• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved Win 10 BSOD

Status
Not open for further replies.
Avast again, I see that you previously post on the malware removal thread regarding this issue, unfortunately we are going to have to refer you back there to resolve this, Avast is embedded in your system which is becoming a more and more common occurrence and only the malware experts have the tools, ways and means to eradicate it.

Hang fire here until a security expert moves your thread.
 
Have already asked a security expert to take a look for us, different time zones means that my PM was post in the middle of the night where our colleague is so there will be some delay in him replying.

Something that we can try why your thread is still on this forum;


Post an Autoruns log for us, see here

1: Extract the Autoruns Zip file contents to a folder.

2: Double-click the "Autoruns.exe".

3: Click on the "Hide Signed Microsoft and Windows Entries” option.

4: Go to File then to Export As or Save in some versions.

5: Save AutoRuns.txt file to known location like your Desktop > when you click on File > Save you will then get the option to Save as type, click the drop down tab, change it to Text and then click the Save button.

6: Attach to your next reply.



Tutorial here
 
Hi, didn't see last replies earlier sorry. Attached is the autoruns txt - the options tab was blanked out & I couldn't see anywhere else to exclude windows entries...
 

Attachments

  • autoruns txt.txt
    39 KB · Views: 8
Hello Loosie, I'm Gus and will try to help you. Please read the following and if you agree we can proceed.

  • Please let me know if you are receiving help at another forum on this issue so I can close this thread?
  • Please agree to stay with me till we give you the all clear
  • Please do not run any tools other than the ones we ask you to, some can be very dangerous and actually make things worse.
  • Should any tools we ask you to use give you a security warning you can safely allow them to run, they have all been proven safe.
  • Download any requested tools and make sure to run them from the desktop, unless specifically instructed otherwise.
  • Please do not install any other software whilst we cleanup, this can complicate the process, making cleaning impossible.
  • With malware it can be impossible to determine the outcome, and whilst we will work to a positive result we strongly recommend you backup all your personal files and folders before we begin.
  • Do remember the fixes used to clean your machine are meant for your computer only, and the use on another computer may cause serious damage to that machine.
  • Finally, please allow me a little time to analyse any logs I request from you, I know you want your computer cleaned yesterday but please remember we are all volunteers here and we do have a life that sometimes takes us away from computers. If your thread gets closed due to no response from you you can PM me or a staff member and have it reopened. Should you not hear from me within 48 hours please PM me.
  • That's the last of the fine print so lets get under way:)


We need a log from Farbar Recovery Scan Tool (FRST) to examine your system.

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"

icon2.jpg


If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.

frst disclaimer.jpg

  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select "Scan"
frst.jpg


Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

2016-08-12_152002.jpg


Please COPY and PASTE the contents of these two files in your next post.
 
Hi Gus, muchly appreciated!

Firstly, thanks, no one else is helping me with this problem - PCHF has been a lifesaver in the past & is my only go to now! Probably about time for another donation to you guys actually.

I did a FRST scan when I first posted about this, thinking it was malware, but below is another I've just done now. I tried to do an ASWMBR scan too, when I first tried to do malware 'prework' for here, but that triggered the blue screen crash. Details above.

FRST scan;

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2020
Ran by Anya (administrator) on DESKTOP-EIUB3MN (Dell Inc. Latitude E6330) (27-04-2020 13:57:22)
Running from C:\Users\Anya\Desktop\PC prework
Loaded Profiles: Anya (Available Profiles: USER & Anya & Administrator)
Platform: Windows 10 Pro Version 1909 18363.778 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Actions Microelectronics Co.,Ltd. -> ) C:\Program Files (x86)\EZCast\EZCastService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\simpress.exe <4>
(Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin <4>
(Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.exe <4>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> The OpenVPN Project) C:\Program Files (x86)\NordVPN\Resources\Binaries\64bit\openvpn-nordvpn.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-440688634-2831198262-268214595-1002\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1824800 2020-04-03] (TEFINCOM S.A. -> NordVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.64\Installer\setup.exe [2020-04-24] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Anya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shrink Pic.lnk [2019-10-24]
ShortcutTarget: Shrink Pic.lnk -> C:\Program Files (x86)\Shrink Pic\shrink_pic.exe () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {240B2314-9012-4B5A-980E-3FE5A9045EC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-22] (Google Inc -> Google Inc.)
Task: {4EA42A8B-E922-4F3C-87DD-D6EEE846D72C} - System32\Tasks\EZCastServiceSchedule => C:\Program Files (x86)\EZCast\EZCast.exe [6048064 2019-10-08] (Actions Microelectronics Co.,Ltd. -> )
Task: {51C7FEED-5391-4B44-AAD1-98D2227E41C0} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [File not signed]
Task: {5B12AB71-3823-4709-A1A1-03DEAC341C77} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {70B60374-2E73-4015-BCEA-620BE5EB4DDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {745B4925-F13B-4C26-A3C0-B4E5202FFF15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-22] (Google Inc -> Google Inc.)
Task: {78912529-A7FE-4979-971B-16FF9044D833} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {8A15C118-74FE-49FD-8681-0B8064E6AD7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8AABBEC6-E234-4EEC-A426-99F4BAE27357} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {983CECA4-21B0-4522-90FC-D56FC12847FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1833A15-9D5C-4BE3-B72F-6B42496CC0EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C584D97C-33F4-44DD-8A83-E20154BE49DD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{1da63879-7698-4f40-aa43-ba400588442c}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{6f369847-95e9-41b5-afec-d2fa3156c9f8}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{823b4ed1-a671-4a42-aed3-26ec0201a547}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{bb8b7f51-f137-4dc2-aac4-968cb3bab00a}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ecd4b84e-cdca-4aa6-a5cd-cfa6f17b45df}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
Toolbar: HKLM-x32 - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~2\FRESHD~1\FRESHD~1\fdiebar.dll No File

Edge:
======
Edge Profile: C:\Users\Anya\AppData\Local\Microsoft\Edge\User Data\Default [2020-04-19]

FireFox:
========
FF DefaultProfile: ji7iaqgm.default
FF ProfilePath: C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default [2019-10-22]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default\Extensions\sp@avast.com.xpi [2019-10-22]
FF Extension: (Avast Online Security) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default\Extensions\wrc@avast.com.xpi [2019-10-22]
FF ProfilePath: C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\zurbikq2.default-release-1587254617768 [2020-04-27]
FF Homepage: Mozilla\Firefox\Profiles\zurbikq2.default-release-1587254617768 -> hxxps://mail.yahoo.com/d/folders/1?guce_referrer=aHR0cHM6Ly9sb2dpbi55YWhvby5jb20v&guce_referrer_sig=AQAAAGUamKIRfswLum4BcS3XJJ8SUOypd9yjQFDHISEh9a4Qs8sKw50UcLj8mNd0d6xrktTf5QxLqfvHULIe82Opn6t9ZBGjYgGq-aVQlCEjM07_i6eEQZ0ZU9-EuS4qCpENQQpCGsdsy0VE1RqWj0z0E05zJ2C7rzPhZpgCAbt-rBhB
FF Session Restore: Mozilla\Firefox\Profiles\zurbikq2.default-release-1587254617768 -> is enabled.
FF Extension: (SaveFrom.net helper) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\zurbikq2.default-release-1587254617768\Extensions\helper@savefrom.net.xpi [2020-04-25]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\zurbikq2.default-release-1587254617768\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-19]
FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default [2020-01-13]
CHR Extension: (Free Download Manager) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2020-01-13]
CHR Extension: (Tampermonkey) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-01-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-11-11]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-13]
CHR Extension: (Avast Online Security) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Anya\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-13]
CHR HKU\S-1-5-21-440688634-2831198262-268214595-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 EZCastService; C:\Program Files (x86)\EZCast\EZCastService.exe [286016 2019-10-08] (Actions Microelectronics Co.,Ltd. -> )
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.64\elevation_service.exe [1125264 2020-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [236576 2020-04-03] (TEFINCOM S.A. -> )
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2019-10-24] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\Transfer\DriverInstall.exe [107800 2019-09-26] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndDiag; C:\WINDOWS\System32\drivers\lganddiag64.sys [27648 2019-01-14] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2019-01-14] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [29160 2018-07-27] (Dell Inc -> OSR Open Systems Resources, Inc.)
R2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-10-12] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [488736 2015-08-03] (Intel(R) Intel Network Drivers -> Intel Corporation)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-03] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop)
S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation)
S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-03] (MCCI Corporation -> MCCI Corporation)
S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-03] (MCCI Corporation -> MCCI)
S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-03] (MCCI Corporation -> MCCI Corporation)
S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-03] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [48920 2014-12-03] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206104 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-03] (MCCI Corporation -> MCCI Corporation)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26392 2014-12-03] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-27 08:12 - 2020-04-27 08:12 - 000007951 _____ C:\Users\Anya\AppData\Local\recently-used.xbel
2020-04-24 23:05 - 2020-04-24 23:05 - 001728127 _____ C:\Users\Anya\Downloads\Autoruns.zip
2020-04-24 22:38 - 2020-04-27 08:11 - 000000000 ____D C:\Users\Anya\AppData\Roaming\vlc
2020-04-24 22:38 - 2020-04-24 22:39 - 000000000 ____D C:\Users\Anya\AppData\Roaming\dvdcss
2020-04-24 22:30 - 2020-04-24 22:30 - 000000966 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-04-24 22:30 - 2020-04-24 22:30 - 000000966 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-04-24 22:30 - 2020-04-24 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-04-24 20:01 - 2020-04-24 20:15 - 042348328 _____ C:\Users\Anya\Downloads\vlc-3.0.9.2-win64.exe
2020-04-24 19:53 - 2020-04-24 19:53 - 000003584 _____ C:\Users\Anya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-04-24 16:14 - 2020-04-24 16:14 - 000007990 _____ C:\Users\Anya\Downloads\Download(1).QIF
2020-04-24 15:20 - 2020-04-24 15:20 - 000178395 _____ C:\Users\Anya\Downloads\Download(1).CSV
2020-04-24 15:20 - 2020-04-24 15:20 - 000138914 _____ C:\Users\Anya\Downloads\Download(2).CSV
2020-04-24 15:20 - 2020-04-24 15:20 - 000121173 _____ C:\Users\Anya\Downloads\Download.CSV
2020-04-24 15:20 - 2020-04-24 15:20 - 000002702 _____ C:\Users\Anya\Downloads\Download.QIF
2020-04-23 20:17 - 2020-04-23 20:17 - 000000000 ____D C:\Users\Anya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2020-04-22 19:33 - 2020-04-22 19:33 - 000178726 _____ C:\Users\Anya\Downloads\confo pics.webp
2020-04-22 19:20 - 2020-04-22 19:31 - 000332924 _____ C:\Users\Anya\Downloads\Angles for taking pics.webp
2020-04-22 19:08 - 2020-04-22 19:08 - 000007907 _____ C:\Users\Anya\Downloads\rearing.jfif
2020-04-22 10:14 - 2020-04-22 10:14 - 000003490 _____ C:\Users\Anya\Downloads\TransactionHistory(4).qif
2020-04-21 19:54 - 2020-04-21 19:55 - 016683215 _____ C:\Users\Anya\Downloads\Barry McGuire - Eve Of Destruction.mp4
2020-04-20 18:04 - 2020-04-20 18:05 - 000414089 _____ C:\Users\Anya\Downloads\Porch_Swing.pdf
2020-04-20 17:12 - 2020-04-20 17:12 - 000017487 _____ C:\Users\Anya\Documents\Thai red & green curry paste.odt
2020-04-20 16:08 - 2020-04-20 16:08 - 000000000 ____D C:\Users\Anya\Documents\paint.net User Files
2020-04-20 12:13 - 2020-04-20 12:14 - 002012861 _____ C:\Users\Anya\Downloads\Forensic Science Test(1).pdf
2020-04-20 10:07 - 2020-04-20 10:07 - 000154293 _____ C:\WINDOWS\Minidump\041920-35531-01.zip
2020-04-19 21:24 - 2020-04-23 20:16 - 000000000 ____D C:\WINDOWS\Minidump
2020-04-19 18:36 - 2020-04-19 18:37 - 058248089 _____ C:\Users\Anya\Downloads\Poor Man's Geothermal.mp4
2020-04-19 09:59 - 2020-04-24 07:56 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-04-19 09:59 - 2020-04-19 09:59 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-19 09:59 - 2020-04-19 09:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-19 09:57 - 2020-04-19 09:57 - 000319664 _____ (Mozilla) C:\Users\Anya\Downloads\Firefox Installer.exe
2020-04-19 09:56 - 2020-04-19 09:56 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-04-19 09:56 - 2020-04-19 09:56 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-04-19 09:54 - 2020-04-19 09:54 - 001823984 _____ (Microsoft Corporation) C:\Users\Anya\Downloads\MicrosoftEdgeSetup.exe
2020-04-18 09:55 - 2020-04-18 09:55 - 002402745 _____ C:\Users\Anya\Downloads\Tesla Powerwall 2 Brochure.pdf
2020-04-18 09:55 - 2020-04-18 09:55 - 000794832 _____ C:\Users\Anya\Downloads\Quote 130966 2020-04-17 08-15.pdf
2020-04-18 09:54 - 2020-04-18 09:55 - 000016229 _____ C:\Users\Anya\Downloads\solar batteries options.xlsx
2020-04-18 09:52 - 2020-04-18 09:52 - 002458133 _____ C:\Users\Anya\Downloads\Solargain Info Pack.PDF
2020-04-18 02:23 - 2020-04-18 05:05 - 000485686 _____ C:\Users\Anya\Downloads\.fe1e1069de410fb44157f02b4f6655dde99621c6.parts
2020-04-18 02:10 - 2020-04-18 02:26 - 000285696 _____ C:\Users\Anya\Downloads\.5c8da4f5ef8281eb1e93af7824d962b752112d69.parts
2020-04-17 14:59 - 2020-04-17 15:00 - 001539363 _____ C:\Users\Anya\Downloads\Facebook(2).mp4
2020-04-17 14:55 - 2020-04-17 14:58 - 004852334 _____ C:\Users\Anya\Downloads\(1) Facebook.mp4
2020-04-17 13:30 - 2020-04-17 13:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-04-17 13:27 - 2020-04-17 13:27 - 000000020 ___SH C:\Users\Anya\ntuser.ini
2020-04-17 13:00 - 2020-04-23 20:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-17 13:00 - 2020-04-17 13:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-04-17 13:00 - 2020-04-17 13:01 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-17 13:00 - 2020-04-17 13:01 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-17 13:00 - 2020-04-17 13:01 - 000002246 _____ C:\WINDOWS\system32\Tasks\EZCastServiceSchedule
2020-04-17 13:00 - 2020-04-17 13:00 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2020-04-17 13:00 - 2020-04-17 13:00 - 000015243 _____ C:\WINDOWS\diagerr.xml
2020-04-17 13:00 - 2020-04-17 13:00 - 000001944 _____ C:\WINDOWS\system32\Tasks\FreeDownloadManagerNetworkMonitor
2020-04-17 13:00 - 2020-04-17 13:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-440688634-2831198262-268214595-1002
2020-04-17 12:55 - 2020-04-23 20:20 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-17 12:41 - 2019-10-07 12:56 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-04-17 12:35 - 2020-04-27 13:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-17 12:35 - 2020-04-17 12:48 - 000321504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-17 12:34 - 2020-04-17 13:03 - 000000000 ____D C:\Windows.old
2020-04-17 12:00 - 2020-04-17 12:00 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WinSetupBoot.sys
2020-04-17 11:36 - 2020-04-17 12:46 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-04-17 11:35 - 2020-04-19 21:33 - 000000000 ____D C:\Users\Anya
2020-04-17 11:35 - 2020-04-17 12:34 - 000000000 ____D C:\Users\Administrator
2020-04-17 11:35 - 2019-03-19 14:46 - 000001105 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 11:35 - 2019-03-19 14:46 - 000001105 _____ C:\Users\Anya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 11:35 - 2019-03-19 14:46 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 11:33 - 2020-04-17 11:36 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-04-17 11:29 - 2020-04-17 11:29 - 000000000 ____D C:\ProgramData\ssh
2020-04-17 11:17 - 2020-04-17 11:17 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 004825600 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 002369576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001659408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 001495864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2020-04-17 11:17 - 2020-04-17 11:17 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DirectML.Debug.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DirectML.Debug.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
2020-04-17 11:17 - 2020-04-17 11:17 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-04-17 11:17 - 2020-04-17 11:17 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-04-17 11:17 - 2020-04-17 11:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-04-17 11:16 - 2020-04-17 11:17 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-04-17 11:16 - 2020-04-17 11:16 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 002188600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001718584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001616696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001386296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000960040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000816952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000666640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-17 11:16 - 2020-04-17 11:16 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-04-17 11:16 - 2020-04-17 11:16 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-04-17 11:16 - 2020-04-17 11:16 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000259384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-04-17 11:16 - 2020-04-17 11:16 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2020-04-17 11:16 - 2020-04-17 11:16 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2020-04-17 11:16 - 2020-04-17 11:16 - 000138040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2020-04-17 11:16 - 2020-04-17 11:16 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-04-17 11:16 - 2020-04-17 11:16 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-04-17 11:16 - 2020-04-17 11:16 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-04-17 11:16 - 2020-04-17 11:16 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-04-17 11:16 - 2020-04-17 11:16 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-04-17 11:16 - 2020-04-17 11:16 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-04-17 11:16 - 2020-04-17 11:16 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-04-17 11:15 - 2020-04-17 11:16 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-17 11:15 - 2020-04-17 11:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-04-17 11:15 - 2020-04-17 11:15 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-04-17 11:15 - 2020-04-17 11:15 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-17 11:15 - 2020-04-17 11:15 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-04-17 11:15 - 2020-04-17 11:15 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-17 11:15 - 2020-04-17 11:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-04-17 11:15 - 2020-04-17 11:15 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-04-17 11:15 - 2020-04-17 11:15 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-04-17 11:15 - 2020-04-17 11:15 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-17 11:15 - 2020-04-17 11:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-04-17 11:15 - 2020-04-17 11:15 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-04-17 11:15 - 2020-04-17 11:15 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-04-17 11:15 - 2020-04-17 11:15 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-17 11:15 - 2020-04-17 11:15 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-17 11:14 - 2020-04-17 11:14 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-04-17 11:14 - 2020-04-17 11:14 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-04-17 11:14 - 2020-04-17 11:14 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-04-17 11:14 - 2020-04-17 11:14 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-04-17 11:14 - 2020-04-17 11:14 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-04-17 11:14 - 2020-04-17 11:14 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-04-17 11:14 - 2020-04-17 11:14 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-04-17 11:14 - 2020-04-17 11:14 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-04-17 11:14 - 2020-04-17 11:14 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-17 11:14 - 2020-04-17 11:14 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-04-17 11:14 - 2020-04-17 11:14 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-17 11:13 - 2020-04-17 11:13 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-17 11:13 - 2020-04-17 11:13 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-17 11:13 - 2020-04-17 11:13 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-17 11:13 - 2020-04-17 11:13 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-04-17 11:12 - 2020-04-17 11:12 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-17 11:12 - 2020-04-17 11:12 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-04-17 11:12 - 2020-04-17 11:12 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-04-17 11:12 - 2020-04-17 11:12 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-04-17 11:12 - 2020-04-17 11:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-04-17 11:12 - 2020-04-17 11:12 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-04-17 11:12 - 2020-04-17 11:12 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-04-17 11:12 - 2020-04-17 11:12 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-17 11:12 - 2020-04-17 11:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-04-17 11:12 - 2020-04-17 11:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-04-17 11:11 - 2020-04-17 11:11 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-17 11:11 - 2020-04-17 11:11 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-17 11:11 - 2020-04-17 11:11 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 003980800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-04-17 11:10 - 2020-04-17 11:10 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-04-17 11:10 - 2020-04-17 11:10 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2020-04-17 11:10 - 2020-04-17 11:10 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-04-17 11:10 - 2020-04-17 11:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-04-17 11:09 - 2020-04-17 11:09 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-04-17 11:09 - 2020-04-17 11:09 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-04-17 11:09 - 2020-04-17 11:09 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-04-17 11:09 - 2020-04-17 11:09 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-04-17 11:09 - 2020-04-17 11:09 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serscan.sys
2020-04-17 10:31 - 2019-03-18 19:20 - 000415232 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2020-04-17 10:31 - 2019-03-18 19:18 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2020-04-17 10:31 - 2019-03-18 18:12 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2020-04-17 10:31 - 2019-03-18 18:09 - 000390656 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
2020-04-17 10:31 - 2019-03-18 15:49 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll
2020-04-17 10:31 - 2019-03-18 15:29 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll
2020-04-17 10:31 - 2019-03-18 15:19 - 017826304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2020-04-17 10:31 - 2019-03-18 15:19 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2020-04-17 10:31 - 2019-03-18 15:18 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2020-04-17 10:31 - 2019-03-18 15:17 - 001165312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2020-04-17 10:31 - 2019-03-18 15:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll
2020-04-17 10:31 - 2019-03-18 15:14 - 001367040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll
2020-04-17 10:31 - 2019-03-18 15:14 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2020-04-17 10:31 - 2019-03-18 15:12 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2020-04-17 10:31 - 2019-03-18 15:12 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2020-04-17 10:31 - 2019-03-18 15:10 - 013938688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2020-04-17 10:31 - 2019-03-18 15:09 - 002007552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2020-04-17 10:31 - 2019-03-18 15:09 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2020-04-17 10:31 - 2019-03-18 15:09 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll
2020-04-17 10:31 - 2019-03-18 15:08 - 004849152 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2020-04-17 10:31 - 2019-03-18 15:08 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2020-04-17 10:31 - 2019-03-18 15:08 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll
2020-04-17 10:31 - 2019-03-18 15:07 - 005729280 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2020-04-17 10:31 - 2019-03-18 15:06 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2020-04-17 10:31 - 2019-03-18 15:06 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2020-04-17 10:31 - 2019-03-18 15:06 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2020-04-17 10:31 - 2019-03-18 15:05 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll
2020-04-17 10:31 - 2019-03-18 15:04 - 003587072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2020-04-17 10:31 - 2019-03-18 15:04 - 000434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll
2020-04-17 10:31 - 2019-03-18 15:03 - 004476928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2020-04-17 10:31 - 2019-03-18 15:03 - 001084416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll
2020-04-17 10:31 - 2019-03-18 15:02 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2020-04-17 10:31 - 2019-03-18 15:00 - 001412608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2020-04-17 10:31 - 2019-03-18 15:00 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2020-04-17 10:30 - 2020-04-17 10:30 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-04-17 10:30 - 2020-04-17 10:30 - 000000000 ____D C:\Program Files\MSBuild
2020-04-17 10:30 - 2020-04-17 10:30 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-04-17 10:28 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-04-17 10:28 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-04-17 10:28 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-04-17 10:28 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-04-17 10:28 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-04-17 10:28 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-04-17 10:22 - 2020-04-17 10:22 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-17 10:22 - 2020-04-17 10:22 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-17 10:11 - 2020-04-17 10:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-04-17 09:34 - 2020-04-17 13:27 - 000000000 ___DC C:\WINDOWS\Panther
2020-04-17 09:30 - 2020-04-17 09:34 - 000000036 _____ C:\WINDOWS\progress.ini
2020-04-17 08:28 - 2020-04-17 13:28 - 000000000 ____D C:\Windows10Upgrade
2020-04-17 08:28 - 2020-04-17 13:02 - 000000000 ___HD C:\$GetCurrent
2020-04-17 08:28 - 2020-04-17 08:28 - 000000781 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-04-17 07:44 - 2020-04-17 07:44 - 006261368 _____ (Microsoft Corporation) C:\Users\Anya\Downloads\Windows10Upgrade9252.exe
2020-04-17 01:29 - 2020-04-17 02:59 - 000237289 _____ C:\Users\Anya\Downloads\.e6dc104e6aeea724e5187fb82bcb2c8c332698e0.parts
2020-04-17 01:00 - 2020-04-17 06:54 - 002103296 _____ C:\Users\Anya\Downloads\.7c4e73c848f7374ab663e797acede1f235556b0e.parts
2020-04-16 10:43 - 2020-04-16 10:43 - 002012861 _____ C:\Users\Anya\Downloads\Forensic Science Test.pdf
2020-04-16 10:27 - 2020-04-16 10:27 - 000195645 _____ C:\Users\Anya\Downloads\Invoice.pdf
2020-04-16 09:52 - 2020-04-16 09:52 - 000978156 _____ C:\Users\Anya\Downloads\16_Apr_Thur2_Bulletin.pdf
2020-04-16 09:50 - 2020-04-16 09:50 - 000871408 _____ C:\Users\Anya\Downloads\20-045_Letter_to_parents.pdf
2020-04-16 09:50 - 2020-04-16 09:50 - 000871408 _____ C:\Users\Anya\Downloads\20-045_Letter_to_parents(1).pdf
2020-04-16 00:42 - 2020-04-17 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-04-16 00:42 - 2020-04-16 00:42 - 000000000 ____D C:\Program Files\Speccy
2020-04-16 00:40 - 2020-04-16 00:40 - 006889184 _____ (Piriform Ltd) C:\Users\Anya\Downloads\spsetup132.exe
2020-04-16 00:36 - 2020-04-16 00:37 - 113807566 _____ C:\Users\Anya\Downloads\ArtofWoodworking_40_Projects.pdf
2020-04-15 19:23 - 2020-04-17 13:41 - 000026479 _____ C:\Users\Anya\Documents\Mead recipes.odt
2020-04-14 22:38 - 2020-04-14 22:38 - 000003521 _____ C:\Users\Anya\Downloads\TransactionHistory(3).qif
2020-04-14 19:05 - 2020-04-14 19:05 - 000203626 _____ C:\Users\Anya\Downloads\STCform.pdf
2020-04-14 19:05 - 2020-04-14 19:05 - 000120507 _____ C:\Users\Anya\Downloads\Sunboost 23939 Tax Invoice.pdf
2020-04-14 19:02 - 2020-04-14 19:02 - 000074099 _____ C:\Users\Anya\Downloads\RegRenewalReceipt_X22105_20200414_0702.pdf
2020-04-14 18:41 - 2020-04-14 18:41 - 000207882 _____ C:\Users\Anya\Downloads\RACV_RENEWAL_MOT496784385_2020032117262173_2064.pdf
2020-04-14 18:41 - 2020-04-14 18:41 - 000207882 _____ C:\Users\Anya\Downloads\RACV_RENEWAL_MOT496784385_2020032117262173_2064(1).pdf
2020-04-12 12:55 - 2020-04-12 12:56 - 000061434 _____ C:\Users\Anya\Downloads\Top_Tips_for_Students-_Remote_Learning_at_Broadford_Secondary_College.pdf
2020-04-11 16:03 - 2020-04-11 16:04 - 000000000 ____D C:\Users\Anya\Documents\maps
2020-04-11 14:23 - 2020-04-11 14:23 - 000001459 _____ C:\Users\Anya\Downloads\trans110420.qif
2020-04-09 13:08 - 2020-04-09 13:08 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-04-09 09:22 - 2020-04-27 13:57 - 000000000 ____D C:\Users\Anya\Desktop\PC prework
2020-04-08 07:14 - 2020-04-08 07:14 - 000000790 _____ C:\Users\Anya\Downloads\TransactionHistory(2).qif
2020-04-07 20:06 - 2020-04-09 13:08 - 000028832 _____ C:\Users\Anya\Documents\LOW CARB RECIPES.odt
2020-04-07 17:57 - 2020-04-07 17:57 - 000125213 _____ C:\Users\Anya\Downloads\Lavender.23HazfordStreet.StatementofAccount.02.04.20.pdf
2020-04-07 12:45 - 2020-04-07 17:18 - 000003637 _____ C:\Users\Anya\Documents\Trans to 7-4-20.csv
2020-04-07 12:38 - 2020-04-07 12:38 - 000002413 _____ C:\Users\Anya\Downloads\TransactionHistory(1).qif
2020-04-07 12:37 - 2020-04-07 12:37 - 000000257 _____ C:\Users\Anya\Downloads\AccountBalance.csv
2020-04-06 21:06 - 2020-04-06 21:06 - 006409806 _____ C:\Users\Anya\Downloads\LEDV29G72HD_User_Manual.pdf
2020-04-05 19:00 - 2020-04-05 19:01 - 007200968 _____ C:\Users\Anya\Downloads\Coronavirus Rhapsody by Queen _ COVID-19 Karaoke.mp4
2020-04-05 13:38 - 2020-04-05 13:38 - 000036630 _____ C:\Users\Anya\Downloads\Loan_Statement(7).pdf
2020-04-05 13:14 - 2020-04-05 13:14 - 000015392 _____ C:\Users\Anya\Documents\Harissa Hot Sauce.odt
2020-04-05 12:31 - 2020-04-05 12:32 - 000000397 _____ C:\Users\Anya\Downloads\trans050420.qif
2020-04-04 13:02 - 2020-04-04 13:35 - 000020344 _____ C:\Users\Anya\Documents\coolstore.sh3d
2020-04-04 12:39 - 2020-04-04 12:39 - 000156988 _____ C:\Users\Anya\Downloads\607660280.3gp
2020-04-02 18:10 - 2020-04-04 12:55 - 000998215 _____ C:\Users\Anya\Documents\Shedhouse.sh3d
2020-04-02 17:34 - 2020-04-02 17:34 - 000000000 ____D C:\Users\Anya\AppData\Roaming\eTeks
2020-04-02 17:33 - 2020-04-02 17:33 - 000000000 ____D C:\ProgramData\Oracle
2020-04-02 17:32 - 2020-04-17 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2020-04-02 17:32 - 2020-04-02 17:32 - 000000000 ____D C:\Program Files (x86)\Sweet Home 3D
2020-04-02 17:30 - 2020-04-02 17:30 - 000054560 _____ C:\Users\Anya\Downloads\MyVirtualHomeSetup.exe
2020-04-02 12:45 - 2020-04-02 12:48 - 004777872 _____ C:\Users\Anya\Downloads\Facebook.mp4
2020-04-02 12:23 - 2020-04-02 12:23 - 000001679 _____ C:\Users\Anya\Downloads\TransactionHistory.qif
2020-04-01 19:14 - 2020-04-01 19:14 - 001671715 _____ C:\Users\Anya\Downloads\Downloads.7z
2020-04-01 18:54 - 2020-04-01 19:08 - 000000000 ____D C:\Users\Anya\AppData\Roaming\PeaZip
2020-04-01 18:53 - 2020-04-17 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2020-04-01 18:53 - 2020-04-01 18:53 - 000000000 ____D C:\Program Files (x86)\PeaZip
2020-04-01 18:43 - 2020-04-01 18:51 - 008330833 _____ (Giorgio Tani ) C:\Users\Anya\Downloads\peazip-7.1.1.WINDOWS.exe
2020-04-01 16:35 - 2020-04-01 16:35 - 001185968 _____ (Igor Pavlov) C:\Users\Anya\Downloads\7z1900.exe
2020-03-31 11:45 - 2020-03-31 11:46 - 000017317 _____ C:\Users\Anya\Documents\Quick & easy NO KNEAD BREAD.odt
2020-03-31 10:11 - 2020-03-31 10:11 - 000001799 _____ C:\Users\Anya\Downloads\anya letter.rtfd.zip
2020-03-30 18:26 - 2020-03-30 18:26 - 000366308 _____ C:\Users\Anya\Downloads\63056069885_20180329_20200329_20200330192632_AUSNETSERVICES_NEM12DETAILED.csv
2020-03-29 18:00 - 2020-03-29 18:00 - 001532990 _____ C:\Users\Anya\Downloads\10097497178_20190612(1).pdf
2020-03-28 07:49 - 2020-03-28 07:49 - 000012663 _____ C:\Users\Anya\Documents\flat bread gozleme roti etc.odt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-27 13:58 - 2019-09-02 09:46 - 000000000 ____D C:\FRST
2020-04-27 13:52 - 2019-03-19 14:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-27 08:13 - 2018-11-16 22:32 - 000000000 ____D C:\Users\Anya\AppData\LocalLow\Mozilla
2020-04-27 08:12 - 2019-10-25 17:08 - 000000000 ____D C:\Users\Anya\AppData\Local\homebank
2020-04-27 08:12 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\finance
2020-04-26 10:58 - 2018-11-10 13:13 - 000000000 ____D C:\Users\Anya\Documents\computer
2020-04-25 19:08 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-24 22:29 - 2019-10-22 17:07 - 000000000 ____D C:\Program Files\VideoLAN
2020-04-24 15:47 - 2019-03-19 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-23 23:36 - 2019-03-19 14:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-23 20:20 - 2019-03-19 14:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-23 20:16 - 2018-10-28 10:45 - 000892861 ____N C:\WINDOWS\Minidump\042320-49593-01.dmp
2020-04-23 20:05 - 2019-11-11 16:59 - 000000000 ____D C:\Users\Anya\AppData\Local\Free Download Manager
2020-04-19 21:24 - 2018-10-28 10:45 - 000790771 _____ C:\WINDOWS\Minidump\041920-35531-01.dmp
2020-04-19 09:59 - 2020-02-13 11:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-19 09:59 - 2019-10-22 16:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-18 15:21 - 2019-03-19 14:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-18 03:30 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\appcompat
2020-04-17 15:04 - 2019-03-19 14:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-04-17 13:44 - 2019-03-19 14:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-04-17 13:28 - 2018-11-16 21:53 - 000000000 ___RD C:\Users\Anya\3D Objects
2020-04-17 13:28 - 2018-10-28 10:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-17 13:02 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-04-17 13:01 - 2019-03-19 14:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-04-17 13:00 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-04-17 12:59 - 2019-10-16 15:37 - 000000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2020-04-17 12:59 - 2018-11-16 21:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2020-04-17 12:46 - 2020-02-18 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Power Data Recovery
2020-04-17 12:46 - 2019-12-18 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 to MP3 Converter
2020-04-17 12:46 - 2019-11-11 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2020-04-17 12:46 - 2019-11-11 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
2020-04-17 12:46 - 2019-10-24 17:04 - 000000000 ____D C:\Users\Anya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shrink Pic
2020-04-17 12:46 - 2019-10-23 09:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-04-17 12:46 - 2019-09-02 08:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Composite Editor
2020-04-17 12:46 - 2019-05-07 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeBank
2020-04-17 12:46 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-04-17 12:46 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-04-17 12:46 - 2019-02-01 12:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2020-04-17 12:46 - 2018-11-16 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SCX-4x21 Series
2020-04-17 12:46 - 2018-11-11 05:07 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4
2020-04-17 12:46 - 2018-11-11 05:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCast
2020-04-17 12:42 - 2019-10-23 09:21 - 000000000 ____D C:\Program Files\DellTPad
2020-04-17 12:36 - 2019-03-19 14:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-04-17 12:34 - 2019-11-11 10:40 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-04-17 12:34 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-04-17 12:34 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-04-17 12:34 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-17 12:34 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-17 12:16 - 2019-10-22 15:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-17 12:00 - 2019-03-19 14:56 - 000000000 ____D C:\WINDOWS\Setup
2020-04-17 11:51 - 2019-03-19 14:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-04-17 11:37 - 2019-12-29 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association
2020-04-17 11:37 - 2019-10-22 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft
2020-04-17 11:37 - 2019-10-08 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-04-17 11:37 - 2019-09-02 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2020-04-17 11:37 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-17 11:37 - 2018-11-11 05:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Abyssmedia
2020-04-17 11:36 - 2019-10-23 09:21 - 000000000 ____D C:\Program Files\STMicroelectronics
2020-04-17 11:36 - 2019-10-23 09:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-04-17 11:35 - 2019-10-22 16:16 - 000000000 ____D C:\Users\Anya\AppData\Local\Packages
2020-04-17 11:29 - 2019-03-19 16:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-04-17 11:29 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-17 11:29 - 2019-03-19 14:37 - 000000000 ____D C:\WINDOWS\servicing
2020-04-17 10:42 - 2019-03-19 16:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-04-17 10:42 - 2019-03-19 16:23 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-04-17 10:42 - 2019-03-19 16:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-04-17 10:42 - 2019-03-19 16:20 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-04-17 10:42 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-04-17 10:42 - 2019-03-19 14:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-04-17 10:42 - 2019-03-19 14:52 - 000000000 ____D C:\WINDOWS\IME
2020-04-17 10:42 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-04-17 10:42 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-04-17 10:27 - 2019-03-19 16:22 - 000000000 ____D C:\WINDOWS\OCR
2020-04-17 08:12 - 2018-11-14 21:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-04-17 08:05 - 2020-02-27 20:18 - 000744808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-17 08:03 - 2019-10-22 16:42 - 000000000 ____D C:\Users\Anya\AppData\Roaming\AVAST Software
2020-04-17 08:03 - 2019-10-22 16:35 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-13 12:35 - 2020-02-27 17:55 - 000000000 ____D C:\Users\Anya\Documents\tyaak
2020-04-09 13:16 - 2020-02-27 17:55 - 000000000 ____D C:\Users\Anya\Documents\houses
2020-04-09 13:08 - 2019-10-22 16:46 - 000000000 ____D C:\Users\Anya\AppData\Local\NordVPN
2020-04-09 09:36 - 2020-03-15 07:55 - 000000000 ____D C:\Users\Anya\AppData\Local\D3DSCache
2020-04-08 11:29 - 2019-10-22 16:57 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2020-04-08 11:29 - 2019-10-22 16:57 - 000000000 ____D C:\Program Files\paint.net
2020-04-07 17:02 - 2019-10-22 17:04 - 000000000 ____D C:\Users\Anya\AppData\Local\CrashDumps
2020-04-01 18:46 - 2019-11-15 09:49 - 000000000 ____D C:\ProgramData\WinZip
2020-03-31 09:22 - 2020-02-27 14:07 - 000000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2020-03-29 15:44 - 2020-02-14 11:07 - 000000000 ____D C:\Users\Anya\Documents\Anya

==================== Files in the root of some directories ========

2020-04-24 19:53 - 2020-04-24 19:53 - 000003584 _____ () C:\Users\Anya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-04-27 08:12 - 2020-04-27 08:12 - 000007951 _____ () C:\Users\Anya\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additions txt;

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2020
Ran by Anya (27-04-2020 14:00:58)
Running from C:\Users\Anya\Desktop\PC prework
Windows 10 Pro Version 1909 18363.778 (X64) (2020-04-17 03:03:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-440688634-2831198262-268214595-500 - Administrator - Enabled) => C:\Users\Administrator
Anya (S-1-5-21-440688634-2831198262-268214595-1002 - Administrator - Enabled) => C:\Users\Anya
DefaultAccount (S-1-5-21-440688634-2831198262-268214595-503 - Limited - Disabled)
Guest (S-1-5-21-440688634-2831198262-268214595-501 - Limited - Disabled)
USER (S-1-5-21-440688634-2831198262-268214595-1001 - Administrator - Enabled) => C:\Users\USER
WDAGUtilityAccount (S-1-5-21-440688634-2831198262-268214595-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
EZCast (HKLM-x32\...\{74CECDD9-4B8E-4AE3-9571-8070A17F3C34}) (Version: 2.8.0.145 - Actions-Micro)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.38.7312 - FreeDownloadManager.ORG)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HomeBank 5.2.8 (HKLM-x32\...\{770D94F9-211A-4BC7-9921-FC946ABD82C8}_is1) (Version: 5.2.8 - Maxime DOYEN)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
iSkysoft Video Converter Ultimate(Build 11.5.0.24) (HKLM-x32\...\iSkysoft Video Converter Ultimate_is1) (Version: 11.5.0.24 - iSkysoft Software)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.64 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.125.27 - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiniTool Power Data Recovery 8.7 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 8.7 - MiniTool Software Limited)
Mozilla Firefox 75.0 (x64 en-US) (HKLM\...\Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
MP4 to MP3 Converter 6.2.1 (HKLM-x32\...\D9B8B18C-60D0-4FA8-8596-C11AAD76CC02_is1) (Version: - Accmeware Corporation)
NordVPN (HKLM-x32\...\{61912B8D-78D2-4C3A-B566-F72B189F9E30}) (Version: 6.28.13 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.28.13) (Version: 6.28.13 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
OpenOffice 4.1.4 (HKLM-x32\...\{BDB210E1-06C5-451F-BDAC-C18DDC7C2F14}) (Version: 4.14.9788 - Apache Software Foundation)
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
PDFill FREE PDF Editor Basic (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 14.0 - PlotSoft LLC)
PeaZip 7.1.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 7.1.1 - Giorgio Tani)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.28 - HP Printing Korea Co., Ltd.)
Samsung SCX-4x21 Series (HKLM-x32\...\Samsung SCX-4x21 Series) (Version: - Samsung Electronics CO.,LTD)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 3.31.79:03 - Samsung Electronics Co., Ltd.)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Shrink Pic (remove) (HKLM-x32\...\Shrink Pic) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Sweet Home 3D version 6.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.2 - eTeks)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.8 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.9.2 - VideoLAN)
Wave Editor 3.7.0.0 (HKLM-x32\...\Wave Editor_is1) (Version: 3.7.0.0 - AbyssMedia.com)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios) [MS Ad]
PDF Reader - View, Edit, Share -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.9.4090.0_x64__jhretta7p24aw [2020-04-11] (Kdan Mobile Software Ltd.) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-03-01] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Anya\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-10-12 04:23 - 2017-10-12 04:23 - 000988160 _____ () [File not signed] C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2019-11-11 16:59 - 2019-01-30 20:58 - 000037376 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2019-10-24 11:31 - 2016-08-10 21:07 - 002847744 _____ () [File not signed] C:\WINDOWS\system32\DlgSearchEngine.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000297472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\avmedia.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001143808 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\basegfx.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000596992 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\bootstrap.uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001175552 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\comphelpMSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000487936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\configmgr.uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000238080 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppu3.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000587776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\cppuhelper3MSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000353792 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentgui.uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000151040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\deploymentmisc.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000126464 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\dnd.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000887296 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\drawinglayer.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001580544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\editeng.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000226304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\filterconfig1.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000485888 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwe.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000210432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwi.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 002193920 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\fwk.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nisolang1MSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000029696 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npaper.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001333248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18npool.uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000067072 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\i18nutilMSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\jvmfwk3.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001257472 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\lng.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\localebe1.uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000083456 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\msci_uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 002456064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ootk.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000368640 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\package2.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000107008 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\reg3.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001792512 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sal3.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\salhelper3MSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000093184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sax.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 002291200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sb.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 003658240 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sfx.dll
2017-10-12 05:28 - 2017-10-12 05:28 - 009828864 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
2017-10-12 04:23 - 2017-10-12 04:23 - 000290304 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sofficeapp.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000279040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\sot.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000205824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\spl.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000096768 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\stocservices.uno.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000053760 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\store3.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000901120 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svl.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 003373056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svt.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 003235328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svx.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 006034432 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\svxcore.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000620544 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\tl.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000231936 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucb1.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000388608 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucbhelper4MSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000309248 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\ucpfile1.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001104384 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\utl.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000085504 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\uwinapi.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 004172800 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vcl.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000099328 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\vos3MSC.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000791040 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xcr.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000045056 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xmlreader.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 003469312 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\xo.dll
2019-11-11 16:59 - 2019-01-30 20:59 - 000436224 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icudt40.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 001072128 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuin40.dll
2017-10-12 04:23 - 2017-10-12 04:23 - 000951808 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\icuuc40.dll
2015-02-24 13:49 - 2015-02-24 13:49 - 000236544 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll
2019-11-11 16:59 - 2019-01-30 21:01 - 005938176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2019-11-11 16:59 - 2018-05-15 05:35 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2019-11-11 16:59 - 2018-05-15 05:35 - 001256960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2019-11-11 16:59 - 2018-05-15 05:33 - 000207360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2019-11-11 16:59 - 2018-05-15 05:38 - 005515264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-10-23 09:10 - 2019-10-22 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-02-27 14:07 - 2020-03-31 09:22 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-440688634-2831198262-268214595-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Anya\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop background.bmp
DNS Servers: 103.86.99.99 - 103.86.96.96
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "WinZip UN"
HKU\S-1-5-21-440688634-2831198262-268214595-1002\...\StartupApproved\StartupFolder: => "Shrink Pic.lnk"
HKU\S-1-5-21-440688634-2831198262-268214595-1002\...\StartupApproved\Run: => "Free Download Manager"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2B96CE60-1BDE-479F-9214-16265E3B1734}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{9C4B6BD7-BDA7-4632-AB00-AB9B75D4E4A5}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{445EBA15-D662-4B77-BCF1-FA6EFB631944}] => (Allow) C:\Program Files (x86)\EZCast\EZCast.exe (Actions Microelectronics Co.,Ltd. -> )
FirewallRules: [{38D0BE31-7B50-461F-A887-3379E2320950}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{219CCC77-5261-482F-A8D9-700B2B202A0C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A8B5A513-C7E7-4CB1-98A5-4FE9CA0979C0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9ED91FA9-0F9E-407C-91D5-7FD03A46704B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{85FFCA70-A351-41AA-A4FD-796A12CC213A}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{BEBBAB4D-37A3-4AE6-B31E-3BA9FFCC76B5}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{6155FB03-0B0B-46D3-8AAB-39FD74F5C93B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3278C4FF-4C26-457C-9183-F4EDED150B38}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1B85583B-CE4B-4934-8ED7-E4144EBD4DDE}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3A9E91A3-BAA3-41E9-8FF3-56EF2A288818}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4C3A81C1-C120-4618-83A3-1CE98427DBE7}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-04-2020 13:38:38 Windows Update
27-04-2020 13:40:21 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/27/2020 12:51:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1750

Error: (04/27/2020 12:51:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1750

Error: (04/27/2020 12:51:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/27/2020 11:50:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5796

Error: (04/27/2020 11:50:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5796

Error: (04/27/2020 11:50:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/27/2020 11:50:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3875

Error: (04/27/2020 11:50:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3875


System errors:
=============
Error: (04/27/2020 08:28:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Unable to access a key.

Error: (04/27/2020 08:28:18 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.

Error: (04/23/2020 11:36:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (04/23/2020 08:15:43 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: V:\Device\HarddiskVolume73

Error: (04/23/2020 08:16:05 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000012b (0xffffffffc00002c4, 0x0000000000000975, 0x00000197cbb88560, 0xffff81815fa64000). A dump was saved in: C:\WINDOWS\Minidump\042320-49593-01.dmp. Report Id: d7ceac61-13f4-496b-a28a-dfb627bdd6b6.

Error: (04/23/2020 08:16:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:10:23 PM on ‎4/‎23/‎2020 was unexpected.

Error: (04/23/2020 08:06:20 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: V:\Device\HarddiskVolume113

Error: (04/22/2020 11:16:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.


Windows Defender:
===================================
Date: 2020-04-23 22:38:37.106
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6C7E722E-8E6A-4A8B-A336-10DB024A0425}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-19 10:36:15.601
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D15BEAA7-4604-4766-976D-9ADAE1CB7DB1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-19 10:19:31.878
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E7B28714-A81A-47F2-8448-F464F114E828}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-19 09:34:10.267
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Conteban.A!rfn
ID: 2147747119
Severity: Severe
Category: Trojan
Path: file:_D:\computer & other devices\programs\utilities malware & tuneup\zoek(1).exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.313.1785.0, AS: 1.313.1785.0, NIS: 1.313.1785.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-19 09:34:05.031
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Conteban.A!rfn
ID: 2147747119
Severity: Severe
Category: Trojan
Path: file:_D:\computer & other devices\programs\utilities malware & tuneup\zoek(1).exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.313.1785.0, AS: 1.313.1785.0, NIS: 1.313.1785.0
Engine Version: AM: 1.1.16900.4, NIS: 1.1.16900.4

==================== Memory info ===========================

BIOS: Dell Inc. A20 02/21/2018
Motherboard: Dell Inc. 0HDT4R
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 49%
Total physical RAM: 8095.64 MB
Available physical RAM: 4126.38 MB
Total Virtual: 8607.64 MB
Available Virtual: 4007.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:296.93 GB) (Free:160.56 GB) NTFS
Drive e: (ROBBERY_UNDER_ARMS_DISC_1) (CDROM) (Total:4.2 GB) (Free:0 GB) UDF

\\?\Volume{56919b75-0b11-4b34-9c96-1b5cfd738cd2}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{002c450a-8f5b-448f-b7c5-c170f052cc03}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{57236301-2ead-435d-ade8-cb8ec331b1bf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: C95369C7)

Partition: GPT.

==================== End of Addition.txt =======================
 
Whilst I look over your logs will you please move FRST program, and the Frst.txt and Additions.txt files to your desktop as per my instructions.
Please also remove any external drives and cd's etc whilst we proceed with this.

Also please open Chrome
Click the three dots to the right of the URL bar
Click on Settings in the dropdown list
Click Extensions on the left hand list
Remove any extensions relating to Avast, plus any others you dont use.
 
Last edited:
OK, I put all the 'prework' in a folder on my desktop & thought that was OK, sorry - has been what I've always done in the past. It's now out of the folder for you. I didn't realise there was a DVD in the drive - now removed.

I do not have Google Chrome on my machine(to my knowledge - doesn't come up in search so don't think it's hiding somewhere). I use Firefox & also have Microsoft Edge installed by default, but don't use that one. I presume I don't need to install Chrome?? I cannot find any extensions relating to Avast in Firefox, and cannot find an extensions tab in Edge at all!
 
Please left click on the attached Fixlist.txt file at the bottom of this post. On the dialogue box that opens click "Save File" and then "OK"


vzol8OV.jpg



Save the file to the desktop. IMPORTANT the fixlist.txt file must be in the same location as the FRST program otherwise the fix will not work.


pjsQ8XB.jpg



To run the fix right click the FRST icon and choose "Run as Administrator" then click on "Fix"


cp0349X.jpg



Depending on the amount of data to be moved it may take a few minutes to complete, and the computer may reboot. When the fix is complete and/or the computer has rebooted the "Fixlist.txt" file you created will be renamed "Fixlog.txt"

Please COPY and PASTE the contents of this new file in your next post:)
 

Attachments

  • fixlist.txt
    3.2 KB · Views: 6
Fix Log;

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2020
Ran by Anya (29-04-2020 17:45:42) Run:1
Running from C:\Users\Anya\Desktop
Loaded Profiles: Anya (Available Profiles: USER & Anya & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start:
CreateRestorepoint:
CloseProcesses:
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
Toolbar: HKLM-x32 - FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~2\FRESHD~1\FRESHD~1\fdiebar.dll No File
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default\Extensions\sp@avast.com.xpi [2019-10-22]
FF Extension: (Avast Online Security) - C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default\Extensions\wrc@avast.com.xpi [2019-10-22]
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
CustomCLSID: HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Anya\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
FirewallRules: [{2B96CE60-1BDE-479F-9214-16265E3B1734}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{9C4B6BD7-BDA7-4632-AB00-AB9B75D4E4A5}] => (Allow) %systemroot%\system32\alg.exe No File
C:\Users\Anya\AppData\Roaming\AVAST Software
C:\ProgramData\AVAST Software
Hosts:
EmptyTemp:
Reboot:
End:
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ED0E8CA5-42FB-4B18-997B-769E0408E79D}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{ED0E8CA5-42FB-4B18-997B-769E0408E79D} => removed successfully
C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default\Extensions\sp@avast.com.xpi => moved successfully
C:\Users\Anya\AppData\Roaming\Mozilla\Firefox\Profiles\ji7iaqgm.default\Extensions\wrc@avast.com.xpi => moved successfully
"AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}" => removed successfully
HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-440688634-2831198262-268214595-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B96CE60-1BDE-479F-9214-16265E3B1734}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C4B6BD7-BDA7-4632-AB00-AB9B75D4E4A5}" => removed successfully
C:\Users\Anya\AppData\Roaming\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 185689996 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3714876 B
Edge => 2570181 B
Chrome => 15012691 B
Firefox => 157167821 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 34126 B
USER => 561579 B
Anya => 21852734 B
Administrator => 21883359 B

RecycleBin => 0 B
EmptyTemp: => 399.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:48:58 ====
 
Please go HERE and download AdwCleaner to your Desktop. Once downloaded right click the new icon and select Run as Administrator from the context menu to open the program. It will open at the Dashboard tab and no further changes to the program are necessary at this stage.

Click the Scan Now button.


ILRtByH.jpg



Allow AdwCleaner to start scanning and depending on the amount of data on your PC it may take some time. At the conclusion of the scan any content considered unnecessary will be displayed in the Scan Results box. Ensure all items are selected for removal and click "Clean & Repair"


rodxNou.jpg



After selecting "Clean & Repair" another dialogue box may appear asking to restart now or later. If so choose "Clean & Restart Now"


sAbeW6Z.jpg



Once the PC has restarted if AdwCleaner does not restart then open it again and click "Log Files" tab on the left. All log files will be listed. If you have used the program previously you may have several logs to select from so double click the most recent "Clean" log and it will open a notepad file on your Desktop.

Please COPY and PASTE the contents of that file in your next post:)
 
OK, AdwCleaner didn't give me a 'clean & repair' option after scanning, but it offered to 'quarrantine'(as if I haven't had enough of that!) and that seemed to do the job. Below are both the Scan log & the clean log

Scan;
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-30-2020
# Duration: 00:00:44
# OS: Windows 10 Pro
# Scanned: 31802
# Detected: 16


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.Restoro C:\Windows\restoro.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor

***** [ Registry ] *****

PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{51C7FEED-5391-4B44-AAD1-98D2227E41C0}#
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51C7FEED-5391-4B44-AAD1-98D2227E41C0}#
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Restoro HKCU\Software\Local AppWizard-Generated Applications\Restoro
PUP.Optional.Restoro HKCU\Software\Restoro
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
PUP.Optional.Restoro HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
PUP.Optional.Restoro HKLM\Software\Classes\Restoro.Engine
PUP.Optional.Restoro HKLM\Software\Restoro

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.BrowseToSave SaveFrom.net helper - helper-sig@savefrom.net

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [10467 octets] - [09/09/2019 19:33:30]
AdwCleaner[S00].txt - [1591 octets] - [09/09/2019 19:34:28]
AdwCleaner[C00].txt - [1732 octets] - [09/09/2019 19:58:41]
AdwCleaner[S01].txt - [1509 octets] - [18/09/2019 08:44:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########


Clean;
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-30-2020
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 16
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\restoro.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor

***** [ Registry ] *****

Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted HKCU\Software\Restoro
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{51C7FEED-5391-4B44-AAD1-98D2227E41C0}#
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51C7FEED-5391-4B44-AAD1-98D2227E41C0}#
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor
Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}
Deleted HKLM\Software\Classes\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Restoro.Engine
Deleted HKLM\Software\Restoro
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted SaveFrom.net helper - helper-sig@savefrom.net

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [10467 octets] - [09/09/2019 19:33:30]
AdwCleaner[S00].txt - [1591 octets] - [09/09/2019 19:34:28]
AdwCleaner[C00].txt - [1732 octets] - [09/09/2019 19:58:41]
AdwCleaner[S01].txt - [1509 octets] - [18/09/2019 08:44:39]
AdwCleaner[S02].txt - [3103 octets] - [30/04/2020 13:06:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
 
Status
Not open for further replies.