bit fishy can't run ASWMBR

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Loosie
    PCHF Member
    • Feb 2017
    • 97

    #1

    bit fishy can't run ASWMBR

    Hello, thought I’d better run some checks as hadn’t done so in a while & some programs are corrupted - need to reinstall or repair to get them to work.

    Installed FRST & aswmbr. Did FRST scan, attached results below. But aswmbr opens & says 'do you want to download Avast database. Clicked yes, took a fair few minutes. Then pressed scan. It runs for a minute or 2, then ‘computer ran into an issue & needs to shut down’. Something about windows ‘stopcode’?? Tried twice, once with no other programs open, same result.

    FRST results;

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2019
    Ran by Anya (administrator) on DESKTOP-EIUB3MN (Dell Inc. Latitude E6330) (02-09-2019 09:49:40)
    Running from C:\Users\Anya\Desktop
    Loaded Profiles: Anya (Available Profiles: USER & Anya & Administrator)
    Platform: Windows 10 Pro Version 1903 18362.295 (X64) Language: English (United States)
    Default browser: FF
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. → Alps Electric Co., Ltd.)
    HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    HKLM-x32...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-08-01] () [File not signed]
    HKLM-x32...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. → iSkySoft)
    HKU\S-1-5-21-440688634-2831198262-268214595-1002...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc) [File not signed]
    HKU\S-1-5-21-440688634-2831198262-268214595-1002...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [2222032 2019-08-09] (TEFINCOM S.A. → NordVPN)
    HKU\S-1-5-21-440688634-2831198262-268214595-1002...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_114_Plugin.exe [1456128 2019-01-29] (Adobe Systems Incorporated → Adobe Systems Incorporated)
    Startup: C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\PDFFiller.lnk [2018-11-22]
    ShortcutTarget: PDFFiller.lnk → C:\Program Files (x86)\PDFfiller extension\Pdffiller.exe (PDFfiller) [File not signed]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {7B4DDA8C-16DD-4451-B0A5-D692899D8730} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_114_Plugin.exe [1456128 2019-01-29] (Adobe Systems Incorporated → Adobe Systems Incorporated)
    Task: {897888F7-7DE6-48CE-98DB-3D7D044C517C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335872 2019-01-29] (Adobe Systems Incorporated → Adobe Systems Incorporated)
    Task: {A0E987E6-2825-4840-9C2B-5B142EC8ABAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. → Adobe Systems)
    Task: {B25CBF57-3A45-4F7E-9861-D98003D1D2BF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    Task: {E30BFBD1-C11D-4ABE-8167-1D42824EB7C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc → Google Inc.)
    Task: {E4A2B3CE-ABD9-472B-B18E-D19ADBE53BF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc → Google Inc.)
    Task: {FB42282D-A968-48F0-9F82-F717BA4D1DD4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-20] (AVAST Software s.r.o. → AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
    Tcpip..\Interfaces{393a64f1-cb08-462f-b625-7c2a17d0df94}: [NameServer] 103.86.96.100,103.86.99.100
    Tcpip..\Interfaces{393a64f1-cb08-462f-b625-7c2a17d0df94}: [DhcpNameServer] 10.0.0.138
    Tcpip..\Interfaces{8104e65c-0d4f-4c24-959d-06143ea93afb}: [NameServer] 103.86.96.100,103.86.99.100
    Tcpip..\Interfaces{dc70ac19-0f02-4e50-bb58-f77cb838f442}: [NameServer] 103.86.96.100,103.86.99.100
    Tcpip..\Interfaces{dc70ac19-0f02-4e50-bb58-f77cb838f442}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
    [HEADING=1]Internet Explorer:[/HEADING]
    [HEADING=1]FireFox:[/HEADING]
    FF DefaultProfile: rfw48twt.default-1562140894913
    FF ProfilePath: C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913 [2019-09-02]
    FF Homepage: Mozilla\Firefox\Profiles\rfw48twt.default-1562140894913 → hxxps://mail.yahoo.com/d/folders/1?guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&g uce_referrer_sig=AQAAADKwk9my4tFaRXZfbWfqOykP0nh9t ogxt9nsxoa1BfIX4azGnbq7wWlW7pZFAsOgOLlh-Sy35H5LhTWVD1ao0FgkaqrZem987unSBK3HE_j9bnEU38mVdm2 jrj_9w5hTv9m5uKXnhSTmGr5kSlAnxmGekndJHawwUA8DapHgd i_k|hxxps://jorte.net/schedule/scheduleCalendar/
    FF Session Restore: Mozilla\Firefox\Profiles\rfw48twt.default-1562140894913 → is enabled.
    FF Extension: (SaveFrom.net helper) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionshelper@savefrom.net.xpi [2019-08-21]
    FF Extension: (Pushbullet) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionsjid1-BYcQOfYfmBMd9A@jetpack.xpi [2019-08-21]
    FF Extension: (Avast Online Security) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionswrc@avast.com.xpi [2019-07-26]
    FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-23]
    FF HKLM-x32...\Firefox\Extensions: [helper-sig@savefrom.net] - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\vptylgcr.default\extensions\stagedhelper-sig@savefrom.net.xpi => not found
    FF HKU\S-1-5-21-440688634-2831198262-268214595-1002...\Firefox\Extensions: [helper-sig@savefrom.net] - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\vptylgcr.default\extensions\stagedhelper-sig@savefrom.net.xpi => not found
    FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_ 114.dll [2019-01-29] (Adobe Systems Incorporated → )
    FF Plugin: @videolan.org/vlc,version=3.0.4 → C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN → VideoLAN)
    FF Plugin-x32: @adobe.com/FlashPlayer → C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_ 114.dll [2019-01-29] (Adobe Systems Incorporated → )
    FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc → Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc → Google LLC)
    FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-01] (Adobe Inc. → Adobe Systems Inc.)
    [HEADING=1]Chrome:[/HEADING]
    CHR HKLM-x32...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. → Alps Electric Co., Ltd.)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [218576 2019-08-09] (TEFINCOM S.A. → )
    R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2019-02-08] (Samsung Electronics CO., LTD. → )
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5775208 2019-08-26] (Microsoft Windows Publisher → Microsoft Corporation)
    R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD → DEVGURU Co., LTD.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation → Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation → Microsoft Corporation)
    R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd → Wondershare)
    R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\D riverInstall.exe [120016 2018-12-29] (Wondershare Technology Co.,Ltd → Wondershare)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 → Apple Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 → Apple Inc.)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher → AVAST Software)
    R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168896 2019-08-01] (AVAST Software s.r.o. → AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-08-01] (AVAST Software s.r.o. → AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387688 2019-08-06] (AVAST Software s.r.o. → AVAST Software)
    R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc → OSR Open Systems Resources, Inc.)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.(www.devguru.co.kr))
    R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [488736 2015-08-03] (Intel(R) Intel Network Drivers → Intel Corporation)
    R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows → Intel Corporation)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.(www.devguru.co.kr))
    R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. → ST Microelectronics)
    R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. → STMicroelectronics)
    R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. → The OpenVPN Project)
    S3 VSScanner; C:\WINDOWS\System32\DRIVERS\vsscanner.sys [29808 2016-08-18] (Microsoft Windows Hardware Compatibility Publisher → VoodooSoft, LLC)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows → Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows → Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-09-02 09:49 - 2019-09-02 09:51 - 000013835 _____ C:\Users\Anya\Desktop\FRST.txt
    2019-09-02 09:46 - 2019-09-02 09:49 - 000000000 ____D C:\FRST
    2019-09-02 09:40 - 2019-09-02 09:40 - 005200384 _____ (AVAST Software) C:\Users\Anya\Desktop\aswmbr.exe
    2019-09-02 09:39 - 2019-09-02 09:39 - 001615360 _____ (Farbar) C:\Users\Anya\Desktop\FRST64.exe
    2019-09-02 08:16 - 2019-09-02 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
    2019-09-02 08:16 - 2019-09-02 08:16 - 000000000 ____D C:\Program Files\Microsoft Research
    2019-09-02 07:37 - 2019-09-02 07:38 - 012582912 _____ C:\Users\Anya\Downloads\20190901_125746_7375221513 3427(1).mp4.part
    2019-09-02 07:37 - 2019-09-02 07:37 - 000000000 _____ C:\Users\Anya\Downloads\20190901_125746_7375221513 3427(1).mp4
    2019-09-01 19:37 - 2019-09-01 19:41 - 011960760 _____ C:\Users\Anya\Downloads\20190901_125746_7375221513 3427.mp4.part
    2019-09-01 19:37 - 2019-09-01 19:37 - 000000000 _____ C:\Users\Anya\Downloads\20190901_125746_7375221513 3427.mp4
    2019-08-31 08:01 - 2019-08-31 08:01 - 000000000 ____D C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\TouchPad
    2019-08-29 19:05 - 2019-08-29 19:05 - 000405226 _____ C:\Users\Anya\Downloads\Horse_anatomy.svg
    2019-08-28 20:51 - 2019-08-28 20:51 - 008476676 _____ C:\Users\Anya\Downloads\beverly hills cop soundtrack.mp4
    2019-08-28 20:47 - 2019-08-28 20:48 - 011956440 _____ C:\Users\Anya\Downloads\automatic.mp4
    2019-08-28 20:39 - 2019-08-28 20:43 - 173858456 _____ C:\Users\Anya\Downloads\pointer sisters.mp4
    2019-08-28 15:20 - 2019-08-28 15:20 - 000005933 _____ C:\Users\Anya\AppData\Local\recently-used.xbel
    2019-08-28 15:11 - 2019-08-28 15:11 - 000000431 _____ C:\Users\Anya\Downloads\TransactionHistory(5).qif
    2019-08-28 15:11 - 2019-08-28 15:11 - 000000388 _____ C:\Users\Anya\Downloads\TransactionHistory(4).qif
    2019-08-28 15:11 - 2019-08-28 15:11 - 000000286 _____ C:\Users\Anya\Downloads\TransactionHistory(6).qif
    2019-08-28 15:09 - 2019-08-28 15:09 - 000004513 _____ C:\Users\Anya\Downloads\TransactionHistory(3).qif
    2019-08-27 17:37 - 2019-08-27 17:37 - 000003785 _____ C:\Users\Anya\Downloads\Easy Affiliate Table.pbp
    2019-08-27 17:34 - 2019-08-27 17:34 - 000001675 _____ C:\Users\Anya\Downloads\AutoEmbed Image Links.pbp
    2019-08-27 17:32 - 2019-08-27 17:32 - 000004101 _____ C:\Users\Anya\Downloads\Disable editing after a set time(1).pbp
    2019-08-27 17:26 - 2019-08-27 17:26 - 000004101 _____ C:\Users\Anya\Downloads\Disable editing after a set time.pbp
    2019-08-27 17:23 - 2019-08-27 17:23 - 000011526 _____ C:\Users\Anya\Downloads\Member Gallery.pbp
    2019-08-27 17:21 - 2019-08-27 17:21 - 000004515 _____ C:\Users\Anya\Downloads\Smiley Management.pbp
    2019-08-27 17:20 - 2019-08-27 17:20 - 000002289 _____ C:\Users\Anya\Downloads\Name Icon.pbp
    2019-08-27 17:15 - 2019-08-27 17:15 - 000014412 _____ C:\Users\Anya\Downloads\Recently Updated Threads Sidebar.pbp
    2019-08-27 17:13 - 2019-08-27 17:13 - 000004499 _____ C:\Users\Anya\Downloads\Member Thread Count.pbp
    2019-08-27 17:11 - 2019-08-27 17:11 - 000009566 _____ C:\Users\Anya\Downloads\Smilie Dropdown.pbp
    2019-08-27 11:51 - 2019-08-27 11:51 - 001635026 _____ C:\Users\Anya\Downloads\rhea_documentation.pdf
    2019-08-27 11:21 - 2019-08-27 11:21 - 000000000 ____D C:\Users\Anya\Downloads\phpBB-3.2.7
    2019-08-27 10:30 - 2019-08-27 10:30 - 000001982 _____ C:\Users\Public\Desktop\NordVPN.lnk
    2019-08-26 16:41 - 2019-08-25 23:16 - 000000000 ____D C:\Windows.old
    2019-08-26 16:27 - 2019-08-26 16:41 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2019-08-26 16:26 - 2019-08-26 16:27 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2019-08-26 16:26 - 2019-08-26 16:26 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2019-08-26 16:18 - 2019-08-26 16:18 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 008012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 007753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 007174656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 005916160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 005014016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 004481024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002956984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2019-08-26 16:18 - 2019-08-26 16:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2019-08-26 16:18 - 2019-08-26 16:18 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002358584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002235936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002216448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002175288 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002147840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.d ll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002132520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002072152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001788944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001611576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001510952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001493392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001383736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2019-08-26 16:18 - 2019-08-26 16:18 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 001181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001126400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.e xe
    2019-08-26 16:18 - 2019-08-26 16:18 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 001043768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2019-08-26 16:18 - 2019-08-26 16:18 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000816440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000800568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2019-08-26 16:18 - 2019-08-26 16:18 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomAct ions.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000744248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2019-08-26 16:18 - 2019-08-26 16:18 - 000743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013Custom Actions.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000741176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000737552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2019-08-26 16:18 - 2019-08-26 16:18 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2019-08-26 16:18 - 2019-08-26 16:18 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2019-08-26 16:18 - 2019-08-26 16:18 - 000666128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000633344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013Custom Actions.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2019-08-26 16:18 - 2019-08-26 16:18 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2019-08-26 16:18 - 2019-08-26 16:18 - 000420360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000394040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.d ll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dl l
    2019-08-26 16:18 - 2019-08-26 16:18 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000261016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000228664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2019-08-26 16:18 - 2019-08-26 16:18 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2019-08-26 16:18 - 2019-08-26 16:18 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000181560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
    2019-08-26 16:18 - 2019-08-26 16:18 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000172856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
    2019-08-26 16:18 - 2019-08-26 16:18 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
    2019-08-26 16:18 - 2019-08-26 16:18 - 000145936 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000137528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
    2019-08-26 16:18 - 2019-08-26 16:18 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000093104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
    2019-08-26 16:18 - 2019-08-26 16:18 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000058825 _____ C:\WINDOWS\system32\srms.dat
    2019-08-26 16:18 - 2019-08-26 16:18 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010Custom Actions.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000037688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010Custom Actions.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
    2019-08-26 16:18 - 2019-08-26 16:18 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
    2019-08-26 16:18 - 2019-08-26 16:18 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 009926672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 006518184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 006403072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 006071432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 005753944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 004562904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 003750912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 003372744 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002990096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 002771752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002764040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002698552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 002697728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001999648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001840968 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001815040 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001661544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001633864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001413328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001408000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utiliti es.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001301008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 001283384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-08-26 16:17 - 2019-08-26 16:17 - 001262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001259008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001213240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.Dis playEnhancementService.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001072144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 001056704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001020768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dl l
    2019-08-26 16:17 - 2019-08-26 16:17 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000913168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000889664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000888056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker. dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Web.Core.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000829776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000821904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls
    2019-08-26 16:17 - 2019-08-26 16:17 - 000811160 _____ C:\WINDOWS\system32\locale.nls
    2019-08-26 16:17 - 2019-08-26 16:17 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000796088 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedConte nt.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000752792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dl l
    2019-08-26 16:17 - 2019-08-26 16:17 - 000639608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000613392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000606112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000586760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000524216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000511008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2019-08-26 16:17 - 2019-08-26 16:17 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000466624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2019-08-26 16:17 - 2019-08-26 16:17 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000401416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webauthn.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000358944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000334728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000316432 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
    2019-08-26 16:17 - 2019-08-26 16:17 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000300176 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.d ll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationDat a.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store .TestingFramework.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000210400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider. dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000144376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000139472 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000132912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.Brigh tnessOverride.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000106536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameChatTranscription.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.Brigh tnessOverride.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000096032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000087048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzautoupdate.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.d ll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
    2019-08-26 16:17 - 2019-08-26 16:17 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000020728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnlsres.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
    2019-08-26 16:17 - 2019-08-26 16:17 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
    2019-08-26 16:17 - 2019-08-26 16:17 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-08-26 16:17 - 2019-08-26 16:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 017785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 007890256 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 007832896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 007277568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 007251808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 006226864 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 006059520 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 004552376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 004034048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dl l
    2019-08-26 16:16 - 2019-08-26 16:16 - 003947520 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003590672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003261440 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003141120 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003104768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 003084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002724352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002550792 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002449432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002448384 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002282496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002249216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002120488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002113536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 002032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001979392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001884200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001830416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001781248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-08-26 16:16 - 2019-08-26 16:16 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utiliti es.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001717776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001654520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 001423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001413904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001395600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-08-26 16:16 - 2019-08-26 16:16 - 001364480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001337872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001249920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Web.Core.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001084728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedConte nt.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001068856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2019-08-26 16:16 - 2019-08-26 16:16 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 001007120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000977688 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000940736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2019-08-26 16:16 - 2019-08-26 16:16 - 000876560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000810512 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000731448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense. dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.service provider.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000728576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000706760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows. dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000642208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000544576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2019-08-26 16:16 - 2019-08-26 16:16 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications .dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserServic e.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer .dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
    2019-08-26 16:16 - 2019-08-26 16:16 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Conve rsationalAgent.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000441360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000416008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.d ll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000390456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000343104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReducti on.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationDat a.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store .TestingFramework.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000283152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000283144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.d ll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAcc ess.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider. dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient. dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000214032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000202256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP .dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000182072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000180240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000162384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000157752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000088560 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000088488 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.d ll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000071720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentS tatusTracking.ConfigProvider.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt. ProxyStub.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000047200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000046632 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler. dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Comm on.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
    2019-08-26 16:16 - 2019-08-26 16:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
    2019-08-26 16:16 - 2019-08-26 16:16 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
    2019-08-26 16:16 - 2019-08-26 16:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
    2019-08-26 16:15 - 2019-08-26 16:15 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2019-08-26 16:15 - 2019-08-26 16:15 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000296976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000225320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000208400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000201232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000199688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2019-08-26 16:15 - 2019-08-26 16:15 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
    2019-08-26 16:15 - 2019-08-26 16:15 - 000023352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
    2019-08-26 16:15 - 2019-08-26 16:15 - 000019256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
    2019-08-26 16:01 - 2019-08-26 16:01 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2019-08-26 16:01 - 2019-08-26 16:01 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2019-08-26 16:01 - 2019-08-26 16:01 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNativ e_v0300.dll
    2019-08-26 16:01 - 2019-08-26 16:01 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNativ e_v0300.dll
    2019-08-26 16:01 - 2019-08-26 16:01 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2019-08-26 16:01 - 2019-08-26 16:01 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2019-08-26 16:01 - 2019-08-26 16:01 - 000000000 ____D C:\Program Files\Reference Assemblies
    2019-08-26 16:01 - 2019-08-26 16:01 - 000000000 ____D C:\Program Files\MSBuild
    2019-08-26 16:01 - 2019-08-26 16:01 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2019-08-26 16:01 - 2019-08-26 16:01 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2019-08-26 02:18 - 2019-08-26 02:18 - 000000000 _____ C:\WINDOWS\system32\last.dump
    2019-08-25 23:19 - 2019-08-25 23:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
    2019-08-25 23:16 - 2019-08-25 23:16 - 000000020 ___SH C:\Users\Anya\ntuser.ini
    2019-08-25 23:14 - 2019-09-01 20:24 - 000003748 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2019-08-25 23:14 - 2019-09-01 20:24 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2019-08-25 23:14 - 2019-09-01 20:24 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2019-08-25 23:14 - 2019-09-01 20:24 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A
    2019-08-25 23:14 - 2019-09-01 20:24 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore
    2019-08-25 23:14 - 2019-09-01 20:24 - 000002854 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440688634-2831198262-268214595-1002
    2019-08-25 23:14 - 2019-09-01 20:24 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440688634-2831198262-268214595-1001
    2019-08-25 23:14 - 2019-09-01 20:24 - 000002848 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440688634-2831198262-268214595-500
    2019-08-25 23:14 - 2019-09-01 20:24 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
    2019-08-25 23:14 - 2019-08-31 21:06 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
    2019-08-25 23:14 - 2019-08-31 08:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-08-25 23:14 - 2019-08-25 23:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
    2019-08-25 23:12 - 2019-08-25 23:14 - 000015243 _____ C:\WINDOWS\diagwrn.xml
    2019-08-25 23:12 - 2019-08-25 23:14 - 000015243 _____ C:\WINDOWS\diagerr.xml
    2019-08-25 23:04 - 2019-08-26 02:26 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-08-25 22:52 - 2019-08-25 23:16 - 000000000 ____D C:\Users\Anya
    2019-08-25 22:52 - 2019-08-25 23:04 - 000000000 ____D C:\Users\Administrator
    2019-08-25 22:52 - 2019-03-19 14:46 - 000001105 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
    2019-08-25 22:52 - 2019-03-19 14:46 - 000001105 _____ C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
    2019-08-25 22:52 - 2019-03-19 14:46 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\OneDrive.lnk
    2019-08-25 22:47 - 2019-08-26 16:15 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2019-08-25 22:47 - 2019-08-25 22:47 - 000000000 ____D C:\ProgramData\USOShared
    2019-08-25 22:42 - 2019-09-02 09:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-08-25 22:42 - 2019-08-25 22:56 - 000342912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-08-25 14:22 - 2019-08-25 14:22 - 000000000 ____H C:$WINRE_BACKUP_PARTITION.MARKER
    2019-08-24 08:31 - 2019-08-25 23:16 - 000000000 ___DC C:\WINDOWS\Panther
    2019-08-21 22:29 - 2019-08-27 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
    2019-08-21 22:29 - 2019-08-27 10:30 - 000000000 ____D C:\Program Files (x86)\NordVPN
    2019-08-21 08:50 - 2019-08-31 08:04 - 000000000 ____D C:\Users\Anya\AppData\Local\Pushbullet
    2019-08-21 08:48 - 2019-08-21 08:48 - 001737872 _____ (Pushbullet Inc ) C:\Users\Anya\Downloads\pushbullet_installer(1).ex e
    2019-08-21 07:59 - 2019-08-26 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pushbullet
    2019-08-21 07:59 - 2019-08-21 08:50 - 000000000 ____D C:\Program Files (x86)\Pushbullet
    2019-08-21 07:58 - 2019-08-21 07:58 - 001737872 _____ (Pushbullet Inc ) C:\Users\Anya\Downloads\pushbullet_installer.exe
    2019-08-20 18:52 - 2019-08-20 18:52 - 000604690 _____ C:\Users\Anya\Downloads\WellSolve-LS-Sell-Sheet-2015-(1).pdf
    2019-08-20 13:29 - 2019-08-20 13:29 - 000158918 _____ C:\Users\Anya\Downloads\cjas84-007.pdf
    2019-08-20 07:52 - 2019-08-20 07:52 - 000020872 _____ C:\Users\Anya\Downloads\s-l800.webp
    2019-08-18 14:47 - 2019-08-18 14:47 - 026332079 _____ C:\Users\Anya\Downloads\2019 senior school info.pptx
    2019-08-18 14:47 - 2019-08-18 14:47 - 003374021 _____ C:\Users\Anya\Downloads\2019 VCE VCAL VET Handbook.pdf
    2019-08-16 18:31 - 2019-08-16 18:31 - 005303669 _____ C:\Users\Anya\Downloads\Set It Off - Wolf In Sheep’s Clothing (feat. William Beckett) [Lyric’s].mp4
    2019-08-15 18:03 - 2019-08-21 23:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2019-08-15 17:53 - 2019-08-15 17:53 - 000006451 _____ C:\Users\Anya\Downloads\TransactionHistory(2).qif
    2019-08-15 17:53 - 2019-08-15 17:53 - 000006451 _____ C:\Users\Anya\Downloads\TransactionHistory(1).qif
    2019-08-15 17:26 - 2019-08-14 12:31 - 000024426 _____ C:\Users\Anya\Documents\Amazon%20links.doc_0.odt
    2019-08-14 20:01 - 2019-08-14 20:01 - 000001035 _____ C:\Users\Anya\Downloads\cane toad.htm
    2019-08-14 08:10 - 2019-08-14 08:10 - 013353798 _____ C:\Users\Anya\Downloads\Men At Work - Overkill (Official Video).mp4
    2019-08-14 08:08 - 2019-08-14 08:09 - 018915475 _____ C:\Users\Anya\Downloads\Men At Work - It’s a Mistake (Official Video)(1).mp4
    2019-08-14 08:08 - 2019-08-14 08:08 - 015254078 _____ C:\Users\Anya\Downloads\Be Good Johnny - Men At Work.mp4
    2019-08-14 08:05 - 2019-08-14 08:06 - 011664642 _____ C:\Users\Anya\Downloads\Men At Work - Who Can It Be Now (Official Video).mp4
    2019-08-14 08:05 - 2019-08-14 08:05 - 018915475 _____ C:\Users\Anya\Downloads\Men At Work - It’s a Mistake (Official Video).mp4
    2019-08-14 08:05 - 2019-08-14 08:05 - 012772221 _____ C:\Users\Anya\Downloads\Men At Work - Down Under (Official Video).mp4
    2019-08-12 21:03 - 2019-08-12 21:03 - 007888720 _____ C:\Users\Anya\Downloads\NL_12(1).pdf
    2019-08-09 17:22 - 2019-08-09 17:22 - 000210094 _____ C:\Users\Anya\Downloads\447296_AFC000007_ETHERSON_ LAMB LIVER SLICED 1KG(2).pdf
    2019-08-09 17:22 - 2019-08-09 17:22 - 000210094 _____ C:\Users\Anya\Downloads\447296_AFC000007_ETHERSON_ LAMB LIVER SLICED 1KG(1).pdf
    2019-08-09 17:21 - 2019-08-09 17:21 - 000210094 _____ C:\Users\Anya\Downloads\447296_AFC000007_ETHERSON_ LAMB LIVER SLICED 1KG.pdf
    2019-08-08 19:51 - 2019-08-08 13:22 - 000022741 _____ C:\Users\Anya\Documents\Amazon%20links.doc_1.odt
    2019-08-07 15:26 - 2019-08-07 15:26 - 001151544 _____ (Google LLC) C:\Users\Anya\Downloads\ChromeSetup.exe
    2019-08-07 14:06 - 2019-08-07 14:06 - 000000511 _____ C:\Users\Anya\Documents\book1.xhtml
    2019-08-07 14:03 - 2019-08-07 14:03 - 000000511 _____ C:\Users\Anya\Documents\book.html
    2019-08-07 14:02 - 2019-08-07 14:02 - 000003620 _____ C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\notepad.lnk
    2019-08-07 08:06 - 2019-08-07 08:06 - 007708437 _____ C:\Users\Anya\Downloads\Dr_Jean_Dodds_SeminarNotes _Thyroid_Disease.pdf
    2019-08-07 08:06 - 2019-08-07 08:06 - 000720133 _____ C:\Users\Anya\Downloads\Hepatotoxicosis in dogs consuming a diet of camel meat.pdf
    2019-08-07 08:05 - 2019-08-07 08:05 - 000053036 _____ C:\Users\Anya\Downloads\Balancing Raw Feeding - Raw Pet Food Calculator- UNLOCKED.xlsx
    2019-08-07 08:05 - 2019-08-07 08:05 - 000049694 _____ C:\Users\Anya\Downloads\Balancing Raw Feeding - Raw Pet Food Calculator.xlsx
    2019-08-07 08:05 - 2019-08-07 08:05 - 000016934 _____ C:\Users\Anya\Downloads\Raw food western suburbs ver2 .xlsx
    2019-08-07 08:05 - 2019-08-07 08:05 - 000009823 _____ C:\Users\Anya\Downloads\Food shop.xlsx
    2019-08-07 08:04 - 2019-08-07 08:04 - 000168468 _____ C:\Users\Anya\Downloads\Melbourne Suppliers.xlsx
    2019-08-06 19:52 - 2019-08-06 19:53 - 006068629 _____ C:\Users\Anya\Downloads\Nina Simone - I put a spell on you.mp4
    2019-08-06 19:51 - 2019-08-06 19:51 - 009915956 _____ C:\Users\Anya\Downloads\Gotye - Easy Way Out - official music video.mp4
    2019-08-06 19:47 - 2019-08-06 19:48 - 010966732 _____ C:\Users\Anya\Downloads\Gotye - Somebody That I Used To Know (feat. Kimbra) - official music video.mp4
    2019-08-06 19:46 - 2019-08-06 19:47 - 013785475 _____ C:\Users\Anya\Downloads\Cat Power performing In Your Face live on KCRW.mp4
    2019-08-06 19:42 - 2019-08-06 19:43 - 008382187 _____ C:\Users\Anya\Downloads\Cat Power - Ruin.mp4
    2019-08-06 19:40 - 2019-08-06 19:40 - 011488688 _____ C:\Users\Anya\Downloads\Cat Power - Woman (feat. Lana Del Rey) (Official Video).mp4
    2019-08-06 19:29 - 2019-08-06 19:30 - 018709050 _____ C:\Users\Anya\Downloads\Tinpan Orange - Like Snow.mp4
    2019-08-06 12:44 - 2019-08-06 12:44 - 000000762 _____ C:\Users\Anya\electricity.csv
    2019-08-06 10:33 - 2019-08-06 10:33 - 000001607 _____ C:\Users\Anya\Desktop\planting calendar - Shortcut.lnk
    2019-08-05 18:53 - 2019-08-05 18:54 - 007888720 _____ C:\Users\Anya\Downloads\NL_12.pdf
    2019-08-05 18:53 - 2019-08-05 18:53 - 002828122 _____ C:\Users\Anya\Downloads\Standard_5.pdf
    2019-08-04 09:57 - 2019-08-04 09:57 - 002671672 _____ C:\Users\Anya\Downloads\mchughcamps.pdf
    2019-08-04 09:56 - 2019-08-04 09:56 - 000054700 _____ C:\Users\Anya\Downloads\St Pats Kilmore.webp
    2019-08-03 16:26 - 2019-08-03 16:41 - 052619114 _____ C:\Users\Anya\Downloads\FL10244605.tif

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-09-02 09:48 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\computer
    2019-09-02 09:43 - 2019-07-27 19:48 - 000000000 ____D C:\Users\Anya\AppData\LocalLow\uTorrent
    2019-09-02 09:33 - 2019-03-19 14:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-09-02 08:28 - 2019-03-30 19:05 - 000000000 ____D C:\Users\Anya\AppData\Local\BitTorrentHelper
    2019-09-02 07:36 - 2019-03-19 14:50 - 000000000 ____D C:\WINDOWS\INF
    2019-09-02 00:01 - 2019-03-19 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-09-01 20:24 - 2018-12-09 14:41 - 000000000 ____D C:\Users\Anya\AppData\Roaming\vlc
    2019-09-01 17:31 - 2018-11-16 22:32 - 000000000 ____D C:\Users\Anya\AppData\LocalLow\Mozilla
    2019-08-31 22:20 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-08-31 22:14 - 2019-03-19 14:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-08-31 07:59 - 2019-03-19 14:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2019-08-30 14:51 - 2019-07-04 14:23 - 000000000 ____D C:\Users\Anya\Documents\House Health Family
    2019-08-30 14:51 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\Horses & animals
    2019-08-29 11:46 - 2018-11-10 13:12 - 000000000 ____D C:\Users\Anya\Documents\business 2019
    2019-08-29 10:37 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\finance
    2019-08-28 15:20 - 2019-05-07 11:36 - 000000000 ____D C:\Users\Anya\AppData\Local\homebank
    2019-08-27 09:18 - 2018-11-16 21:53 - 000000000 ____D C:\Users\Anya\AppData\Local\Packages
    2019-08-26 20:36 - 2018-11-17 19:02 - 000000000 ____D C:\Program Files\rempl
    2019-08-26 16:41 - 2019-06-18 19:28 - 000000000 ____D C:\Program Files\UNP
    2019-08-26 16:41 - 2019-05-07 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeBank
    2019-08-26 16:41 - 2019-04-01 07:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth
    2019-08-26 16:41 - 2019-03-19 14:56 - 000000000 ____D C:\WINDOWS\Setup
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\spool
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\oobe
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\NDF
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2019-08-26 16:41 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2019-08-26 16:41 - 2019-03-19 14:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2019-08-26 16:41 - 2019-02-01 12:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
    2019-08-26 16:41 - 2018-12-09 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2019-08-26 16:41 - 2018-12-08 16:53 - 000000000 ____D C:\WINDOWS\system32\appmgmt
    2019-08-26 16:41 - 2018-12-08 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2019-08-26 16:41 - 2018-11-16 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SCX-4x21 Series
    2019-08-26 16:41 - 2018-11-11 05:07 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4
    2019-08-26 16:41 - 2018-11-11 05:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCast
    2019-08-26 16:41 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2019-08-26 16:41 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
    2019-08-26 16:41 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\InfusedApps
    2019-08-26 16:28 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\Resources
    2019-08-26 16:28 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\Help
    2019-08-26 16:28 - 2019-02-26 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
    2019-08-26 16:28 - 2018-11-11 05:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abyssmedia
    2019-08-26 16:27 - 2018-10-28 11:06 - 000000000 ____D C:\Program Files\STMicroelectronics
    2019-08-26 16:24 - 2019-03-19 16:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
    2019-08-26 16:24 - 2019-03-19 16:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\TextInput
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SystemResources
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ShellComponents
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2019-08-26 16:24 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-08-26 16:06 - 2019-03-19 16:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2019-08-26 16:06 - 2019-03-19 16:23 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2019-08-26 16:06 - 2019-03-19 16:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
    2019-08-26 16:06 - 2019-03-19 16:20 - 000000000 ____D C:\WINDOWS\system32\WCN
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\system32\F12
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\IME
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Common Files\System
    2019-08-26 16:06 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
    2019-08-26 16:06 - 2019-03-19 14:37 - 000000000 ____D C:\WINDOWS\servicing
    2019-08-26 15:59 - 2019-03-19 16:22 - 000000000 ____D C:\WINDOWS\OCR
    2019-08-26 04:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\appcompat
    2019-08-26 01:21 - 2018-11-08 11:32 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2019-08-26 00:00 - 2018-10-28 12:00 - 000000000 ____D C:\ProgramData\Packages
    2019-08-25 23:17 - 2019-03-19 14:52 - 000000000 ____D C:\ProgramData\USOPrivate
    2019-08-25 23:17 - 2018-11-16 21:53 - 000000000 ___RD C:\Users\Anya\3D Objects
    2019-08-25 23:17 - 2018-10-28 10:56 - 000000000 __RHD C:\Users\Public\AccountPictures
    2019-08-25 23:16 - 2018-11-16 21:53 - 000000000 ____D C:\Users\Anya\AppData\Local\ConnectedDevicesPlatfo rm
    2019-08-25 23:14 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Windows Defender
    2019-08-25 23:14 - 2019-03-19 14:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2019-08-25 23:04 - 2019-03-19 14:52 - 000000000 __RHD C:\Users\Public\Libraries
    2019-08-25 22:55 - 2019-04-01 07:08 - 000000000 ____D C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\AviSynth
    2019-08-25 22:55 - 2019-01-05 20:17 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\TouchPad
    2019-08-25 22:55 - 2018-11-16 21:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Start Menu\Programs\TouchPad
    2019-08-25 22:54 - 2018-11-16 21:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
    2019-08-25 22:54 - 2018-10-28 10:56 - 000000000 ____D C:\Users\USER\AppData\Local\Packages
    2019-08-25 22:50 - 2019-03-19 14:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2019-08-25 22:47 - 2018-10-28 11:06 - 000000000 ____D C:\Program Files\DellTPad
    2019-08-25 22:44 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ServiceState
    2019-08-25 19:18 - 2018-11-22 12:54 - 000000000 ____D C:\Users\Anya\AppData\Local\CrashDumps
    2019-08-24 19:47 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\tyaak
    2019-08-24 17:04 - 2018-11-14 21:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-08-21 23:20 - 2019-07-03 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-08-21 22:29 - 2018-12-06 18:24 - 000000000 ____D C:\Users\Anya\AppData\Local\NordVPN
    2019-08-21 07:48 - 2018-11-19 19:37 - 000000000 ____D C:\Users\Anya\AppData\Local\PlaceholderTileLogoFol der
    2019-08-19 17:00 - 2018-11-11 05:28 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
    2019-08-19 17:00 - 2018-11-11 05:28 - 000000000 ____D C:\Program Files\paint.net
    2019-08-19 12:24 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\maps
    2019-08-19 11:50 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\houses
    2019-08-18 15:08 - 2019-07-25 14:19 - 000000000 ____D C:\Users\Anya\Documents\kid stuff
    2019-08-17 17:34 - 2019-07-03 17:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2019-08-14 08:33 - 2018-11-10 13:13 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-08-14 08:16 - 2018-11-10 13:13 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-08-10 11:35 - 2018-11-17 19:44 - 000000000 ___RD C:\Users\Anya\OneDrive
    2019-08-07 10:55 - 2018-11-16 22:38 - 000000000 ____D C:\Users\Anya\AppData\Local\D3DSCache
    2019-08-06 07:09 - 2018-11-11 05:31 - 000387688 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

    ==================== Files in the root of some directories ================

    2019-05-23 19:47 - 2019-05-23 19:47 - 000003584 _____ () C:\Users\Anya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2019-08-28 15:20 - 2019-08-28 15:20 - 000005933 _____ () C:\Users\Anya\AppData\Local\recently-used.xbel

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ============================

    Addition txt;
    [HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
    Ran by Anya (02-09-2019 09:52:54)
    Running from C:\Users\Anya\Desktop
    Windows 10 Pro Version 1903 18362.295 (X64) (2019-08-25 13:16:00)
    Boot Mode: Normal[/HEADING]
    ==================== Accounts: =============================

    Administrator (S-1-5-21-440688634-2831198262-268214595-500 - Administrator - Enabled) => C:\Users\Administrator
    Anya (S-1-5-21-440688634-2831198262-268214595-1002 - Administrator - Enabled) => C:\Users\Anya
    DefaultAccount (S-1-5-21-440688634-2831198262-268214595-503 - Limited - Disabled)
    Guest (S-1-5-21-440688634-2831198262-268214595-501 - Limited - Disabled)
    USER (S-1-5-21-440688634-2831198262-268214595-1001 - Administrator - Enabled) => C:\Users\USER
    WDAGUtilityAccount (S-1-5-21-440688634-2831198262-268214595-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 18.05 (HKLM-x32...\7-Zip) (Version: 18.05 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
    Adobe Flash Player 32 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
    Avast Pro Antivirus (HKLM-x32...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
    AviSynth 2.6 (HKLM-x32...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
    Dell Touchpad (HKLM...{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
    dr.fone (Version 9.9.1) (HKLM-x32...{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 9.9.1.34 - Wondershare Technology Co.,Ltd.)
    DVDStyler v3.0.4 (HKLM...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
    EZCast (HKLM-x32...{74CECDD9-4B8E-4AE3-9571-8070A17F3C34}) (Version: 1.0.0.143 - Actions-Micro)
    Google Earth Pro (HKLM...{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
    Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
    HomeBank 5.2.4 (HKLM-x32...{770D94F9-211A-4BC7-9921-FC946ABD82C8}_is1) (Version: 5.2.4 - Maxime DOYEN)
    Image Composite Editor (HKLM...{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
    K-Lite Codec Pack 12.9.5 Basic (HKLM-x32...\KLiteCodecPack_is1) (Version: 12.9.5 - KLCP)
    Microsoft OneDrive (HKU\S-1-5-21-440688634-2831198262-268214595-1002...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32...{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Mozilla Firefox 68.0.2 (x64 en-US) (HKLM...\Mozilla Firefox 68.0.2 (x64 en-US)) (Version: 68.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
    NordVPN (HKLM-x32...{135A06CE-0901-4493-A417-756A592C760E}) (Version: 6.23.11 - NordVPN) Hidden
    NordVPN (HKLM-x32...\NordVPN 6.23.11) (Version: 6.23.11 - NordVPN)
    NordVPN network TAP (HKLM-x32...{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
    OpenOffice 4.1.4 (HKLM-x32...{BDB210E1-06C5-451F-BDAC-C18DDC7C2F14}) (Version: 4.14.9788 - Apache Software Foundation)
    paint.net (HKLM...{893D9E06-E352-4BE4-B8E4-CFADC08B8DBF}) (Version: 4.2.1 - dotPDN LLC)
    PDFfiller extension version 1.0.0 (HKLM-x32...{F03E05E0-4014-4B06-B2B2-4326C6C81D78}_is1) (Version: 1.0.0 - PDFfiller Inc.)
    Pushbullet version 338 (HKLM-x32...{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
    Samsung OCR Software (HKLM-x32...\Samsung OCR Software) (Version: 1.01.18 (31/05/2018) - HP Printing Korea Co., Ltd.)
    Samsung Printer Center (HKLM-x32...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
    Samsung SCX-4x21 Series (HKLM-x32...\Samsung SCX-4x21 Series) (Version: - Samsung Electronics CO.,LTD)
    SAMSUNG USB Driver for Mobile Phones (HKLM...{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
    Switch Sound File Converter (HKLM-x32...\Switch) (Version: 7.17 - NCH Software)
    Uninstall Samsung Printer Software (HKLM-x32...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM...{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
    VLC media player (HKLM...\VLC media player) (Version: 3.0.4 - VideoLAN)
    Wave Editor 3.7.0.0 (HKLM-x32...\Wave Editor_is1) (Version: 3.7.0.0 - AbyssMedia.com)
    [HEADING=1]Packages:[/HEADING]
    Dolby Access → C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3. 0.3340.0_x64__rz1tebttyb220 [2019-08-31] (Dolby Laboratories)
    HEVC Video Extensions → C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1. 0.21822.0_x64__8wekyb3d8bbwe [2019-08-25] (Microsoft Corporation)
    Mail and Calendar → C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
    MSN Weather → C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905 .0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
    Photos Add-on → C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-23] (Microsoft Corporation)
    Unit Conversion → C:\Program Files\WindowsApps\44352GadgetWE.UnitConversion_1.0 .1.4_neutral__wrnqd43hr7tc6 [2019-07-17] (GadgetWE)
    VitalSource Bookshelf → C:\Program Files\WindowsApps\VitalSourceTechnologiesIn.VitalS ourceBookshelf_8.4.21.0_x64__wasrd15zsyawm [2019-08-30] (VitalSource Technologies Inc)
    XE Currency → C:\Program Files\WindowsApps\XE.com.XECurrency_2.1.1.0_neutra l__03yfs222qanwj [2019-07-18] (XE.com)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    ContextMenuHandlers1-x32: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    ContextMenuHandlers1: [SignNowExtension] → {732ff99f-d449-31a6-903a-2d166eb3b54d} => C:/Program Files (x86)/PDFfiller extension/PdffillerExtension.DLL [2018-09-06] () [File not signed]
    ContextMenuHandlers3: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software s.r.o. → AVAST Software)
    ContextMenuHandlers4-x32: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
    ContextMenuHandlers5: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher → Intel Corporation)
    ContextMenuHandlers6-x32: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-25] (AVAST Software s.r.o. → AVAST Software)

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2019-01-21 21:55 - 2019-01-21 21:55 - 000251392 _____ () [File not signed] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000988160 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000170496 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000164352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\apr-util.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000297472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\avmedia.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001143808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\basegfx.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000596992 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\bootstrap.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001175552 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\comphelpMSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000487936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\configmgr.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000238080 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppu3.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000587776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppuhelper3MSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000652800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deployment.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000353792 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentgui.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000151040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentmisc.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000126464 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\dnd.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000887296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\drawinglayer.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001580544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\editeng.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000160768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\emser.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000051712 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fileacc.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000226304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\filterconfig1.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000015872 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fpicker.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000201216 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fps.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000091648 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fsstorage.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000055808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ftransl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000485888 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwe.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000210432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwi.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 002193920 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwk.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000313344 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000187392 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\helplinker.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000070656 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\hyphen.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nisolang1MSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npaper.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001333248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npool.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000067072 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nutilMSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000136192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\introspection.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\jvmfwk3.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000134144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libapr-1.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001257472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lng.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000068608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lnth.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localebe1.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000104448 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_en.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000038912 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\mcnttype.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000083456 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msci_uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000812032 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msfilter.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001449472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msword.DLL
    2017-10-12 04:23 - 2017-10-12 04:23 - 000344576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\oleautobridge.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000008704 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\onlinecheck.DLL
    2017-10-12 04:23 - 2017-10-12 04:23 - 002456064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ootk.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000368640 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\package2.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000097280 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\passwordcontainer.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000121344 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reflection.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reg3.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001792512 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sal3.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\salhelper3MSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000093184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000168448 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 002291200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sb.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000082944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\serf.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 003658240 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sfx.dll
    2017-10-12 05:28 - 2017-10-12 05:28 - 009828864 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
    2017-10-12 04:23 - 2017-10-12 04:23 - 000290304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sofficeapp.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000279040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sot.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000183296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spell.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000205824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000096768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\stocservices.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000053760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\store3.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000901120 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 003373056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svt.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 003235328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svx.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 006034432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svxcore.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 009289216 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sw.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000117760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sysdtrans.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000620544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\tl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000231936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucb1.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000388608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucbhelper4MSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000344576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpchelp1.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000412160 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpdav1.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpexpand1.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000309248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpfile1.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000367616 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\unoxml.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000053248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\updatefeed.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000186880 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\updchk.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001104384 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\utl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000254976 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uui.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000085504 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uwinapi.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 004172800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vcl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000099328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vos3MSC.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000028672 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\wininetbe1.uno.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000791040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xcr.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000045056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xmlreader.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 003469312 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xo.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000396288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xstor.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icudt40.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001072128 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuin40.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000951808 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuuc40.dll
    2015-02-24 14:49 - 2015-02-24 14:49 - 000236544 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000180224 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libcurl.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 001020928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\LIBEAY32.dll
    2017-10-12 04:23 - 2017-10-12 04:23 - 000218624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\SSLEAY32.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Wdf01000.sys => “”=“Driver”
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Wdf01000.sys => “”=“Driver”

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2018-04-12 09:38 - 2019-01-09 15:02 - 000001362 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\s ystem32;%SystemRoot%;%SystemRoot%\System32\Wbem;%S YSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEM ROOT%\System32\OpenSSH
    HKU\S-1-5-21-440688634-2831198262-268214595-1002\Control Panel\Desktop\Wallpaper → C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Desk top Background.bmp
    DNS Servers: 103.86.96.100 - 103.86.99.100
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    HKLM...\StartupApproved\StartupFolder: => “Billminder.lnk”
    HKLM...\StartupApproved\Run: => “WinZip PreLoader”
    HKLM...\StartupApproved\Run: => “WinZip UN”
    HKLM...\StartupApproved\Run32: => “SunJavaUpdateSched”
    HKLM...\StartupApproved\Run32: => “KiesTrayAgent”
    HKLM...\StartupApproved\Run32: => “iSkysoft Helper Compact.exe”
    HKU\S-1-5-21-440688634-2831198262-268214595-1002...\StartupApproved\StartupFolder: => “PDFFiller.lnk”
    HKU\S-1-5-21-440688634-2831198262-268214595-1002...\StartupApproved\Run: => “uTorrent”

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [TCP Query User{0CDC49C8-EAC1-4E9B-BA14-098217F3716D}C:\users\anya\appdata\roaming\utorren t\utorrent.exe] => (Allow) C:\users\anya\appdata\roaming\utorrent\utorrent.ex e No File
    FirewallRules: [UDP Query User{DF24D1A2-9B9E-4FCD-B8D1-AD58F1E68027}C:\users\anya\appdata\roaming\utorren t\utorrent.exe] => (Allow) C:\users\anya\appdata\roaming\utorrent\utorrent.ex e No File

    ==================== Restore Points =========================

    26-08-2019 01:40:48 Windows Update
    02-09-2019 07:47:42 Removed Image Composite Editor

    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    [HEADING=1]Application errors:[/HEADING]
    Error: (09/02/2019 07:47:35 AM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP-EIUB3MN)
    Description: Product: Image Composite Editor – Error 1706. An installation package for the product Image Composite Editor cannot be found. Try the installation again using a valid copy of the installation package ‘ICE-2.0.3-for-64-bit-Windows.msi’.

    Error: (09/02/2019 07:45:43 AM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP-EIUB3MN)
    Description: Product: Image Composite Editor – Error 1706. An installation package for the product Image Composite Editor cannot be found. Try the installation again using a valid copy of the installation package ‘ICE-2.0.3-for-64-bit-Windows.msi’.

    Error: (09/02/2019 07:45:24 AM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP-EIUB3MN)
    Description: Product: Image Composite Editor – Error 1706. An installation package for the product Image Composite Editor cannot be found. Try the installation again using a valid copy of the installation package ‘ICE-2.0.3-for-64-bit-Windows.msi’.

    Error: (09/02/2019 07:45:10 AM) (Source: MsiInstaller) (EventID: 11706) (User: DESKTOP-EIUB3MN)
    Description: Product: Image Composite Editor – Error 1706. An installation package for the product Image Composite Editor cannot be found. Try the installation again using a valid copy of the installation package ‘ICE-2.0.3-for-64-bit-Windows.msi’.

    Error: (08/31/2019 08:14:54 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.267, time stamp: 0xfeb44817
    Faulting module name: ntdll.dll, version: 10.0.18362.267, time stamp: 0xc00f8a30
    Exception code: 0xc0000005
    Fault offset: 0x00000000000072a6
    Faulting process id: 0x804
    Faulting application start time: 0x01d55f7e58478356
    Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: 22bd7635-1b64-4aa7-82a1-a1e540957ed6
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/28/2019 03:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: HomeBank.exe, version: 5.2.4.0, time stamp: 0x5cae076e
    Faulting module name: libcairo-2.dll, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x0008cdfa
    Faulting process id: 0x35c8
    Faulting application start time: 0x01d55d6040da5873
    Faulting application path: C:\Program Files (x86)\HomeBank\HomeBank.exe
    Faulting module path: C:\Program Files (x86)\HomeBank\libcairo-2.dll
    Report Id: 8a609b35-6b68-4540-852f-a7ecccbcf483
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/27/2019 09:18:32 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: NordVPN.exe, version: 6.23.11.0, time stamp: 0x5d4cfa81
    Faulting module name: KERNELBASE.dll, version: 10.0.18362.267, time stamp: 0xf09944f9
    Exception code: 0xe0434352
    Fault offset: 0x000000000003a839
    Faulting process id: 0xc14
    Faulting application start time: 0x01d55c649366deb2
    Faulting application path: C:\Program Files (x86)\NordVPN\NordVPN.exe
    Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
    Report Id: 3153e612-b659-451d-aff9-c034c44edc11
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/27/2019 09:18:32 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: NordVPN.exe, version: 6.23.11.0, time stamp: 0x5d4cfa81
    Faulting module name: KERNELBASE.dll, version: 10.0.18362.267, time stamp: 0xf09944f9
    Exception code: 0xe0434352
    Fault offset: 0x000000000003a839
    Faulting process id: 0x25bc
    Faulting application start time: 0x01d55c64934d3c58
    Faulting application path: C:\Program Files (x86)\NordVPN\NordVPN.exe
    Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
    Report Id: 643df471-734b-489c-80bd-0882ad9c5f4f
    Faulting package full name:
    Faulting package-relative application ID:
    [HEADING=1]System errors:[/HEADING]
    Error: (09/01/2019 05:30:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
    Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

    Error: (09/01/2019 05:30:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.

    Error: (09/01/2019 05:30:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.

    Error: (09/01/2019 05:30:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.

    Error: (08/31/2019 08:31:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The WpnUserService_3bb5d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (08/31/2019 06:07:40 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
    Description: V:\Device\HarddiskVolume63

    Error: (08/31/2019 07:59:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.

    Error: (08/31/2019 07:59:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} did not register with DCOM within the required timeout.
    [HEADING=1]CodeIntegrity:[/HEADING]
    Date: 2019-09-01 20:01:02.377
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 20:01:02.370
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 20:01:02.358
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 20:01:02.352
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 20:01:02.226
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 02:01:02.457
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 02:01:02.451
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2019-09-01 02:01:02.441
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    ==================== Memory info ===========================

    BIOS: Dell Inc. A20 02/21/2018
    Motherboard: Dell Inc. 0HDT4R
    Processor: Intel(R) Core™ i3-2350M CPU @ 2.30GHz
    Percentage of memory in use: 53%
    Total physical RAM: 8095.64 MB
    Available physical RAM: 3769.87 MB
    Total Virtual: 10911.64 MB
    Available Virtual: 5929.32 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:297.49 GB) (Free:64.11 GB) NTFS

    \?\Volume{56919b75-0b11-4b34-9c96-1b5cfd738cd2}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
    \?\Volume{57236301-2ead-435d-ade8-cb8ec331b1bf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

    ==================== MBR & Partition Table ==================

    ================================================== ======
    Disk: 0 (Size: 298.1 GB) (Disk ID: C95369C7)

    Partition: GPT.

    ==================== End of Addition.txt ============================
  • Loosie
    PCHF Member
    • Feb 2017
    • 97

    #2
    OK just learned that the ‘stopcode’ is a BSOD. So attached are the dump logs … Nope, it won’t attach - says I don’t have read permission, even though properties of the files says I do. Cannot put the dmp files in a zip or open them either, for same reason.

    Comment

    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7045

      #3
      Adware Cleaner Scan.

      Please download AdwCleaner by Xplode onto your desktop.

      [ul]
      [li]Close all open programs and internet browsers.[/li][li]Right Click on adwcleaner.exe and run as admin to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

      Download Quick Diag to your desktop.
      Very Important!! – Make sure program is on your desktop.
      Disable your Antivirus/Antispyware prior to scanning.
      Right Click Run as Administrator.
      Select the Quick Scan.





      Post the log that is generated in your next post.

      Comment

      • Malnutrition
        PCHF Moderator
        • Jul 2016
        • 7045

        #4
        @Loosie How about an update please.

        Comment

        • Loosie
          PCHF Member
          • Feb 2017
          • 97

          #5
          Sorry hadn’t got back to you - had unrelated internet probs too.

          I ran adwcleaner, as admin, after disabling all virus & firewall. It DID NOT go to ‘clean’ after the scan, but to ‘Basic Repair’ option. Perhaps because it didn’t find anything? I skipped that. It DID NOT reboot, but I have done so since. Below is the log file.


          [HEADING=1]Malwarebytes AdwCleaner 7.4.1.0[/HEADING]
          [HEADING=1]-------------------------------[/HEADING]
          [HEADING=1]Build: 09-04-2019[/HEADING]
          [HEADING=1]Database: 2019-08-27.1 (Local)[/HEADING]
          [HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
          [HEADING=1]-------------------------------[/HEADING]
          [HEADING=1]Mode: Scan[/HEADING]
          [HEADING=1]-------------------------------[/HEADING]
          [HEADING=1]Start: 09-18-2019[/HEADING]
          [HEADING=1]Duration: 00:00:25[/HEADING]
          [HEADING=1]OS: Windows 10 Pro[/HEADING]
          [HEADING=1]Scanned: 35522[/HEADING]
          [HEADING=1]Detected: 0[/HEADING]
          ***** [ Services ] *****

          No malicious services found.

          ***** [ Folders ] *****

          No malicious folders found.

          ***** [ Files ] *****

          No malicious files found.

          ***** [ DLL ] *****

          No malicious DLLs found.

          ***** [ WMI ] *****

          No malicious WMI found.

          ***** [ Shortcuts ] *****

          No malicious shortcuts found.

          ***** [ Tasks ] *****

          No malicious tasks found.

          ***** [ Registry ] *****

          No malicious registry entries found.

          ***** [ Chromium (and derivatives) ] *****

          No malicious Chromium entries found.

          ***** [ Chromium URLs ] *****

          No malicious Chromium URLs found.

          ***** [ Firefox (and derivatives) ] *****

          No malicious Firefox entries found.

          ***** [ Firefox URLs ] *****

          No malicious Firefox URLs found.

          ***** [ Preinstalled Software ] *****

          No Preinstalled Software found.

          AdwCleaner_Debug.log - [9943 octets] - [09/09/2019 19:33:30]
          AdwCleaner[S00].txt - [1591 octets] - [09/09/2019 19:34:28]
          AdwCleaner[C00].txt - [1732 octets] - [09/09/2019 19:58:41]

          ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

          Comment

          • Malnutrition
            PCHF Moderator
            • Jul 2016
            • 7045

            #6
            Download Quick Diag to your desktop.
            Very Important!! – Make sure program is on your desktop.
            Disable your Antivirus/Antispyware prior to scanning.
            Right Click Run as Administrator.
            Select the Quick Scan.



            Comment

            • Loosie
              PCHF Member
              • Feb 2017
              • 97

              #7
              Thanks for getting back to me. Downloaded & ran that scan. It didn’t give any log file, but at the end came up with a window with an error. Attaching screenshot here.

              Comment

              • Malnutrition
                PCHF Moderator
                • Jul 2016
                • 7045

                #8
                Ok, please re run FRST and post new logs, sorry for the delay, just been really busy with work.

                Comment

                • Loosie
                  PCHF Member
                  • Feb 2017
                  • 97

                  #9
                  What?? You’re not here at my beck and call??! You mean you have a LIFE?? Appreciate your help very much, even if you don’t jump just for me! Below is the FRST report…

                  Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
                  Ran by Anya (administrator) on DESKTOP-EIUB3MN (Dell Inc. Latitude E6330) (13-10-2019 20:19:24)
                  Running from C:\Users\Anya\Desktop
                  Loaded Profiles: Anya (Available Profiles: USER & Anya & Administrator)
                  Platform: Windows 10 Pro Version 1903 18362.418 (X64) Language: English (United States)
                  Default browser: FF
                  Boot Mode: Normal
                  Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

                  ==================== Processes (Whitelisted) =================

                  (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

                  () [File not signed] C:\Program Files (x86)\Samsung\Samsung SCX-4x21 Series\SPanel\caller64.exe
                  () [File not signed] C:\Program Files (x86)\Samsung\Samsung SCX-4x21 Series\SPanel\SPanel.exe
                  () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
                  () [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
                  (Adobe Inc. → Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                  (Alps Electric Co., LTD. → Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
                  (Alps Electric Co., LTD. → Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
                  (Alps Electric Co., LTD. → Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
                  (Alps Electric Co., LTD. → Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
                  (Alps Electric Co., LTD. → Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
                  (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
                  (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
                  (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
                  (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
                  (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
                  (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
                  (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
                  (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
                  (DEVGURU CO LTD → DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
                  (DOTPDN LLC → ) C:\Users\Anya\AppData\Local\Temp\paint.net.4.2.5.i nstall.exe
                  (DOTPDN LLC → ) C:\Users\Anya\AppData\Local\Temp\PdnSetup\SetupShi m.exe
                  (DOTPDN LLC → dotPDN LLC) C:\Users\Anya\AppData\Local\Temp\PdnSetup\SetupFro ntEnd.exe
                  (Google Inc → Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler. exe
                  (Google Inc → Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler6 4.exe
                  (Intel(R) pGFX → Intel Corporation) C:\Windows\System32\hkcmd.exe
                  (Intel(R) pGFX → Intel Corporation) C:\Windows\System32\igfxpers.exe
                  (Intel(R) pGFX → Intel Corporation) C:\Windows\System32\igfxtray.exe
                  (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
                  (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19 071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.ex e
                  (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1 908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
                  (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.33 .18003.0_x64__8wekyb3d8bbwe\GameBar.exe
                  (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.33 .18003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
                  (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313. 0_x64__8wekyb3d8bbwe\YourPhone.exe
                  (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.120 11.0_x64__8wekyb3d8bbwe\Video.UI.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\msiexec.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe
                  (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\SrTasks.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
                  (PushBullet Inc → Pushbullet Inc) C:\Users\Anya\AppData\Local\Pushbullet\bin\pushbul let_client.exe
                  (Samsung Electronics CO., LTD. → ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
                  (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x 64__kzf8qxf38zg5c\SkypeApp.exe
                  (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x 64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
                  (TEFINCOM S.A. → ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
                  (TEFINCOM S.A. → NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
                  (Wondershare Technology Co.,Ltd → Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\D riverInstall.exe
                  (Wondershare Technology Co.,Ltd → Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

                  ==================== Registry (Whitelisted) ===========================

                  (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

                  HKLM...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. → Alps Electric Co., Ltd.)
                  HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  HKLM-x32...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-08-02] () [File not signed]
                  HKLM-x32...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. → iSkySoft)
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc) [File not signed]
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [2233808 2019-10-02] (TEFINCOM S.A. → NordVPN)
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q “C:\Users\Anya\AppData\Local\Microsoft\OneDrive\Up date\OneDriveSetup.exe”
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q “C:\Users\Anya\AppData\Local\Microsoft\OneDrive\St andaloneUpdater\OneDriveSetup.exe”
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\RunOnce: [Uninstall 19.152.0801.0009\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19 .152.0801.0009\amd64”
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\RunOnce: [Uninstall 19.152.0801.0009] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q “C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19 .152.0801.0009”
                  Startup: C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\PDFFiller.lnk [2018-11-22]
                  ShortcutTarget: PDFFiller.lnk → C:\Program Files (x86)\PDFfiller extension\Pdffiller.exe (PDFfiller) [File not signed]
                  FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

                  ==================== Scheduled Tasks (Whitelisted) =============

                  (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                  Task: {7B4DDA8C-16DD-4451-B0A5-D692899D8730} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_270_Plugin.exe [1457720 2019-10-09] (Adobe Inc. → Adobe)
                  Task: {897888F7-7DE6-48CE-98DB-3D7D044C517C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-10-09] (Adobe Inc. → Adobe)
                  Task: {A0E987E6-2825-4840-9C2B-5B142EC8ABAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. → Adobe Systems)
                  Task: {AB2E31DA-B4B4-4609-AD7D-55A66B030B2E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  Task: {E30BFBD1-C11D-4ABE-8167-1D42824EB7C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc → Google Inc.)
                  Task: {E4A2B3CE-ABD9-472B-B18E-D19ADBE53BF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc → Google Inc.)
                  Task: {FB42282D-A968-48F0-9F82-F717BA4D1DD4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. → AVAST Software)

                  (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

                  ==================== Internet (Whitelisted) ====================

                  (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

                  Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
                  Tcpip..\Interfaces{393a64f1-cb08-462f-b625-7c2a17d0df94}: [NameServer] 103.86.96.100,103.86.99.100
                  Tcpip..\Interfaces{393a64f1-cb08-462f-b625-7c2a17d0df94}: [DhcpNameServer] 10.0.0.138
                  Tcpip..\Interfaces{8104e65c-0d4f-4c24-959d-06143ea93afb}: [NameServer] 103.86.96.100,103.86.99.100
                  Tcpip..\Interfaces{860ed676-5e66-4fa8-8b19-5d0228b15a21}: [DhcpNameServer] 192.168.42.129
                  Tcpip..\Interfaces{dc70ac19-0f02-4e50-bb58-f77cb838f442}: [NameServer] 103.86.96.100,103.86.99.100
                  Tcpip..\Interfaces{dc70ac19-0f02-4e50-bb58-f77cb838f442}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
                  [HEADING=1]Internet Explorer:[/HEADING]
                  [HEADING=1]FireFox:[/HEADING]
                  FF DefaultProfile: rfw48twt.default-1562140894913
                  FF ProfilePath: C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913 [2019-10-13]
                  FF Homepage: Mozilla\Firefox\Profiles\rfw48twt.default-1562140894913 → hxxps://mail.yahoo.com/d/folders/1?guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&g uce_referrer_sig=AQAAADKwk9my4tFaRXZfbWfqOykP0nh9t ogxt9nsxoa1BfIX4azGnbq7wWlW7pZFAsOgOLlh-Sy35H5LhTWVD1ao0FgkaqrZem987unSBK3HE_j9bnEU38mVdm2 jrj_9w5hTv9m5uKXnhSTmGr5kSlAnxmGekndJHawwUA8DapHgd i_k|hxxps://jorte.net/schedule/scheduleCalendar/
                  FF Session Restore: Mozilla\Firefox\Profiles\rfw48twt.default-1562140894913 → is enabled.
                  FF Extension: (SaveFrom.net helper) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionshelper@savefrom.net.xpi [2019-10-02]
                  FF Extension: (Pushbullet) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionsjid1-BYcQOfYfmBMd9A@jetpack.xpi [2019-09-20]
                  FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionssp@avast.com.xpi [2019-10-12]
                  FF Extension: (Avast Online Security) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensionswrc@avast.com.xpi [2019-09-10]
                  FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\rfw48twt.default-1562140894913\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-23]
                  FF HKLM-x32...\Firefox\Extensions: [helper-sig@savefrom.net] - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\vptylgcr.default\extensions\stagedhelper-sig@savefrom.net.xpi => not found
                  FF HKU\S-1-5-21-440688634-2831198262-268214595-1002...\Firefox\Extensions: [helper-sig@savefrom.net] - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Prof iles\vptylgcr.default\extensions\stagedhelper-sig@savefrom.net.xpi => not found
                  FF Plugin: @adobe.com/FlashPlayer → C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_ 270.dll [2019-10-09] (Adobe Inc. → )
                  FF Plugin: @videolan.org/vlc,version=3.0.4 → C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN → VideoLAN)
                  FF Plugin-x32: @adobe.com/FlashPlayer → C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_ 270.dll [2019-10-09] (Adobe Inc. → )
                  FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-03] (Google Inc → Google LLC)
                  FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-03] (Google Inc → Google LLC)
                  FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-01] (Adobe Inc. → Adobe Systems Inc.)
                  [HEADING=1]Chrome:[/HEADING]
                  CHR HKLM-x32...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
                  CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

                  ==================== Services (Whitelisted) ====================

                  (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                  R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. → Alps Electric Co., Ltd.)
                  R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-10] (AVAST Software s.r.o. → AVAST Software)
                  R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [14280 2019-03-18] (Microsoft Corporation → Microsoft Corporation)
                  R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [217552 2019-10-02] (TEFINCOM S.A. → )
                  R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2019-02-08] (Samsung Electronics CO., LTD. → )
                  S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher → Microsoft Corporation)
                  R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU CO LTD → DEVGURU Co., LTD.)
                  S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation → Microsoft Corporation)
                  S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation → Microsoft Corporation)
                  R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd → Wondershare)
                  R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\D riverInstall.exe [120016 2018-12-29] (Wondershare Technology Co.,Ltd → Wondershare)

                  ===================== Drivers (Whitelisted) ======================

                  (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                  S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 → Apple Inc.)
                  S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 → Apple Inc.)
                  R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher → AVAST Software)
                  R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc → OSR Open Systems Resources, Inc.)
                  S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [110488 2014-12-03] (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.(www.devguru.co.kr))
                  R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [488736 2015-08-04] (Intel(R) Intel Network Drivers → Intel Corporation)
                  R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows → Intel Corporation)
                  S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. → DEVGURU Co., LTD.(www.devguru.co.kr))
                  R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. → ST Microelectronics)
                  R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. → STMicroelectronics)
                  R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. → The OpenVPN Project)
                  S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-12] (Microsoft Windows → Microsoft Corporation)
                  S3 VSScanner; C:\WINDOWS\System32\DRIVERS\vsscanner.sys [29808 2016-08-18] (Microsoft Windows Hardware Compatibility Publisher → VoodooSoft, LLC)
                  S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
                  S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows → Microsoft Corporation)
                  S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows → Microsoft Corporation)

                  ==================== NetSvcs (Whitelisted) ===================

                  (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                  ==================== One month (created) ========

                  (If an entry is included in the fixlist, the file/folder will be moved.)

                  2019-10-13 20:19 - 2019-10-13 20:22 - 000020462 _____ C:\Users\Anya\Desktop\FRST.txt
                  2019-10-13 20:18 - 2019-10-13 20:18 - 000001092 _____ C:\Users\Public\Desktop\paint.net.lnk
                  2019-10-13 20:18 - 2019-10-13 20:18 - 000001092 _____ C:\ProgramData\Desktop\paint.net.lnk
                  2019-10-12 19:17 - 2019-10-12 19:16 - 000000405 _____ C:\Users\Anya\Desktop\QuickScript_12_10_2019_19_17 _00.txt
                  2019-10-12 19:08 - 2019-10-12 19:08 - 000003864 _____ C:\Users\Anya\AppData\Local\recently-used.xbel
                  2019-10-12 19:05 - 2019-10-12 19:17 - 000000000 ____D C:\QuickDiag
                  2019-10-12 18:59 - 2019-10-12 18:59 - 005180312 _____ (SosVirus) C:\Users\Anya\Desktop\quickdiag_V5_04.10.19.1.exe
                  2019-10-12 15:02 - 2019-10-12 19:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
                  2019-10-11 08:06 - 2019-10-11 08:06 - 000009687 _____ C:\Users\Anya\Downloads\TransactionHistory(12).qif
                  2019-10-11 08:01 - 2019-10-11 08:01 - 000000861 _____ C:\Users\Anya\Downloads\TransactionHistory(10).qif
                  2019-10-11 07:59 - 2019-10-11 07:59 - 000000689 _____ C:\Users\Anya\Downloads\TransactionHistory(9).qif
                  2019-10-11 07:58 - 2019-10-11 07:58 - 000000309 _____ C:\Users\Anya\Downloads\TransactionHistory(11).qif
                  2019-10-11 07:57 - 2019-10-11 07:57 - 000000377 _____ C:\Users\Anya\Downloads\TransactionHistory.csv
                  2019-10-11 02:12 - 2019-10-11 02:12 - 000000000 ____D C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\TouchPad
                  2019-10-11 02:11 - 2019-10-11 02:11 - 000002076 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
                  2019-10-11 02:11 - 2019-10-11 02:11 - 000002076 _____ C:\ProgramData\Desktop\Avast Pro Antivirus.lnk
                  2019-10-11 01:30 - 2019-10-11 01:30 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
                  2019-10-11 01:30 - 2019-10-11 01:30 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
                  2019-10-11 01:30 - 2019-10-11 01:30 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
                  2019-10-11 01:30 - 2019-10-11 01:30 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
                  2019-10-11 01:29 - 2019-10-11 01:30 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
                  2019-10-11 01:29 - 2019-10-11 01:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
                  2019-10-11 01:29 - 2019-10-11 01:29 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
                  2019-10-11 01:29 - 2019-10-11 01:29 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 003947008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP .dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
                  2019-10-11 01:28 - 2019-10-11 01:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
                  2019-10-11 01:07 - 2019-09-20 15:36 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
                  2019-10-11 01:07 - 2019-09-20 15:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
                  2019-10-10 18:50 - 2019-10-05 18:45 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
                  2019-10-09 14:10 - 2019-10-09 14:10 - 000415119 _____ C:\Users\Anya\Downloads\Redback Smart Hybrid Inverter SH5000.PDF
                  2019-10-09 09:47 - 2019-10-09 09:47 - 000049227 _____ C:\Users\Anya\Downloads\nyu5axm2ic6uuhqmxpmm.webp
                  2019-10-09 00:07 - 2019-10-09 00:07 - 000240352 _____ C:\Users\Anya\Downloads\SolarQuotes%20Solar%20Batt ery%20Storage%20Comparison%20Table.xlsx
                  2019-10-09 00:07 - 2019-10-09 00:07 - 000240344 _____ C:\Users\Anya\Downloads\SolarQuotes%20Solar%20Batt ery%20Storage%20Comparison%20Table(1).xlsx
                  2019-10-08 23:42 - 2019-10-08 23:42 - 000460650 _____ C:\Users\Anya\Downloads\Battery-Comparison-Chart.pdf
                  2019-10-08 23:13 - 2019-10-08 23:15 - 005345834 _____ C:\Users\Anya\Downloads\41777286_527218911032401_2 309233031195394048_n.mp4
                  2019-10-08 12:56 - 2019-10-08 12:56 - 000023791 _____ C:\Users\Anya\Documents\climate action.odt
                  2019-10-08 10:43 - 2019-10-08 10:43 - 000001982 _____ C:\Users\Public\Desktop\NordVPN.lnk
                  2019-10-08 10:43 - 2019-10-08 10:43 - 000001982 _____ C:\ProgramData\Desktop\NordVPN.lnk
                  2019-10-08 10:43 - 2019-10-08 10:43 - 000000000 ____D C:\Users\Anya\AppData\Roaming\NordVPN
                  2019-10-08 10:43 - 2019-10-08 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
                  2019-10-08 10:43 - 2019-10-08 10:43 - 000000000 ____D C:\Program Files (x86)\NordVPN
                  2019-10-06 16:50 - 2019-10-06 16:50 - 007063347 _____ C:\Users\Anya\Downloads\71408930_505983139965432_8 320108488252918600_n.mp4
                  2019-10-05 18:46 - 2019-10-05 18:45 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
                  2019-10-05 18:46 - 2019-10-05 18:45 - 000171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
                  2019-10-04 23:25 - 2019-10-04 23:25 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
                  2019-10-04 23:25 - 2019-10-04 23:25 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 002190864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001716752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001611792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001501712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001386000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 001043984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000827408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000816648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000666128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000495120 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000394256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000228880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000181776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000037904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
                  2019-10-04 23:24 - 2019-10-04 23:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
                  2019-10-04 23:23 - 2019-10-04 23:23 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
                  2019-10-04 23:23 - 2019-10-04 23:23 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dl l
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dl l
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
                  2019-10-04 23:23 - 2019-10-04 23:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
                  2019-10-04 23:22 - 2019-10-04 23:22 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications .dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dl l
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
                  2019-10-04 23:22 - 2019-10-04 23:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense. dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAcc ess.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionA lias.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApp s.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler. dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
                  2019-10-04 23:21 - 2019-10-04 23:21 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
                  2019-10-04 18:40 - 2019-10-04 18:45 - 009777198 _____ C:\Users\Anya\Downloads\10000000_2030082467092056_ 6420478080292225024_n.mp4
                  2019-10-03 23:40 - 2019-10-03 23:44 - 008185327 _____ C:\Users\Anya\Downloads\69745377_365133761081497_5 287009620735295488_n.mp4
                  2019-10-03 21:36 - 2019-10-03 23:31 - 027227521 _____ C:\Users\Anya\Downloads\10000000_121156248915554_3 43587891644568238_n.mp4
                  2019-10-02 22:32 - 2019-10-02 22:33 - 005191202 _____ C:\Users\Anya\Downloads\Ride A White Swan.mp4
                  2019-10-02 22:29 - 2019-10-02 22:29 - 001041376 _____ C:\Users\Anya\Downloads\DonT Bring me down.mp4
                  2019-10-02 22:26 - 2019-10-02 22:26 - 003760939 _____ C:\Users\Anya\Downloads\Livin Thing.mp4
                  2019-10-02 22:24 - 2019-10-02 22:24 - 003760939 _____ C:\Users\Anya\Downloads\evil woman.mp4
                  2019-09-26 22:30 - 2019-10-13 20:19 - 000000000 ____D C:\Users\Anya\Desktop\PCHF prework
                  2019-09-26 09:29 - 2019-09-25 18:08 - 000021034 _____ C:\Users\Anya\Documents\Dog%20food%20amounts%20wor kings.ods_0.ods
                  2019-09-21 19:45 - 2019-09-21 19:45 - 001207336 _____ (Adobe Inc) C:\Users\Anya\Downloads\flashplayer32_xa_install.e xe
                  2019-09-20 20:17 - 2019-09-20 20:18 - 000842691 _____ C:\Users\Anya\Downloads\Contacts(25).vcf
                  2019-09-20 20:17 - 2019-09-20 20:17 - 001983825 _____ C:\Users\Anya\Downloads\Contacts(22).vcf
                  2019-09-20 20:17 - 2019-09-20 20:17 - 000015707 _____ C:\Users\Anya\Downloads\Contacts(24).vcf
                  2019-09-20 20:17 - 2019-09-20 20:17 - 000015707 _____ C:\Users\Anya\Downloads\Contacts(23).vcf
                  2019-09-20 20:16 - 2019-09-20 20:16 - 001983825 _____ C:\Users\Anya\Downloads\Contacts(21).vcf
                  2019-09-20 17:29 - 2019-09-20 17:29 - 002546180 _____ C:\Users\Anya\Downloads\Contacts(20).vcf
                  2019-09-20 17:29 - 2019-09-20 17:29 - 002546180 _____ C:\Users\Anya\Downloads\Contacts(19).vcf
                  2019-09-20 17:29 - 2019-09-20 17:29 - 001844177 _____ C:\Users\Anya\Downloads\Contacts(18).vcf
                  2019-09-20 17:28 - 2019-09-20 17:28 - 002782716 _____ C:\Users\Anya\Downloads\Contacts(14).vcf
                  2019-09-20 17:28 - 2019-09-20 17:28 - 000282781 _____ C:\Users\Anya\Downloads\Contacts(17).vcf
                  2019-09-20 17:28 - 2019-09-20 17:28 - 000282781 _____ C:\Users\Anya\Downloads\Contacts(16).vcf
                  2019-09-20 17:28 - 2019-09-20 17:28 - 000282781 _____ C:\Users\Anya\Downloads\Contacts(15).vcf
                  2019-09-20 17:15 - 2019-09-20 17:15 - 002782716 _____ C:\Users\Anya\Downloads\Contacts(13).vcf
                  2019-09-20 17:14 - 2019-09-20 17:15 - 002782716 _____ C:\Users\Anya\Downloads\Contacts(12).vcf
                  2019-09-20 17:12 - 2019-09-20 17:12 - 000345316 _____ C:\Users\Anya\Downloads\Contacts(9).vcf
                  2019-09-20 17:12 - 2019-09-20 17:12 - 000345316 _____ C:\Users\Anya\Downloads\Contacts(8).vcf
                  2019-09-20 17:12 - 2019-09-20 17:12 - 000345316 _____ C:\Users\Anya\Downloads\Contacts(7).vcf
                  2019-09-20 17:12 - 2019-09-20 17:12 - 000345316 _____ C:\Users\Anya\Downloads\Contacts(11).vcf
                  2019-09-20 17:12 - 2019-09-20 17:12 - 000345316 _____ C:\Users\Anya\Downloads\Contacts(10).vcf
                  2019-09-20 16:58 - 2019-09-20 16:58 - 002298160 _____ C:\Users\Anya\Downloads\Contacts(5).vcf
                  2019-09-20 16:58 - 2019-09-20 16:58 - 001921988 _____ C:\Users\Anya\Downloads\Contacts(6).vcf
                  2019-09-20 16:57 - 2019-09-20 16:57 - 004122344 _____ C:\Users\Anya\Downloads\Contacts(4).vcf
                  2019-09-20 16:44 - 2019-09-20 16:44 - 010188054 _____ C:\Users\Anya\Downloads\Contacts(3).vcf
                  2019-09-20 16:14 - 2019-09-20 16:14 - 002640679 _____ C:\Users\Anya\Downloads\Contacts(2).vcf
                  2019-09-20 09:54 - 2019-09-20 10:01 - 001238748 _____ C:\WINDOWS\Minidump\092019-39687-01.dmp
                  2019-09-20 09:54 - 2019-09-20 09:54 - 958714166 _____ C:\WINDOWS\MEMORY.DMP
                  2019-09-16 15:35 - 2019-09-16 15:35 - 000826726 _____ C:\Users\Anya\Downloads\09HowTo9ImproveHatchabilit yStoredEggs.pdf
                  2019-09-16 09:01 - 2019-09-16 09:01 - 000007327 _____ C:\Users\Anya\Downloads\TransactionHistory(8).qif
                  2019-09-16 09:01 - 2019-09-16 09:01 - 000007327 _____ C:\Users\Anya\Downloads\TransactionHistory(7).qif
                  2019-09-15 20:45 - 2019-09-15 20:45 - 001725226 _____ C:\Users\Anya\Downloads\Welcome and Instruction - Standard.pdf
                  2019-09-15 20:12 - 2019-09-11 17:18 - 000024434 _____ C:\Users\Anya\Documents\Questions%20for%20WIX.doc_ 0.odt
                  2019-09-13 19:44 - 2019-09-21 19:49 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

                  ==================== One month (modified) ========

                  (If an entry is included in the fixlist, the file/folder will be moved.)

                  2019-10-13 20:21 - 2019-09-02 10:46 - 000000000 ____D C:\FRST
                  2019-10-13 20:18 - 2018-11-11 06:28 - 000001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
                  2019-10-13 20:18 - 2018-11-11 06:28 - 000000000 ____D C:\Program Files\paint.net
                  2019-10-13 20:17 - 2019-09-02 10:39 - 001616384 _____ (Farbar) C:\Users\Anya\Desktop\FRST64.exe
                  2019-10-13 19:47 - 2018-11-10 14:13 - 000000000 ____D C:\Users\Anya\Documents\Horses & animals
                  2019-10-13 19:45 - 2019-08-25 23:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
                  2019-10-13 19:32 - 2019-03-19 15:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
                  2019-10-13 09:42 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\AppReadiness
                  2019-10-13 09:40 - 2019-08-26 00:14 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000003748 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000003446 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440688634-2831198262-268214595-1002
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440688634-2831198262-268214595-1001
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000002848 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-440688634-2831198262-268214595-500
                  2019-10-12 21:33 - 2019-08-26 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
                  2019-10-12 21:33 - 2018-12-09 15:41 - 000000000 ____D C:\Users\Anya\AppData\Roaming\vlc
                  2019-10-12 19:17 - 2019-07-03 18:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
                  2019-10-12 19:17 - 2019-07-03 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
                  2019-10-12 19:17 - 2018-11-16 23:32 - 000000000 ____D C:\Users\Anya\AppData\LocalLow\Mozilla
                  2019-10-12 19:08 - 2019-05-07 12:36 - 000000000 ____D C:\Users\Anya\AppData\Local\homebank
                  2019-10-11 10:23 - 2019-08-25 23:52 - 000002405 _____ C:\Users\Anya\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\OneDrive.lnk
                  2019-10-11 10:23 - 2018-11-17 20:44 - 000000000 ___RD C:\Users\Anya\OneDrive
                  2019-10-11 08:10 - 2018-11-10 14:13 - 000000000 ____D C:\Users\Anya\Documents\finance
                  2019-10-11 07:52 - 2019-08-26 00:04 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
                  2019-10-11 07:52 - 2019-03-19 15:50 - 000000000 ____D C:\WINDOWS\INF
                  2019-10-11 02:16 - 2019-01-31 09:50 - 000000000 ____D C:\Users\Anya\AppData\Local\AVAST Software
                  2019-10-11 02:16 - 2018-11-11 06:20 - 000000000 ____D C:\ProgramData\AVAST Software
                  2019-10-11 02:15 - 2019-08-21 09:50 - 000000000 ____D C:\Users\Anya\AppData\Local\Pushbullet
                  2019-10-11 02:11 - 2018-11-19 12:02 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk
                  2019-10-11 02:10 - 2019-08-26 00:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
                  2019-10-11 02:10 - 2019-03-19 15:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\SystemResources
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\oobe
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Dism
                  2019-10-11 02:08 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\bcastdvr
                  2019-10-11 01:43 - 2019-03-19 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
                  2019-10-11 01:41 - 2018-11-10 14:13 - 000000000 ____D C:\WINDOWS\system32\MRT
                  2019-10-11 01:36 - 2018-11-10 14:13 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
                  2019-10-10 21:00 - 2019-03-19 15:52 - 000000000 ___HD C:\Program Files\WindowsApps
                  2019-10-10 18:50 - 2019-03-19 15:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
                  2019-10-09 21:34 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
                  2019-10-09 21:34 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
                  2019-10-09 18:56 - 2018-11-22 13:54 - 000000000 ____D C:\Users\Anya\AppData\Local\CrashDumps
                  2019-10-08 10:43 - 2018-12-06 19:24 - 000000000 ____D C:\Users\Anya\AppData\Local\NordVPN
                  2019-10-07 10:16 - 2018-11-10 14:13 - 000000000 ____D C:\Users\Anya\Documents\maps
                  2019-10-05 18:48 - 2018-11-11 06:31 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
                  2019-10-05 18:48 - 2018-11-11 06:31 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
                  2019-10-05 18:45 - 2019-02-14 08:42 - 000276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
                  2019-10-05 18:45 - 2019-01-15 04:18 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
                  2019-10-05 18:45 - 2019-01-09 16:17 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
                  2019-10-05 18:45 - 2019-01-09 16:17 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
                  2019-10-05 18:45 - 2018-11-11 06:31 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
                  2019-10-05 18:45 - 2018-11-11 06:31 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
                  2019-10-05 18:45 - 2018-11-11 06:31 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
                  2019-10-05 18:45 - 2018-11-11 06:31 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
                  2019-10-05 18:45 - 2018-11-11 06:31 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
                  2019-10-05 18:45 - 2018-11-11 06:31 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
                  2019-10-05 01:09 - 2018-11-16 22:53 - 000000000 ___RD C:\Users\Anya\3D Objects
                  2019-10-05 01:09 - 2018-10-28 11:56 - 000000000 __RHD C:\Users\Public\AccountPictures
                  2019-10-05 01:02 - 2019-08-25 23:42 - 000342912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
                  2019-10-05 00:58 - 2019-03-19 17:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
                  2019-10-05 00:58 - 2019-03-19 15:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
                  2019-10-05 00:58 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
                  2019-10-05 00:58 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
                  2019-10-05 00:58 - 2019-03-19 15:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
                  2019-10-05 00:56 - 2019-08-25 23:52 - 000000000 ____D C:\Users\Anya
                  2019-10-03 08:17 - 2018-11-11 06:34 - 000000000 ____D C:\Program Files (x86)\Google
                  2019-09-30 22:24 - 2018-11-16 22:53 - 000000000 ____D C:\Users\Anya\AppData\Local\Packages
                  2019-09-27 18:00 - 2018-11-10 14:13 - 000000000 ____D C:\Users\Anya\Documents\tyaak
                  2019-09-25 10:32 - 2018-11-10 14:12 - 000000000 ____D C:\Users\Anya\Documents\Anya
                  2019-09-21 19:49 - 2018-11-21 13:47 - 000000000 ____D C:\Users\Anya\AppData\Local\Adobe
                  2019-09-20 16:30 - 2019-04-11 16:39 - 000000000 ____D C:\Users\Anya\Documents\anyas fone
                  2019-09-20 09:54 - 2019-09-02 11:05 - 000000000 ____D C:\WINDOWS\Minidump
                  2019-09-18 09:46 - 2019-08-25 23:52 - 000000000 ____D C:\Users\Administrator
                  2019-09-16 11:22 - 2018-11-10 14:12 - 000000000 ____D C:\Users\Anya\Documents\business 2019

                  ==================== Files in the root of some directories ================

                  2019-05-23 20:47 - 2019-05-23 20:47 - 000003584 _____ () C:\Users\Anya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
                  2019-10-12 19:08 - 2019-10-12 19:08 - 000003864 _____ () C:\Users\Anya\AppData\Local\recently-used.xbel

                  ==================== SigCheck ===============================

                  (There is no automatic fix for files that do not pass verification.)

                  ==================== End of FRST.txt ============================

                  ADDITIONS
                  [HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
                  Ran by Anya (13-10-2019 20:23:26)
                  Running from C:\Users\Anya\Desktop
                  Windows 10 Pro Version 1903 18362.418 (X64) (2019-08-25 13:16:00)
                  Boot Mode: Normal[/HEADING]
                  ==================== Accounts: =============================

                  Administrator (S-1-5-21-440688634-2831198262-268214595-500 - Administrator - Enabled) => C:\Users\Administrator
                  Anya (S-1-5-21-440688634-2831198262-268214595-1002 - Administrator - Enabled) => C:\Users\Anya
                  DefaultAccount (S-1-5-21-440688634-2831198262-268214595-503 - Limited - Disabled)
                  Guest (S-1-5-21-440688634-2831198262-268214595-501 - Limited - Disabled)
                  USER (S-1-5-21-440688634-2831198262-268214595-1001 - Administrator - Enabled) => C:\Users\USER
                  WDAGUtilityAccount (S-1-5-21-440688634-2831198262-268214595-504 - Limited - Disabled)

                  ==================== Security Center ========================

                  (If an entry is included in the fixlist, it will be removed.)

                  AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
                  AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

                  ==================== Installed Programs ======================

                  (Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

                  7-Zip 18.05 (HKLM-x32...\7-Zip) (Version: 18.05 - Igor Pavlov)
                  Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
                  Adobe Flash Player 32 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
                  Application Verifier x64 External Package (HKLM...{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
                  Avast Pro Antivirus (HKLM-x32...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
                  Dell Touchpad (HKLM...{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
                  DVDStyler v3.0.4 (HKLM...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
                  EZCast (HKLM-x32...{74CECDD9-4B8E-4AE3-9571-8070A17F3C34}) (Version: 1.0.0.143 - Actions-Micro)
                  Google Earth Pro (HKLM...{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
                  Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
                  HomeBank 5.2.4 (HKLM-x32...{770D94F9-211A-4BC7-9921-FC946ABD82C8}_is1) (Version: 5.2.4 - Maxime DOYEN)
                  Image Composite Editor (HKLM...{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
                  Kits Configuration Installer (HKLM-x32...{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
                  K-Lite Codec Pack 12.9.5 Basic (HKLM-x32...\KLiteCodecPack_is1) (Version: 12.9.5 - KLCP)
                  Microsoft .NET Framework 4.8 SDK (HKLM-x32...{ACBF202C-A6AA-4C85-8DEE-D77F9BDC20AA}) (Version: 4.8.03752 - Microsoft Corporation)
                  Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32...{531D0272-1CD3-45E1-A5EE-CF57F50AD452}) (Version: 4.8.03752 - Microsoft Corporation)
                  Microsoft OneDrive (HKU\S-1-5-21-440688634-2831198262-268214595-1002...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
                  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
                  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
                  Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
                  Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
                  Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32...{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
                  Mozilla Firefox 69.0.3 (x64 en-US) (HKLM...\Mozilla Firefox 69.0.3 (x64 en-US)) (Version: 69.0.3 - Mozilla)
                  Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
                  MSI Development Tools (HKLM-x32...{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  NordVPN (HKLM-x32...{A97BFB14-D0E2-4B55-9AA4-DC6A2A387DAB}) (Version: 6.24.14 - NordVPN) Hidden
                  NordVPN (HKLM-x32...\NordVPN 6.24.14) (Version: 6.24.14 - NordVPN)
                  NordVPN network TAP (HKLM-x32...{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
                  OpenOffice 4.1.4 (HKLM-x32...{BDB210E1-06C5-451F-BDAC-C18DDC7C2F14}) (Version: 4.14.9788 - Apache Software Foundation)
                  paint.net (HKLM...{67F0783F-E72F-4CD5-A91C-F9CD2E56C2E4}) (Version: 4.2.5 - dotPDN LLC)
                  PDFfiller extension version 1.0.0 (HKLM-x32...{F03E05E0-4014-4B06-B2B2-4326C6C81D78}_is1) (Version: 1.0.0 - PDFfiller Inc.)
                  Pushbullet version 338 (HKLM-x32...{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
                  Samsung OCR Software (HKLM-x32...\Samsung OCR Software) (Version: 1.01.18 (31/05/2018) - HP Printing Korea Co., Ltd.)
                  Samsung Printer Center (HKLM-x32...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
                  Samsung SCX-4x21 Series (HKLM-x32...\Samsung SCX-4x21 Series) (Version: - Samsung Electronics CO.,LTD)
                  SAMSUNG USB Driver for Mobile Phones (HKLM...{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
                  SDK ARM Additions (HKLM-x32...{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  SDK ARM Redistributables (HKLM-x32...{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  SDK Debuggers (HKLM-x32...{1AA664F4-B63F-74FD-35B6-993DDA3DEF81}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Switch Sound File Converter (HKLM-x32...\Switch) (Version: 7.17 - NCH Software)
                  Uninstall Samsung Printer Software (HKLM-x32...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
                  Universal CRT Extension SDK (HKLM-x32...{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Universal CRT Headers Libraries and Sources (HKLM-x32...{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Universal CRT Redistributable (HKLM-x32...{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Universal CRT Tools x64 (HKLM...{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Universal CRT Tools x86 (HKLM-x32...{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Universal General MIDI DLS Extension SDK (HKLM-x32...{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Update for Windows 10 for x64-based Systems (KB4023057) (HKLM...{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
                  VLC media player (HKLM...\VLC media player) (Version: 3.0.4 - VideoLAN)
                  Wave Editor 3.7.0.0 (HKLM-x32...\Wave Editor_is1) (Version: 3.7.0.0 - AbyssMedia.com)
                  WinAppDeploy (HKLM-x32...{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  Windows SDK AddOn (HKLM-x32...{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
                  Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32...{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
                  WinRT Intellisense Desktop - en-us (HKLM-x32...{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense Desktop - Other Languages (HKLM-x32...{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense IoT - en-us (HKLM-x32...{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense IoT - Other Languages (HKLM-x32...{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense Mobile - en-us (HKLM-x32...{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense PPI - en-us (HKLM-x32...{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense PPI - Other Languages (HKLM-x32...{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense UAP - en-us (HKLM-x32...{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WinRT Intellisense UAP - Other Languages (HKLM-x32...{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
                  WPT Redistributables (HKLM-x32...{70D0B057-048B-F699-A2B0-AD325018802F}) (Version: 10.1.18362.1 - Microsoft) Hidden
                  WPTx64 (HKLM-x32...{EC12C121-3208-5E92-FCB0-0591769632F9}) (Version: 10.1.18362.1 - Microsoft) Hidden
                  [HEADING=1]Packages:[/HEADING]
                  Dolby Access → C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3. 0.3587.0_x64__rz1tebttyb220 [2019-10-07] (Dolby Laboratories)
                  HEVC Video Extensions → C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1. 0.21822.0_x64__8wekyb3d8bbwe [2019-08-26] (Microsoft Corporation)
                  Mail and Calendar → C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-04] (Microsoft Corporation) [MS Ad]
                  Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
                  Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
                  MSN Weather → C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463 .0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation) [MS Ad]
                  Photos Add-on → C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-23] (Microsoft Corporation)
                  Unit Conversion → C:\Program Files\WindowsApps\44352GadgetWE.UnitConversion_1.0 .1.4_neutral__wrnqd43hr7tc6 [2019-07-17] (GadgetWE)
                  VitalSource Bookshelf → C:\Program Files\WindowsApps\VitalSourceTechnologiesIn.VitalS ourceBookshelf_8.4.21.0_x64__wasrd15zsyawm [2019-08-31] (VitalSource Technologies Inc)
                  XE Currency → C:\Program Files\WindowsApps\XE.com.XECurrency_2.1.1.0_neutra l__03yfs222qanwj [2019-07-18] (XE.com)

                  ==================== Custom CLSID (Whitelisted): ==========================

                  (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                  ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  ContextMenuHandlers1-x32: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
                  ContextMenuHandlers1: [avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  ContextMenuHandlers1: [SignNowExtension] → {732ff99f-d449-31a6-903a-2d166eb3b54d} => C:\Program Files (x86)\PDFfiller extension\PdffillerExtension.DLL [2018-09-06] () [File not signed]
                  ContextMenuHandlers3: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. → AVAST Software)
                  ContextMenuHandlers4-x32: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
                  ContextMenuHandlers5: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher → Intel Corporation)
                  ContextMenuHandlers6-x32: [7-Zip] → {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
                  ContextMenuHandlers6: [avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-05] (AVAST Software s.r.o. → AVAST Software)

                  ==================== Codecs (Whitelisted) ==================

                  ==================== Shortcuts & WMI ========================

                  (The entries could be listed to be restored or removed.)

                  ==================== Loaded Modules (Whitelisted) ==============

                  2019-01-21 22:55 - 2019-01-21 22:55 - 000251392 _____ () [File not signed] C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000988160 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000170496 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
                  2018-11-16 22:33 - 2011-07-26 20:40 - 000184320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung SCX-4x21 Series\SPanel\SecSNMPR.dll
                  2018-11-16 22:33 - 2012-10-22 19:29 - 004554752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung SCX-4x21 Series\SPanel\SMBalloon.dll
                  2018-11-16 22:33 - 2011-08-02 00:14 - 000155648 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung SCX-4x21 Series\SPanel\spiomgr.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000248832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\analysis.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000164352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\apr-util.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000297472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\avmedia.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001143808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\basegfx.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000596992 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\bootstrap.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001175552 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\comphelpMSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000487936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\configmgr.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000238080 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppu3.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000587776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppuhelper3MSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000071168 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\date.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 003026944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\dbtools.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000652800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deployment.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000353792 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentgui.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000151040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentmisc.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000126464 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\dnd.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000887296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\drawinglayer.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001580544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\editeng.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000160768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\emser.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000046592 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\evtatt.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000051712 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fileacc.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000226304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\filterconfig1.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000132608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\for.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000202240 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\forui.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001814528 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\frm.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000091648 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fsstorage.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000055808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ftransl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000485888 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwe.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000210432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwi.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 002193920 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwk.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000313344 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000187392 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\helplinker.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000070656 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\hyphen.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nisolang1MSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npaper.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001333248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npool.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000067072 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nutilMSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000136192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\introspection.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\jvmaccess3MSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\jvmfwk3.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000134144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libapr-1.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000099840 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\librdf.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001257472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lng.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000068608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lnth.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localebe1.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000104448 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_en.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000107520 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_es.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000718848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_euro.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000833536 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localedata_others.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000038912 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\mcnttype.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000083456 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msci_uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000812032 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msfilter.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001449472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msword.DLL
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000344576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\oleautobridge.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000008704 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\onlinecheck.DLL
                  2017-10-12 05:23 - 2017-10-12 05:23 - 002456064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ootk.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000368640 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\package2.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000097280 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\passwordcontainer.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000286720 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\raptor.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000156160 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\rasqal.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000121344 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reflection.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reg3.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001792512 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sal3.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\salhelper3MSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000093184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000168448 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 002291200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sb.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 007617536 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sc.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000041984 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\scd.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000082944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\serf.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 003658240 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sfx.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000542208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll
                  2017-10-12 06:28 - 2017-10-12 06:28 - 009828864 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000290304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sofficeapp.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000279040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sot.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000183296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spell.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000205824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000096768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\stocservices.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000053760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\store3.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000901120 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 003373056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svt.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 003235328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svx.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 006034432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svxcore.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 009289216 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sw.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\swd.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000117760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sysdtrans.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000620544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\tl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000231936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucb1.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000388608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucbhelper4MSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000344576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpchelp1.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000412160 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpdav1.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpexpand1.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000309248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpfile1.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000167424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\unordf.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000367616 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\unoxml.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000053248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\updatefeed.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000186880 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\updchk.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001104384 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\utl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000254976 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uui.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000085504 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uwinapi.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000662528 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vbahelper.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 004172800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vcl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000099328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vos3MSC.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000028672 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\wininetbe1.uno.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000791040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xcr.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000045056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xmlreader.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000238592 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xmlsecurity.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 003469312 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xo.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000396288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xstor.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icudt40.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001072128 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuin40.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000951808 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuuc40.dll
                  2019-03-18 19:12 - 2019-03-18 19:12 - 000264704 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
                  2015-02-24 15:49 - 2015-02-24 15:49 - 000236544 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000180224 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libcurl.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 001020928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\LIBEAY32.dll
                  2017-10-12 05:23 - 2017-10-12 05:23 - 000218624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\SSLEAY32.dll

                  ==================== Alternate Data Streams (Whitelisted) =========

                  (If an entry is included in the fixlist, only the ADS will be removed.)

                  ==================== Safe Mode (Whitelisted) ===================

                  (If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

                  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Wdf01000.sys => “”=“Driver”
                  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Wdf01000.sys => “”=“Driver”

                  ==================== Association (Whitelisted) ===============

                  (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

                  ==================== Internet Explorer trusted/restricted ===============

                  (If an entry is included in the fixlist, it will be removed from the registry.)

                  ==================== Hosts content: ===============================

                  (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

                  2018-04-12 10:38 - 2019-01-09 16:02 - 000001362 _____ C:\WINDOWS\system32\drivers\etc\hosts

                  2019-09-13 19:44 - 2019-09-21 19:49 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

                  ==================== Other Areas ============================

                  (Currently there is no automatic fix for this section.)

                  HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\s ystem32;%SystemRoot%;%SystemRoot%\System32\Wbem;%S YSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEM ROOT%\System32\OpenSSH;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002\Control Panel\Desktop\Wallpaper → C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Desk top Background.bmp
                  DNS Servers: 103.86.96.100 - 103.86.99.100
                  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
                  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
                  Windows Firewall is disabled.

                  ==================== MSCONFIG/TASK MANAGER disabled items ==

                  If an entry is included in the fixlist, it will be removed.

                  HKLM...\StartupApproved\StartupFolder: => “Billminder.lnk”
                  HKLM...\StartupApproved\Run: => “WinZip PreLoader”
                  HKLM...\StartupApproved\Run: => “WinZip UN”
                  HKLM...\StartupApproved\Run32: => “SunJavaUpdateSched”
                  HKLM...\StartupApproved\Run32: => “KiesTrayAgent”
                  HKLM...\StartupApproved\Run32: => “iSkysoft Helper Compact.exe”
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\StartupApproved\StartupFolder: => “PDFFiller.lnk”
                  HKU\S-1-5-21-440688634-2831198262-268214595-1002...\StartupApproved\Run: => “uTorrent”

                  ==================== FirewallRules (Whitelisted) ===============

                  (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

                  FirewallRules: [TCP Query User{0CDC49C8-EAC1-4E9B-BA14-098217F3716D}C:\users\anya\appdata\roaming\utorren t\utorrent.exe] => (Allow) C:\users\anya\appdata\roaming\utorrent\utorrent.ex e No File
                  FirewallRules: [UDP Query User{DF24D1A2-9B9E-4FCD-B8D1-AD58F1E68027}C:\users\anya\appdata\roaming\utorren t\utorrent.exe] => (Allow) C:\users\anya\appdata\roaming\utorrent\utorrent.ex e No File
                  FirewallRules: [{85D9AB0C-440F-455B-B23D-F998A48757D8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
                  FirewallRules: [{07E36D3A-822D-4CF0-9007-C7CBCCC52F72}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
                  FirewallRules: [{CFE01EDF-4F7A-4853-9D8D-D8B9A19A4D3F}] => (Allow) %systemroot%\system32\alg.exe No File
                  FirewallRules: [{A03D1D83-EB3A-496F-A86C-4EB52CAA7A93}] => (Allow) %systemroot%\system32\alg.exe No File
                  FirewallRules: [{03E50B29-2C50-4ADA-8C39-617DFCF4684B}] => (Allow) %systemroot%\system32\alg.exe No File

                  ==================== Restore Points =========================

                  10-10-2019 14:51:16 Scheduled Checkpoint

                  ==================== Faulty Device Manager Devices =============

                  ==================== Event log errors: =========================
                  [HEADING=1]Application errors:[/HEADING]
                  Error: (10/13/2019 08:17:45 PM) (Source: VSS) (EventID: 8193) (User: )
                  Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
                  .

                  Operation:
                  Executing Asynchronous Operation

                  Context:
                  Current State: DoSnapshotSet

                  Error: (10/13/2019 08:16:46 PM) (Source: VSS) (EventID: 8194) (User: )
                  Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
                  .
                  This is often caused by incorrect security settings in either the writer or requestor process.

                  Operation:
                  Gathering Writer Data

                  Context:
                  Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
                  Writer Name: System Writer
                  Writer Instance ID: {026df162-db81-48ee-a9c7-71bd1db55d18}

                  Error: (10/13/2019 08:05:55 PM) (Source: ESENT) (EventID: 455) (User: )
                  Description: svchost (8660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\TileDataLayer\Database\EDB.log.

                  Error: (10/13/2019 07:53:40 PM) (Source: ESENT) (EventID: 455) (User: )
                  Description: svchost (10304,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\TileDataLayer\Database\EDB.log.

                  Error: (10/13/2019 04:14:36 PM) (Source: ESENT) (EventID: 455) (User: )
                  Description: svchost (7692,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\TileDataLayer\Database\EDB.log.

                  Error: (10/13/2019 04:01:57 PM) (Source: ESENT) (EventID: 455) (User: )
                  Description: svchost (1144,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\TileDataLayer\Database\EDB.log.

                  Error: (10/13/2019 03:33:37 PM) (Source: ESENT) (EventID: 455) (User: )
                  Description: svchost (11004,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\TileDataLayer\Database\EDB.log.

                  Error: (10/13/2019 11:31:24 AM) (Source: ESENT) (EventID: 455) (User: )
                  Description: svchost (13184,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\TileDataLayer\Database\EDB.log.
                  [HEADING=1]System errors:[/HEADING]
                  Error: (10/13/2019 08:18:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv0 0qxextfnce9sxb8.mca did not register with DCOM within the required timeout.

                  Error: (10/13/2019 08:06:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv0 0qxextfnce9sxb8.mca did not register with DCOM within the required timeout.

                  Error: (10/13/2019 04:14:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv0 0qxextfnce9sxb8.mca did not register with DCOM within the required timeout.

                  Error: (10/13/2019 03:32:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv0 0qxextfnce9sxb8.mca did not register with DCOM within the required timeout.

                  Error: (10/13/2019 09:40:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.

                  Error: (10/13/2019 09:40:04 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.

                  Error: (10/13/2019 09:39:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.

                  Error: (10/13/2019 09:39:57 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EIUB3MN)
                  Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neu tral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
                  [HEADING=1]CodeIntegrity:[/HEADING]
                  Date: 2019-10-13 09:39:55.211
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-13 09:39:55.189
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-13 09:39:54.992
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-13 09:39:54.967
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-13 09:39:52.642
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-12 20:02:22.586
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-12 19:02:22.921
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  Date: 2019-10-12 14:17:26.088
                  Description:
                  Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClien t.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

                  ==================== Memory info ===========================

                  BIOS: Dell Inc. A20 02/21/2018
                  Motherboard: Dell Inc. 0HDT4R
                  Processor: Intel(R) Core™ i3-2350M CPU @ 2.30GHz
                  Percentage of memory in use: 58%
                  Total physical RAM: 8095.64 MB
                  Available physical RAM: 3320.23 MB
                  Total Virtual: 9439.64 MB
                  Available Virtual: 4232.97 MB

                  ==================== Drives ================================

                  Drive c: () (Fixed) (Total:297.49 GB) (Free:169.07 GB) NTFS

                  \?\Volume{56919b75-0b11-4b34-9c96-1b5cfd738cd2}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
                  \?\Volume{57236301-2ead-435d-ade8-cb8ec331b1bf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

                  ==================== MBR & Partition Table ==================

                  ================================================== ======
                  Disk: 0 (Size: 298.1 GB) (Disk ID: C95369C7)

                  Partition: GPT.

                  ==================== End of Addition.txt ============================

                  Comment

                  • Malnutrition
                    PCHF Moderator
                    • Jul 2016
                    • 7045

                    #10
                    ESET Online Scanner


                    Note: You can expect this process to take a long time, up to several hours or more.

                    [ul]
                    [li]Download ESET Online Scanner and save it to your Desktop[/li][li]Right click on esetonlinescanner_enu.exe and select Run as administrator[/li][li]Click Computer scan[/li][li]Click Full scan[/li][li]Click Start scan, leaving the default setting[/li][li]If threats were found click Save scan log and save it to your Desktop as ESETScan.txt[/li][li]Click Continue 3 times[/li][li]Click Close[/li][li]Copy and paste the ESETScan.txt file contents in your reply[/li][li]Review the list and let me know if you think any of the items are legitimate and should be restored[/li][li]If no threats were found, click Continue 3 times[/li][li]Place a check mark in Delete application data on closing then click Close[/li][/ul]

                    Comment

                    • Loosie
                      PCHF Member
                      • Feb 2017
                      • 97

                      #11
                      ESET scan results;

                      18/10/2019 13:57:53 PM
                      Files scanned: 313161
                      Infected files: 10
                      Cleaned threats: 8
                      Total scan time 01:56:40
                      Scan status: Finished
                      C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

                      C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-959.vpx Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

                      C:\Users\Anya\AppData\Local\AVAST Software\Avast Driver Updater\Updates\hdd.exe a variant of Win32/Slimware.A potentially unwanted application cleaned by deleting

                      C:\Users\Anya\Documents\anyas fone\apk files\OneClickRoot.apk Android/FakeApp.HI trojan cleaned by deleting

                      C:\Users\Anya\Documents\computer\BitTorrent.exe a variant of MSIL/WebCompanion.A potentially unwanted application,a variant of Win32/WebCompanion.B potentially unwanted application cleaned by deleting

                      C:\Users\Anya\Documents\computer\Fire_Horse_Animat ed_Wallpaper.exe a variant of MSIL/Slithermon.A trojan cleaned by deleting

                      C:\Users\Anya\Documents\computer\Fire_Horse_Screen saver.exe MSIL/Slithermon.A trojan,a variant of MSIL/Slithermon.A trojan cleaned by deleting

                      C:\Users\Anya\Documents\computer\PhotoScapeSetup_V 3.7.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting

                      C:\Users\Anya\Documents\computer\uTorrent_00410280 91.exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting

                      C:\Users\Anya\Documents\kid stuff\kids school\Grace computer\Documents\Documents\computer stuff\winiso.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.K potentially unwanted application cleaned by deleting

                      Comment

                      • Malnutrition
                        PCHF Moderator
                        • Jul 2016
                        • 7045

                        #12
                        Ok. Fresh FRST logs, please. Sorry for the delay in looking things over. @gus

                        Comment

                        • Loosie
                          PCHF Member
                          • Feb 2017
                          • 97

                          #13
                          Was having other dramas too - see other thread - and ended up couldn’t ‘restore’, couldn’t… do anything it seems, to fix it, so did a fresh ‘reset’ of Windows. Let me know if you think I should do more scans now please…

                          Comment

                          • system
                            PCHF Owner
                            • Jan 2015
                            • 7634

                            #14
                            Are you having any issues?

                            Comment

                            • system
                              PCHF Owner
                              • Jan 2015
                              • 7634

                              #15
                              Will close this thread as you have advised elsewhere that you have reinstalled Windows. Should you wish to reopen this MALWARE thread please contact a staff member who may reopen it.

                              Comment

                              Working...