc.) Hidden
Hotspot Shield 8.7.0 (HKLM-x32\...\{58481a68-e716-4546-a844-70b3c6f1516e}) (Version: 8.7.0.11379 - AnchorFree Inc.)
Hotspot Shield 8.7.0 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925D197AF96}) (Version: 8.7.0.11379 - AnchorFree Inc.) Hidden
HyperSnap 8.16.16 (HKLM\...\HyperSnap_is1) (Version: 8.16.16 - Hyperionics Technology, LLC)
Jeppesen CDA Service (HKLM-x32\...\{B9C9E547-9F27-4C4B-8E9C-58400B35CFE1}) (Version: 4.0.0.123 - Jeppesen)
Jeppesen Format Print Driver (HKLM-x32\...\{986090B3-C3B8-4DD4-8BB1-6561F74915FF}) (Version: 1.1.0.8 - Jeppesen)
Jeppesen Program and Data Installation (HKLM-x32\...\{4173F0BF-2363-4DC3-92A9-446B69DBB134}) (Version: 1.0.0.0 - Jeppesen)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.20.27508 (HKLM-x32\...\{8c3f057e-d6a6-4338-ac6a-f1c795a6577b}) (Version: 14.20.27508.1 - Microsoft Corporation)
Mozilla Firefox 69.0.3 (x64 ru) (HKLM\...\Mozilla Firefox 69.0.3 (x64 ru)) (Version: 69.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.2 - Mozilla)
novaPDF for SDK v7 (novaPDF 7.7 printer) (HKLM\...\novaPDF for SDK v7_is1) (Version: 7.7.3987 - Softland)
NVIDIA Graphics Driver 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Process Lasso Pro (HKLM-x32\...\Process Lasso Pro) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Reg Organizer 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - lrepacks.ru)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
Viber (HKLM-x32\...\{1ACD6C5F-7CFF-49C9-B1EE-3DF0C20B179E}) (Version: 11.6.0.51 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\{6b955245-7912-40bc-915d-8c6e3fe859e4}) (Version: 11.6.0.51 - Viber Media S.a.r.l)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VMware Workstation (HKLM\...\{95339CED-ADD1-48FA-94DF-72E64B7893D6}) (Version: 15.5.0 - VMware, Inc.)
WhatsApp (HKU\S-1-5-21-3024691867-316160702-395545048-1001\...\WhatsApp) (Version: 0.3.4941 - WhatsApp)
WinTools.net Premium (HKLM-x32\...\WinTools.net Premium) (Version: - WinTools Software Engineering, Ltd.)
Wise Disk Cleaner 10.2.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.2.5 - WiseCleaner.com, Inc.)
Packages:
=========
Avira Phantom VPN -> C:\Program Files\WindowsApps\Avira.AviraPhantomVPN_1.15.89.0_x64__h4a2wkdf3s2xr [2019-10-10] (Avira)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.22.7.0_x86__kgqvnymyfvs32 [2019-10-10] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.25.5.0_x86__kgqvnymyfvs32 [2019-10-10] (king.com)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation) [MS Ad]
Norton Safe Web -> C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.10.0.0_neutral__v68kp9n051hdp [2019-10-10] (Symantec Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-10] (Spotify AB)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_4_21400.dll [2019-09-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_4_21400.dll [2019-09-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_4_21400.dll [2019-09-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_4_21400.dll [2019-09-23] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-09-16] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-09-16] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-09-06] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0927.0012\amd64\FileSyncShell64.dll [2019-10-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
==================== Codecs (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [475672 2007-10-12] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2007-10-12] (Logitech Inc -> Logitech Inc.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\homeuser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-10-10 23:04 - 2017-04-17 10:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAClient.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000154112 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\cdacommon.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000075776 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAConfig.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000544256 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDACrypt.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000079872 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\CDAMsg.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DataMgr.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000238080 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\DownloadMgr.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\jcommon.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000272896 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\tcutil.dll
2019-10-10 16:06 - 2016-04-01 08:30 - 000124416 _____ () [File not signed] C:\Program Files (x86)\Jeppesen\CDA\UpdateMgr.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000217600 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000404992 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modApplications.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000036864 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFeatures.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000025088 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFraps.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000241152 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modGraph.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000062464 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modlcd.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000289280 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNetwork.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000184832 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNpu.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000210944 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOptions.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000055808 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOverview.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000329216 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll
2011-05-09 20:46 - 2011-05-09 20:46 - 002760192 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 20:56 - 2011-05-09 20:56 - 009856000 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 20:48 - 2011-05-09 20:48 - 000990720 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2011-05-09 20:47 - 2011-05-09 20:47 - 000416256 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2011-05-10 12:32 - 2011-05-10 12:32 - 000731648 _____ () [File not signed] C:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2019-10-10 10:13 - 2019-07-17 13:09 - 000097280 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\autorun.wdx
2019-10-10 10:13 - 2019-01-11 11:14 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\Autorun_Sysinfo.dll
2019-10-10 10:13 - 2016-02-01 01:03 - 000009216 _____ () [File not signed] C:\TCPU71\Plugins\wdx\autorun\Plugins\TCFS2Tools.dll
2019-10-10 10:13 - 2013-10-17 01:06 - 000047616 _____ () [File not signed] C:\TCPU71\Plugins\wdx\EncInfo\EncInfo.wdx
2019-09-24 17:23 - 2019-09-24 17:23 - 024393024 _____ (Acronis International GmbH -> ) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2019-10-10 03:09 - 2015-05-21 14:32 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\AOMEI Backupper\vcomp.dll
2013-10-09 15:39 - 2013-10-09 15:39 - 000189952 _____ (Bigfoot Networks, Inc.) [File not signed] C:\Windows\system32\BfLLR.dll
2019-10-10 11:17 - 2019-02-21 19:00 - 000050688 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\7-Zip\7-zip.dll
2017-09-03 10:38 - 2017-09-03 10:38 - 000019456 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hard Disk Sentinel Pro\winspool.drv
2019-10-10 16:06 - 2016-04-01 08:30 - 001115648 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Jeppesen\CDA\libcurl.dll
2019-09-23 08:44 - 2019-09-23 08:44 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2019-09-23 08:44 - 2019-09-23 08:44 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2019-09-23 08:44 - 2019-09-23 08:44 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2017-09-14 09:37 - 2017-09-14 09:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qgif.dll
2017-09-14 09:42 - 2017-09-14 09:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qicns.dll
2017-09-14 09:37 - 2017-09-14 09:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qico.dll
2017-09-14 09:37 - 2017-09-14 09:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll
2017-09-14 09:42 - 2017-09-14 09:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qsvg.dll
2017-09-14 09:42 - 2017-09-14 09:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtga.dll
2017-09-14 09:42 - 2017-09-14 09:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtiff.dll
2017-09-14 09:42 - 2017-09-14 09:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll
2017-09-14 09:42 - 2017-09-14 09:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwebp.dll
2017-09-14 09:37 - 2017-09-14 09:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\platforms\qwindows.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 07:49 - 2019-10-12 17:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3024691867-316160702-395545048-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\homeuser\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{629C5A6C-2A5B-4A52-BB1F-199B70DF0C9A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E2B68495-0037-40E3-B2AF-9484AFDE6130}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{23FBD9CE-AF7B-46E9-A69E-76BD3D5ACC2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA2AFA91-AE67-4D27-8ED8-79E742BAEBC4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1280639B-879D-4BC9-8FB7-61B5891485E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7210E0A6-C3A3-471B-8EAC-354A916A474C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F30CCF39-8882-480F-922F-5D3ACE80A7C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8A68741-FC74-4F9A-810E-570C90872C67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39E2673F-D4AE-4831-BD21-1D0E8F058668}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B7419F76-D5A7-444C-B718-7A03E6143BCF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4F44E9D8-08C3-462A-BC5B-6EB3DAC2CCF7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84CCF5A6-5344-4F04-8BDD-A95C0EBDC0BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3E3A569-5EEE-4D4E-B0AD-129216A16AFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{293C89BE-E43A-4753-BCE7-3C3114155802}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5B38AB3E-2CBE-4751-BA94-BA2CFEAC8F55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E954386-070C-4D2A-9EB1-6D47C3097C3F}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{4A2BC2ED-365C-4731-A4E7-9F978C61F249}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{2FF96B22-DF96-488A-8231-B75A12899BB6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{3C79DBD5-9034-4876-9211-0889AC0DB166}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{149A8DCA-AC7F-43AA-80C5-9E79B91EAE35}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{2201CD25-6760-46B1-8640-A3C2A59740D0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{E12AB4C0-1AB8-4315-8B03-11CE56B805E9}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{F9FCC330-3EB0-4C60-9ED7-797C536FED0C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{71B22CF3-3984-4361-A50A-347F9307CA9A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{09FD86FA-610E-4AA5-8EE0-8EF6C1870A98}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{57477F2F-F84C-4716-A3B1-0E2B987F25CA}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{A826BF27-199A-43D4-9565-F78B87B0511C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{6C16D8E8-D25E-449C-A13C-1D24727A35CE}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{F87CBDC5-6E38-45D6-AB85-EF9411E30323}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{2EF41B4F-C268-400E-9F06-7F32AFFF1FD5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{B9504A0D-DF5F-4B3D-A329-283C2734C00E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{EC94B174-E665-4E7E-8E4D-191C599E4DB5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{C6B2DB6F-0383-44D1-AF28-0717908869AD}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{6E72D62D-18E7-4D4F-AEA5-C4B7ADC3E1D5}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe (Acronis International GmbH -> )
FirewallRules: [{9EBC34F3-F874-4C97-AC3A-D8246FBAD63D}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{BCDC2602-AB2E-4DD8-A80F-86CA81BCCA18}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{E1D9767C-F51F-4D74-A522-B9F655D2E681}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\PxeUi.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [TCP Query User{7EDECD1A-AF4D-4721-A283-6DDC4A8225DC}C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe] => (Allow) C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe (Jeppesen Sanderson, Inc -> Jeppesen-Sanderson)
FirewallRules: [UDP Query User{83D5C78E-08A5-4EFB-851E-A0FBA007691E}C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe] => (Allow) C:\program files (x86)\jeppesen\jeppview for windows\jeppview.exe (Jeppesen Sanderson, Inc -> Jeppesen-Sanderson)
FirewallRules: [{6301C9A4-C4AD-435D-9C5B-9CE8279845A6}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{8785B935-56E1-491D-855F-E7640BB0A7D0}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{FDE54A32-E72B-4B90-B930-89A8853CD20E}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{FA36331F-3B54-49B3-8708-1D0C2A3DAACC}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{55A238E8-B308-4FB7-A6CB-0DF289DCCF38}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{D2F9ABD6-60FC-4CF1-841C-52AFFA2F9C03}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{6167B026-08F1-4E77-B739-20A5EF80B200}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{B4195FA0-CE70-4EAF-B18E-72ED1E1B2BD0}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EB7BC6F7-E51F-48C0-811A-4740F1213413}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{550CD862-B8B8-430E-8040-2E2FE6549310}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{17F34F6C-4AC6-41FC-8819-E16182C90ECB}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{94829DD3-1E24-4401-86A2-E4E040082A12}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{2254F46B-6D0A-4ECE-AFFA-4D63A689D3D3}] => (Allow) C:\Users\homeuser\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{8284B549-BAA9-4569-97C3-7396A4BED134}F:\difsoft\sdi_rus\sdi_x64_r1909.exe] => (Allow) F:\difsoft\sdi_rus\sdi_x64_r1909.exe (
www.SamLab.ws) [File not signed]
FirewallRules: [UDP Query User{DFEC0AC0-904B-4EE5-833D-A1BD057DF93D}F:\difsoft\sdi_rus\sdi_x64_r1909.exe] => (Allow) F:\difsoft\sdi_rus\sdi_x64_r1909.exe (
www.SamLab.ws) [File not signed]
FirewallRules: [TCP Query User{CB9BA30C-68C1-4FBC-8BDC-18E45E8148E2}C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
FirewallRules: [UDP Query User{5087C5FD-A8B6-4582-ACF6-801172DE63D3}C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.2.1\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> Cisco Systems, Inc)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/12/2019 05:12:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 9.2.2.1, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 10.0.18362.418, time stamp: 0x2b181c2c
Exception code: 0xc06d007e
Fault offset: 0x00113572
Faulting process id: 0x34d0
Faulting application start time: 0x01d581051a71b039
Faulting application path: C:\TCPU71\TOTALCMD.EXE
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 51f64344-2288-4261-98a0-073bbb57030a
Faulting package full name:
Faulting package-relative application ID:
Error: (10/12/2019 05:09:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 9.2.2.1, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 10.0.18362.418, time stamp: 0x2b181c2c
Exception code: 0xc06d007e
Fault offset: 0x00113572
Faulting process id: 0x34d0
Faulting application start time: 0x01d581051a71b039
Faulting application path: C:\TCPU71\TOTALCMD.EXE
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: fffa7c6e-0715-4948-b780-0b85c4f1fede
Faulting package full name:
Faulting package-relative application ID:
Error: (10/12/2019 05:09:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 9.2.2.1, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 10.0.18362.418, time stamp: 0x2b181c2c
Exception code: 0xc06d007e
Fault offset: 0x00113572
Faulting process id: 0x34d0
Faulting application start time: 0x01d581051a71b039
Faulting application path: C:\TCPU71\TOTALCMD.EXE
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 6ed71b2a-9d8f-45e8-bb46-c90b42abb51c
Faulting package full name:
Faulting package-relative application ID:
Error: (10/12/2019 05:09:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 9.2.2.1, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 10.0.18362.418, time stamp: 0x2b181c2c
Exception code: 0xc06d007e
Fault offset: 0x00113572
Faulting process id: 0x34d0
Faulting application start time: 0x01d581051a71b039
Faulting application path: C:\TCPU71\TOTALCMD.EXE
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: e5546925-3587-4d71-87a4-aef4d5ddc172
Faulting package full name:
Faulting package-relative application ID:
Error: (10/12/2019 05:02:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 9.2.2.1, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 10.0.18362.418, time stamp: 0x2b181c2c
Exception code: 0xc06d007e
Fault offset: 0x00113572
Faulting process id: 0x34d0
Faulting application start time: 0x01d581051a71b039
Faulting application path: C:\TCPU71\TOTALCMD.EXE
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 4c130dfe-601c-4892-a73f-e240e252bc8d
Faulting package full name:
Faulting package-relative application ID:
Error: (10/12/2019 03:28:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (10/12/2019 03:28:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (10/12/2019 03:07:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
System errors:
=============
Error: (10/12/2019 04:39:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Error: (10/12/2019 04:39:53 PM) (Source: DCOM) (EventID: 10010) (User: SIMPC)
Description: The server {1EF75F33-893B-4E8F-9655-C3D602BA4897} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2019-10-12 16:27:21.248
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7B452A22-C9D2-4377-A41B-B8C869F47880}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-12 15:46:33.165
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1C3DA568-8055-4B71-B8C9-E83AA14046B1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-12 14:44:44.592
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B69D6E48-F670-4B1B-8DD7-6E70EE823EE7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-12 14:34:25.552
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B820B248-0F05-4944-8287-EA7ABEB89D76}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-12 14:29:13.388
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {093BB496-8F58-4E5A-BAD5-908E5DD3FA9E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-10 11:49:26.387
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1322.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2019-10-10 11:32:30.105
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2019-10-10 11:25:05.793
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2019-10-12 17:15:13.010
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:15:13.009
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:15:12.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:15:12.328
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:12:08.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:12:08.184
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:12:07.187
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-12 17:12:07.186
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F4d 12/12/2011
Motherboard: Gigabyte Technology Co., Ltd. G1.Guerrilla
Processor: Intel(R) Core(TM) i7 CPU 980 @ 3.33GHz
Percentage of memory in use: 48%
Total physical RAM: 12286.42 MB
Available physical RAM: 6290.11 MB
Total Virtual: 24574.42 MB
Available Virtual: 17325.26 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.88 GB) (Free:50.1 GB) NTFS
Drive d: (simdisk) (Fixed) (Total:119.24 GB) (Free:6.63 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (FILMS) (Fixed) (Total:931.51 GB) (Free:99.76 GB) NTFS
Drive f: (backup) (Fixed) (Total:931.51 GB) (Free:27.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (storage2) (Fixed) (Total:465.75 GB) (Free:46.97 GB) NTFS
Drive h: (2k10 Live 7.24) (CDROM) (Total:3.85 GB) (Free:0 GB) CDFS
Drive i: () (Fixed) (Total:55.89 GB) (Free:0.68 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{c2d32257-0000-0000-0000-80b81b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
\\?\Volume{c2d32257-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FB81C632)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F477C05A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 55.9 GB) (Disk ID: 465FB6DD)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: C2D32257)
Partition 1: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: FB81C633)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================