Solved Random exe files in task manger
- Thread starter Frosted5
- Start date
Broni
Posts: 56,041 +516
Welcome aboard
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
Broni
Posts: 56,041 +516
Link 1
Link 2
- Close all the running programs
- Double click on downloaded setup.exe file to install the program.
- Click on Start Scan button.
- Click on another Start Scan button.
- Wait until the Status box shows Scan Finished
- Click on Remove Selected.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
- Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
- Then click Finish.
- Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
- If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
- When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
- Restart your computer when prompted to do so.
- The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
- Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8/10 users right-click and select Run As Administrator - The tool will start to update the database if one is required.
- Click on the Scan button.
- AdwCleaner will begin...be patient as the scan may take some time to complete.
- After the scan has finished, click on the Logfile button.
- A window will open which lists the logs of your scans.
- Click on the Scan tab.
- Double-click the most recent scan which will be at the top of the list....the log will appear.
- Review the results...see note below
- After reviewing the log, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
- After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
- To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
- Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
- A copy of all logfiles are saved to C:\AdwCleaner.
Frosted5
Posts: 34 +0
ogueKiller V12.13.0.0 (x64) [Sep 10 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 10 (10.0.17134) 64 bits version
Started in : Normal mode
User : Frost [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 09/12/2018 03:19:59 (Duration : 00:33:19)
Switches : -refid
¤¤¤ Processes : 2 ¤¤¤
[Proc.Injected] acxnn.exe(4416) -- C:\Users\Frost\AppData\Local\Temp\acxnn.exe[-] -> Killed [TermProc]
[VT.Detected] FRST64.exe(11148) -- C:\Users\Frost\Downloads\Programs\FRST64.exe[-] -> Killed [TermProc]
¤¤¤ Registry : 8 ¤¤¤
[PUP.Restoro] (X64) HKEY_CLASSES_ROOT\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1} (C:\Program Files\Restoro\ax.dll) -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{8C8768B7-FE52-45F9-BCD3-5874FF4831D5}C:\users\frost\appdata\local\temp\winbwtv.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\frost\appdata\local\temp\winbwtv.exe|Name=winbwtv|Desc=winbwtv|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{8DD8A337-C160-41D6-84F1-E99C2589A024}C:\users\frost\appdata\local\temp\winbwtv.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\frost\appdata\local\temp\winbwtv.exe|Name=winbwtv|Desc=winbwtv|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{285CEC2D-615F-4CAE-9864-6D7F36E5E057}C:\users\frost\appdata\local\temp\winrbcje.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\frost\appdata\local\temp\winrbcje.exe|Name=winrbcje.exe|Desc=winrbcje.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{FD6A7111-A8AD-4C7C-9BCB-DFC81C294B3D}C:\users\frost\appdata\local\temp\winrbcje.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\frost\appdata\local\temp\winrbcje.exe|Name=winrbcje.exe|Desc=winrbcje.exe|Defer=User| [x] -> Deleted
[PUM.SecurityCenter] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | AntiVirusDisableNotify : 1 -> Deleted
[PUM.SecurityCenter] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | FirewallDisableNotify : 1 -> Deleted
[PUM.SecurityCenter] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | UpdatesDisableNotify : 1 -> Deleted
¤¤¤ Tasks : 1 ¤¤¤
[PUP.HackTool|VT.Detected] \AutoKMS -- C:\Windows\AutoKMS\AutoKMS.exe -> Not selected
¤¤¤ Files : 3 ¤¤¤
[PUP.HackTool][Folder] C:\Windows\AutoKMS -> Not selected
[PUP.uTorrentAds][File] C:\Users\Frost\AppData\Roaming\uTorrent\updates\3.5.4_44498\utorrentie.exe -> Deleted
[PUP.uTorrentAds][File] C:\Users\Frost\AppData\Roaming\uTorrent\updates\3.5.4_44520\utorrentie.exe -> Deleted
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EARS-00MVWB0 +++++
--- User ---
[MBR] ca8327e9a577a83c17d1c66f030c512f
[BSP] 0f318f2a1a4f4a9660ae0124ee1a1400 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 47334 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 97658880 | Size: 906181 MB
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 10 (10.0.17134) 64 bits version
Started in : Normal mode
User : Frost [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 09/12/2018 03:19:59 (Duration : 00:33:19)
Switches : -refid
¤¤¤ Processes : 2 ¤¤¤
[Proc.Injected] acxnn.exe(4416) -- C:\Users\Frost\AppData\Local\Temp\acxnn.exe[-] -> Killed [TermProc]
[VT.Detected] FRST64.exe(11148) -- C:\Users\Frost\Downloads\Programs\FRST64.exe[-] -> Killed [TermProc]
¤¤¤ Registry : 8 ¤¤¤
[PUP.Restoro] (X64) HKEY_CLASSES_ROOT\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1} (C:\Program Files\Restoro\ax.dll) -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{8C8768B7-FE52-45F9-BCD3-5874FF4831D5}C:\users\frost\appdata\local\temp\winbwtv.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\frost\appdata\local\temp\winbwtv.exe|Name=winbwtv|Desc=winbwtv|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{8DD8A337-C160-41D6-84F1-E99C2589A024}C:\users\frost\appdata\local\temp\winbwtv.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\frost\appdata\local\temp\winbwtv.exe|Name=winbwtv|Desc=winbwtv|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{285CEC2D-615F-4CAE-9864-6D7F36E5E057}C:\users\frost\appdata\local\temp\winrbcje.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\frost\appdata\local\temp\winrbcje.exe|Name=winrbcje.exe|Desc=winrbcje.exe|Defer=User| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{FD6A7111-A8AD-4C7C-9BCB-DFC81C294B3D}C:\users\frost\appdata\local\temp\winrbcje.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\frost\appdata\local\temp\winrbcje.exe|Name=winrbcje.exe|Desc=winrbcje.exe|Defer=User| [x] -> Deleted
[PUM.SecurityCenter] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | AntiVirusDisableNotify : 1 -> Deleted
[PUM.SecurityCenter] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | FirewallDisableNotify : 1 -> Deleted
[PUM.SecurityCenter] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | UpdatesDisableNotify : 1 -> Deleted
¤¤¤ Tasks : 1 ¤¤¤
[PUP.HackTool|VT.Detected] \AutoKMS -- C:\Windows\AutoKMS\AutoKMS.exe -> Not selected
¤¤¤ Files : 3 ¤¤¤
[PUP.HackTool][Folder] C:\Windows\AutoKMS -> Not selected
[PUP.uTorrentAds][File] C:\Users\Frost\AppData\Roaming\uTorrent\updates\3.5.4_44498\utorrentie.exe -> Deleted
[PUP.uTorrentAds][File] C:\Users\Frost\AppData\Roaming\uTorrent\updates\3.5.4_44520\utorrentie.exe -> Deleted
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EARS-00MVWB0 +++++
--- User ---
[MBR] ca8327e9a577a83c17d1c66f030c512f
[BSP] 0f318f2a1a4f4a9660ae0124ee1a1400 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 47334 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 97658880 | Size: 906181 MB
User = LL1 ... OK
User = LL2 ... OK
Frosted5
Posts: 34 +0
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 9/12/18
Scan Time: 4:00 AM
Log File: 976cfb3b-b62f-11e8-a303-408d5c96b23f.json
Administrator: Yes
-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.374
Update Package Version: 1.0.6779
License: Premium
-System Information-
OS: Windows 10 (Build 17134.228)
CPU: x64
File System: NTFS
User: FROST\Frost
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301662
Threats Detected: 9
Threats Quarantined: 9
Time Elapsed: 17 min, 17 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 3
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Replace-on-Reboot, [12954], [293294],1.0.6779
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Replace-on-Reboot, [12954], [293295],1.0.6779
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Replace-on-Reboot, [12954], [293296],1.0.6779
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 6
Trojan.MalPack.Gen, C:\DTGTG.PIF, Delete-on-Reboot, [9543], [78353],1.0.6779
MachineLearning/Anomalous.100%, C:\$RECYCLE.BIN\S-1-5-21-160697542-1886492661-2065992700-1001\$R0VXHIT.40007\HARDDISKSENTINELUPDATE.EXE, Delete-on-Reboot, [0], [392687],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\WINSJGV.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\WINIEBK.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\RJKQR.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\WINLLJJ.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
www.malwarebytes.com
-Log Details-
Scan Date: 9/12/18
Scan Time: 4:00 AM
Log File: 976cfb3b-b62f-11e8-a303-408d5c96b23f.json
Administrator: Yes
-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.374
Update Package Version: 1.0.6779
License: Premium
-System Information-
OS: Windows 10 (Build 17134.228)
CPU: x64
File System: NTFS
User: FROST\Frost
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301662
Threats Detected: 9
Threats Quarantined: 9
Time Elapsed: 17 min, 17 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 3
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Replace-on-Reboot, [12954], [293294],1.0.6779
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Replace-on-Reboot, [12954], [293295],1.0.6779
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Replace-on-Reboot, [12954], [293296],1.0.6779
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 6
Trojan.MalPack.Gen, C:\DTGTG.PIF, Delete-on-Reboot, [9543], [78353],1.0.6779
MachineLearning/Anomalous.100%, C:\$RECYCLE.BIN\S-1-5-21-160697542-1886492661-2065992700-1001\$R0VXHIT.40007\HARDDISKSENTINELUPDATE.EXE, Delete-on-Reboot, [0], [392687],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\WINSJGV.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\WINIEBK.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\RJKQR.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Generic.Malware/Suspicious, C:\USERS\FROST\APPDATA\LOCAL\TEMP\WINLLJJ.EXE, Delete-on-Reboot, [0], [392686],1.0.6779
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Frosted5
Posts: 34 +0
-------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: 2018-09-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-12-2018
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Frost\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{62C95CAC-3F9E-443C-B665-9700B7ED5AF1}|DhcpNameServer - "95.211.171.161"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{62C95CAC-3F9E-443C-B665-9700B7ED5AF1}|DhcpNameServer - "95.211.171.160"
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D42DB14-79AB-4A48-B8FD-E9C3F2FF02CF}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Ask
Deleted AOL
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3238 octets] - [12/09/2018 04:30:50]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: 2018-09-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-12-2018
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 23
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Frost\AppData\Roaming\IObit\Advanced SystemCare
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{62C95CAC-3F9E-443C-B665-9700B7ED5AF1}|DhcpNameServer - "95.211.171.161"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{62C95CAC-3F9E-443C-B665-9700B7ED5AF1}|DhcpNameServer - "95.211.171.160"
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D42DB14-79AB-4A48-B8FD-E9C3F2FF02CF}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Ask
Deleted AOL
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3238 octets] - [12/09/2018 04:30:50]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Broni
Posts: 56,041 +516
Please do not make any steps I'm not asking for.
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
As an exception attach both files.
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
- Double click to run it.
- Make sure you checkmark Addition.txt box.
- Press Scan button.
- Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
As an exception attach both files.
Broni
Posts: 56,041 +516
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.04.2018 01
Ran by Frost (administrator) on FROST (12-09-2018 06:26:07)
Running from C:\Users\Frost\Downloads\Programs
Loaded Profiles: Frost (Available Profiles: Frost)
Platform: Windows 10 Pro Version 1803 17134.228 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Discord Inc.) C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Discord Inc.) C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClient.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUx.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUxRender.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUxRender.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [137343192 2018-08-14] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389440 2018-07-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Discord] => C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-05-01] (Discord Inc.)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4031600 2018-07-09] (Tonec Inc.)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Spotify Web Helper] => C:\Users\Frost\AppData\Roaming\Spotify\SpotifyWebHelper.exe [855440 2018-07-12] (Spotify Ltd)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Spotify] => C:\Users\Frost\AppData\Roaming\Spotify\Spotify.exe [24398736 2018-07-12] (Spotify Ltd)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\MountPoints2: D - "D:\Autorun.exe"
IFEO\CNC3.exe: [Debugger]
IFEO\CNC3EP1.exe: [Debugger]
IFEO\generals.exe: [Debugger]
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DK.bat [2018-08-14] ()
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2018-09-08]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited)
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-03]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Frost\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2018-09-08] ()
AlternateShell:
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{468cbd28-47dc-46bc-b88f-29d80e019b7b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{468cbd28-47dc-46bc-b88f-29d80e019b7b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
FireFox:
========
FF HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Frost\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Frost\AppData\Roaming\IDM\idmmzcc5 [2018-07-10] [Legacy] [not signed]
FF HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-10] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR NewTab: Default -> Active:"chrome-extension://eamgcmbligmdanhboepgecjolijbeamg/start/index.html"
CHR Profile: C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default [2018-09-12]
CHR Extension: (Google Drive) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-10]
CHR Extension: (Razer) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbcjclholhnenkngiajifpenjnklokk [2018-07-10]
CHR Extension: (Youtube) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-10]
CHR Extension: (Overwatch Wallpapers HD New Tab Themes) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\eamgcmbligmdanhboepgecjolijbeamg [2018-07-10]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2018-07-10]
CHR Extension: (آدبلوك بلس) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-08-24]
CHR Extension: (IDM Integration Module) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-10]
CHR Extension: (Gmail) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2018-08-03] (Microsoft Corporation)
R3 BcastDVRUserService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
R3 BcastDVRUserService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-07-30] ()
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation)
S3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [125952 2018-04-12] (Microsoft Corporation)
S3 CaptureService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-12] (EasyAntiCheat Ltd)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [139424 2018-07-17] (eVenture Limited)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353768 2018-07-10] (Intel Corporation)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 sedsvc; C:\Program Files\rempl\sedsvc.exe [296336 2018-08-10] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-08-22] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-08-22] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-10] (ELAN Microelectronic Corp.)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-10] (REALiX(tm))
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-08-03] (Realtek )
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [55704 2018-09-11] (Wellbia.com Co., Ltd.)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [62856 2018-08-22] (Intel Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2018-07-10] (BigNox Corporation)
S3 X6va066; \??\C:\Windows\SysWOW64\Drivers\X6va066 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-12 04:30 - 2018-09-12 04:31 - 000000000 ____D C:\AdwCleaner
2018-09-12 04:29 - 2018-09-12 04:30 - 007567568 _____ (Malwarebytes) C:\Users\Frost\Downloads\AdwCleaner.exe
2018-09-12 04:29 - 2018-09-12 04:29 - 000103140 _____ C:\dtgtg.pif
2018-09-12 03:20 - 2018-09-12 03:20 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-09-12 03:18 - 2018-09-12 03:59 - 000000000 ____D C:\ProgramData\RogueKiller
2018-09-12 03:18 - 2018-09-12 03:18 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-09-12 03:18 - 2018-09-12 03:18 - 000000899 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2018-09-12 03:18 - 2018-09-12 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-09-12 03:18 - 2018-09-12 03:18 - 000000000 ____D C:\Program Files\RogueKiller
2018-09-12 02:39 - 2018-09-12 02:40 - 000057197 _____ C:\Users\Frost\Downloads\Addition.txt
2018-09-12 02:37 - 2018-09-12 02:40 - 000152472 _____ C:\Users\Frost\Downloads\FRST.txt
2018-09-12 02:36 - 2018-09-12 06:26 - 000000000 ____D C:\FRST
2018-09-11 04:24 - 2018-09-11 04:24 - 000000222 _____ C:\Users\Frost\Desktop\Rust.url
2018-09-10 19:23 - 2018-09-10 19:23 - 000000000 ____D C:\Users\Frost\AppData\Roaming\CrystalIdea Software
2018-09-10 19:23 - 2018-08-31 22:28 - 001509936 _____ (SpeedyFox) C:\Users\Frost\Desktop\speedyfox.exe
2018-09-09 22:32 - 2018-09-09 22:45 - 000000000 ____D C:\Users\Frost\Documents\Cross Fire
2018-09-09 22:32 - 2018-09-09 22:45 - 000000000 ____D C:\CFLog
2018-09-09 22:31 - 2018-09-11 21:37 - 000055704 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2018-09-09 22:30 - 2018-09-09 22:30 - 000001025 _____ C:\Users\Frost\Desktop\CrossFire.lnk
2018-09-09 22:30 - 2018-09-09 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2018-09-09 19:20 - 2018-09-09 22:18 - 000000000 ____D C:\ProgramData\Solid State Networks
2018-09-09 18:30 - 2018-09-09 18:30 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066
2018-09-08 21:30 - 2018-09-08 21:30 - 000003074 _____ C:\WINDOWS\System32\Tasks\UAC_X-VPN
2018-09-08 21:30 - 2018-09-08 21:30 - 000001910 _____ C:\Users\Public\Desktop\X-VPN.lnk
2018-09-08 21:30 - 2018-09-08 21:30 - 000001910 _____ C:\ProgramData\Desktop\X-VPN.lnk
2018-09-08 21:30 - 2018-09-08 21:30 - 000000000 ____D C:\Users\Frost\AppData\Roaming\kmg
2018-09-08 21:30 - 2018-09-08 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-VPN
2018-09-08 21:30 - 2018-09-08 21:30 - 000000000 ____D C:\Program Files (x86)\X-VPN
2018-09-08 21:18 - 2018-09-08 21:19 - 000000000 ____D C:\Program Files (x86)\hide.me VPN
2018-09-08 21:18 - 2018-09-08 21:18 - 000001094 _____ C:\Users\Public\Desktop\hide.me VPN.lnk
2018-09-08 21:18 - 2018-09-08 21:18 - 000001094 _____ C:\ProgramData\Desktop\hide.me VPN.lnk
2018-09-08 21:18 - 2018-09-08 21:18 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Hide.me
2018-09-08 21:18 - 2018-09-08 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2018-09-08 21:08 - 2018-09-08 21:20 - 000000000 ____D C:\Users\Frost\AppData\Local\ZenMate
2018-09-08 20:35 - 2018-09-08 20:35 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Hard Disk Sentinel
2018-09-03 07:21 - 2018-09-03 07:21 - 000000000 ____D C:\Users\Frost\Documents\Red Alert 3
2018-09-03 06:55 - 2018-09-03 06:55 - 000001701 _____ C:\Users\Public\Desktop\Command & Conquer™ Red Alert™ 3.lnk
2018-09-03 06:55 - 2018-09-03 06:55 - 000001701 _____ C:\ProgramData\Desktop\Command & Conquer™ Red Alert™ 3.lnk
2018-09-03 06:47 - 2018-09-03 06:47 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-09-03 06:35 - 2018-09-03 06:35 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2018-09-03 06:04 - 2018-09-03 06:04 - 000000853 _____ C:\Users\Public\Desktop\PowerISO.lnk
2018-09-03 06:04 - 2018-09-03 06:04 - 000000853 _____ C:\ProgramData\Desktop\PowerISO.lnk
2018-09-03 06:04 - 2018-09-03 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2018-09-03 06:04 - 2018-09-03 06:04 - 000000000 ____D C:\Program Files\PowerISO
2018-09-03 06:04 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2018-09-03 05:34 - 2018-09-08 21:20 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2018-09-03 05:34 - 2018-09-03 05:34 - 000000000 ____D C:\Users\Frost\AppData\Roaming\ZenMate
2018-09-03 05:34 - 2018-09-03 05:34 - 000000000 ____D C:\Users\Frost\AppData\Local\IsolatedStorage
2018-09-03 04:34 - 2018-05-13 12:33 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2018-09-03 03:47 - 2018-09-03 03:47 - 000001125 _____ C:\Users\Frost\Desktop\MEGAsync.lnk
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\Users\Frost\AppData\Local\MEGAsync
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\Users\Frost\AppData\Local\Mega Limited
2018-09-01 20:29 - 2018-09-11 03:39 - 000000000 ____D C:\Users\Frost\AppData\Local\Razer
2018-09-01 20:27 - 2018-09-11 03:40 - 000000000 ____D C:\ProgramData\Razer
2018-08-31 03:15 - 2011-05-03 13:40 - 000000000 ____D C:\Users\Frost\Desktop\Unpark-CPU-App
2018-08-30 20:56 - 2018-08-30 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2018-08-30 20:56 - 2018-08-30 20:56 - 000000000 ____D C:\Program Files (x86)\WinPcap
2018-08-30 06:49 - 2018-08-30 06:49 - 000000000 ____D C:\Users\Frost\AppData\LocalLow\Facepunch Studios LTD
2018-08-29 08:17 - 2018-09-03 17:52 - 000000000 ____D C:\Users\Frost\AppData\Local\DK Deploy Service
2018-08-29 08:17 - 2018-08-29 08:17 - 000001074 _____ C:\Users\Frost\Desktop\RagnoTech™ Low Specs Experience.lnk
2018-08-29 08:17 - 2018-08-29 08:17 - 000001069 _____ C:\Users\Frost\Desktop\RagnoTech™ ReSwitch.lnk
2018-08-29 08:17 - 2018-08-29 08:17 - 000000000 ____D C:\RagnoTech(TM) Software Solutions
2018-08-29 08:16 - 2018-08-29 08:18 - 000000000 ____D C:\Users\Frost\Downloads\56
2018-08-29 08:13 - 2018-08-29 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-08-29 07:55 - 2018-08-29 07:55 - 000000609 _____ C:\Users\Public\Desktop\Fraps.lnk
2018-08-29 07:55 - 2018-08-29 07:55 - 000000609 _____ C:\ProgramData\Desktop\Fraps.lnk
2018-08-29 07:55 - 2018-08-29 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2018-08-29 07:54 - 2018-08-29 07:59 - 000000000 ____D C:\Users\Frost\AppData\Roaming\DarkSoulsIII
2018-08-29 05:06 - 2018-08-29 06:33 - 000000899 _____ C:\Users\Public\Desktop\Dark Souls 3.lnk
2018-08-29 05:06 - 2018-08-29 06:33 - 000000899 _____ C:\ProgramData\Desktop\Dark Souls 3.lnk
2018-08-28 23:35 - 2018-08-28 23:35 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.08.29.00.17.04
2018-08-28 06:30 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-28 06:30 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-28 06:30 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-28 06:30 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-28 06:29 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-28 06:29 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-28 06:29 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-28 06:29 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-28 06:29 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-28 06:29 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-28 06:29 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-28 06:29 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-28 06:29 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-28 06:29 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-28 06:29 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-28 06:29 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-28 06:29 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-28 06:29 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-28 06:29 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-28 06:29 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-28 06:29 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-28 06:29 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-28 06:29 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:29 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:29 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-28 06:29 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-28 06:29 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-28 06:29 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-28 06:29 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-28 06:29 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-28 06:29 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-28 06:29 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-28 06:29 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-28 06:29 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-28 06:29 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-28 06:29 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-28 06:29 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-28 06:29 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-28 06:29 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
Ran by Frost (administrator) on FROST (12-09-2018 06:26:07)
Running from C:\Users\Frost\Downloads\Programs
Loaded Profiles: Frost (Available Profiles: Frost)
Platform: Windows 10 Pro Version 1803 17134.228 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Discord Inc.) C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Discord Inc.) C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
() C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClient.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUx.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUxRender.exe
() E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUxRender.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [137343192 2018-08-14] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389440 2018-07-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Discord] => C:\Users\Frost\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-05-01] (Discord Inc.)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4031600 2018-07-09] (Tonec Inc.)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Spotify Web Helper] => C:\Users\Frost\AppData\Roaming\Spotify\SpotifyWebHelper.exe [855440 2018-07-12] (Spotify Ltd)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Run: [Spotify] => C:\Users\Frost\AppData\Roaming\Spotify\Spotify.exe [24398736 2018-07-12] (Spotify Ltd)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\MountPoints2: D - "D:\Autorun.exe"
IFEO\CNC3.exe: [Debugger]
IFEO\CNC3EP1.exe: [Debugger]
IFEO\generals.exe: [Debugger]
IFEO\RA3.exe: [Debugger] C:\Program Files (x86)\Revora\CNCOnline\cnconline.exe
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DK.bat [2018-08-14] ()
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2018-09-08]
ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited)
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-03]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Frost\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2018-09-08] ()
AlternateShell:
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{468cbd28-47dc-46bc-b88f-29d80e019b7b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{468cbd28-47dc-46bc-b88f-29d80e019b7b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-18] (Oracle Corporation)
FireFox:
========
FF HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Frost\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Frost\AppData\Roaming\IDM\idmmzcc5 [2018-07-10] [Legacy] [not signed]
FF HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-18] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-10] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR NewTab: Default -> Active:"chrome-extension://eamgcmbligmdanhboepgecjolijbeamg/start/index.html"
CHR Profile: C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default [2018-09-12]
CHR Extension: (Google Drive) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-10]
CHR Extension: (Razer) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbcjclholhnenkngiajifpenjnklokk [2018-07-10]
CHR Extension: (Youtube) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-10]
CHR Extension: (Overwatch Wallpapers HD New Tab Themes) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\eamgcmbligmdanhboepgecjolijbeamg [2018-07-10]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2018-07-10]
CHR Extension: (آدبلوك بلس) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-08-24]
CHR Extension: (IDM Integration Module) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-07-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-10]
CHR Extension: (Gmail) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\Frost\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2018-08-03] (Microsoft Corporation)
R3 BcastDVRUserService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation)
R3 BcastDVRUserService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-07-30] ()
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-04-12] (Microsoft Corporation)
S3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [395264 2018-04-12] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [125952 2018-04-12] (Microsoft Corporation)
S3 CaptureService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-12] (EasyAntiCheat Ltd)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [139424 2018-07-17] (eVenture Limited)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353768 2018-07-10] (Intel Corporation)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 sedsvc; C:\Program Files\rempl\sedsvc.exe [296336 2018-08-10] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-08-22] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2018-04-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-08-22] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-08-22] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [92056 2018-04-12] (Microsoft Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-10] (ELAN Microelectronic Corp.)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-10] (REALiX(tm))
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1139424 2018-08-03] (Realtek )
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [55704 2018-09-11] (Wellbia.com Co., Ltd.)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [62856 2018-08-22] (Intel Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2018-07-10] (BigNox Corporation)
S3 X6va066; \??\C:\Windows\SysWOW64\Drivers\X6va066 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-12 04:30 - 2018-09-12 04:31 - 000000000 ____D C:\AdwCleaner
2018-09-12 04:29 - 2018-09-12 04:30 - 007567568 _____ (Malwarebytes) C:\Users\Frost\Downloads\AdwCleaner.exe
2018-09-12 04:29 - 2018-09-12 04:29 - 000103140 _____ C:\dtgtg.pif
2018-09-12 03:20 - 2018-09-12 03:20 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-09-12 03:18 - 2018-09-12 03:59 - 000000000 ____D C:\ProgramData\RogueKiller
2018-09-12 03:18 - 2018-09-12 03:18 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-09-12 03:18 - 2018-09-12 03:18 - 000000899 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2018-09-12 03:18 - 2018-09-12 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-09-12 03:18 - 2018-09-12 03:18 - 000000000 ____D C:\Program Files\RogueKiller
2018-09-12 02:39 - 2018-09-12 02:40 - 000057197 _____ C:\Users\Frost\Downloads\Addition.txt
2018-09-12 02:37 - 2018-09-12 02:40 - 000152472 _____ C:\Users\Frost\Downloads\FRST.txt
2018-09-12 02:36 - 2018-09-12 06:26 - 000000000 ____D C:\FRST
2018-09-11 04:24 - 2018-09-11 04:24 - 000000222 _____ C:\Users\Frost\Desktop\Rust.url
2018-09-10 19:23 - 2018-09-10 19:23 - 000000000 ____D C:\Users\Frost\AppData\Roaming\CrystalIdea Software
2018-09-10 19:23 - 2018-08-31 22:28 - 001509936 _____ (SpeedyFox) C:\Users\Frost\Desktop\speedyfox.exe
2018-09-09 22:32 - 2018-09-09 22:45 - 000000000 ____D C:\Users\Frost\Documents\Cross Fire
2018-09-09 22:32 - 2018-09-09 22:45 - 000000000 ____D C:\CFLog
2018-09-09 22:31 - 2018-09-11 21:37 - 000055704 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2018-09-09 22:30 - 2018-09-09 22:30 - 000001025 _____ C:\Users\Frost\Desktop\CrossFire.lnk
2018-09-09 22:30 - 2018-09-09 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
2018-09-09 19:20 - 2018-09-09 22:18 - 000000000 ____D C:\ProgramData\Solid State Networks
2018-09-09 18:30 - 2018-09-09 18:30 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066
2018-09-08 21:30 - 2018-09-08 21:30 - 000003074 _____ C:\WINDOWS\System32\Tasks\UAC_X-VPN
2018-09-08 21:30 - 2018-09-08 21:30 - 000001910 _____ C:\Users\Public\Desktop\X-VPN.lnk
2018-09-08 21:30 - 2018-09-08 21:30 - 000001910 _____ C:\ProgramData\Desktop\X-VPN.lnk
2018-09-08 21:30 - 2018-09-08 21:30 - 000000000 ____D C:\Users\Frost\AppData\Roaming\kmg
2018-09-08 21:30 - 2018-09-08 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-VPN
2018-09-08 21:30 - 2018-09-08 21:30 - 000000000 ____D C:\Program Files (x86)\X-VPN
2018-09-08 21:18 - 2018-09-08 21:19 - 000000000 ____D C:\Program Files (x86)\hide.me VPN
2018-09-08 21:18 - 2018-09-08 21:18 - 000001094 _____ C:\Users\Public\Desktop\hide.me VPN.lnk
2018-09-08 21:18 - 2018-09-08 21:18 - 000001094 _____ C:\ProgramData\Desktop\hide.me VPN.lnk
2018-09-08 21:18 - 2018-09-08 21:18 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Hide.me
2018-09-08 21:18 - 2018-09-08 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2018-09-08 21:08 - 2018-09-08 21:20 - 000000000 ____D C:\Users\Frost\AppData\Local\ZenMate
2018-09-08 20:35 - 2018-09-08 20:35 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Hard Disk Sentinel
2018-09-03 07:21 - 2018-09-03 07:21 - 000000000 ____D C:\Users\Frost\Documents\Red Alert 3
2018-09-03 06:55 - 2018-09-03 06:55 - 000001701 _____ C:\Users\Public\Desktop\Command & Conquer™ Red Alert™ 3.lnk
2018-09-03 06:55 - 2018-09-03 06:55 - 000001701 _____ C:\ProgramData\Desktop\Command & Conquer™ Red Alert™ 3.lnk
2018-09-03 06:47 - 2018-09-03 06:47 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-09-03 06:35 - 2018-09-03 06:35 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2018-09-03 06:04 - 2018-09-03 06:04 - 000000853 _____ C:\Users\Public\Desktop\PowerISO.lnk
2018-09-03 06:04 - 2018-09-03 06:04 - 000000853 _____ C:\ProgramData\Desktop\PowerISO.lnk
2018-09-03 06:04 - 2018-09-03 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2018-09-03 06:04 - 2018-09-03 06:04 - 000000000 ____D C:\Program Files\PowerISO
2018-09-03 06:04 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2018-09-03 05:34 - 2018-09-08 21:20 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2018-09-03 05:34 - 2018-09-03 05:34 - 000000000 ____D C:\Users\Frost\AppData\Roaming\ZenMate
2018-09-03 05:34 - 2018-09-03 05:34 - 000000000 ____D C:\Users\Frost\AppData\Local\IsolatedStorage
2018-09-03 04:34 - 2018-05-13 12:33 - 000027136 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys
2018-09-03 03:47 - 2018-09-03 03:47 - 000001125 _____ C:\Users\Frost\Desktop\MEGAsync.lnk
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\Users\Frost\AppData\Local\MEGAsync
2018-09-03 03:47 - 2018-09-03 03:47 - 000000000 ____D C:\Users\Frost\AppData\Local\Mega Limited
2018-09-01 20:29 - 2018-09-11 03:39 - 000000000 ____D C:\Users\Frost\AppData\Local\Razer
2018-09-01 20:27 - 2018-09-11 03:40 - 000000000 ____D C:\ProgramData\Razer
2018-08-31 03:15 - 2011-05-03 13:40 - 000000000 ____D C:\Users\Frost\Desktop\Unpark-CPU-App
2018-08-30 20:56 - 2018-08-30 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2018-08-30 20:56 - 2018-08-30 20:56 - 000000000 ____D C:\Program Files (x86)\WinPcap
2018-08-30 06:49 - 2018-08-30 06:49 - 000000000 ____D C:\Users\Frost\AppData\LocalLow\Facepunch Studios LTD
2018-08-29 08:17 - 2018-09-03 17:52 - 000000000 ____D C:\Users\Frost\AppData\Local\DK Deploy Service
2018-08-29 08:17 - 2018-08-29 08:17 - 000001074 _____ C:\Users\Frost\Desktop\RagnoTech™ Low Specs Experience.lnk
2018-08-29 08:17 - 2018-08-29 08:17 - 000001069 _____ C:\Users\Frost\Desktop\RagnoTech™ ReSwitch.lnk
2018-08-29 08:17 - 2018-08-29 08:17 - 000000000 ____D C:\RagnoTech(TM) Software Solutions
2018-08-29 08:16 - 2018-08-29 08:18 - 000000000 ____D C:\Users\Frost\Downloads\56
2018-08-29 08:13 - 2018-08-29 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-08-29 07:55 - 2018-08-29 07:55 - 000000609 _____ C:\Users\Public\Desktop\Fraps.lnk
2018-08-29 07:55 - 2018-08-29 07:55 - 000000609 _____ C:\ProgramData\Desktop\Fraps.lnk
2018-08-29 07:55 - 2018-08-29 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2018-08-29 07:54 - 2018-08-29 07:59 - 000000000 ____D C:\Users\Frost\AppData\Roaming\DarkSoulsIII
2018-08-29 05:06 - 2018-08-29 06:33 - 000000899 _____ C:\Users\Public\Desktop\Dark Souls 3.lnk
2018-08-29 05:06 - 2018-08-29 06:33 - 000000899 _____ C:\ProgramData\Desktop\Dark Souls 3.lnk
2018-08-28 23:35 - 2018-08-28 23:35 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.08.29.00.17.04
2018-08-28 06:30 - 2018-08-03 05:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-28 06:30 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-28 06:30 - 2018-08-03 05:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-28 06:30 - 2018-08-03 05:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-28 06:29 - 2018-08-03 10:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-28 06:29 - 2018-08-03 10:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-28 06:29 - 2018-08-03 10:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-28 06:29 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-28 06:29 - 2018-08-03 10:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-28 06:29 - 2018-08-03 10:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-28 06:29 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-28 06:29 - 2018-08-03 10:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-28 06:29 - 2018-08-03 10:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-28 06:29 - 2018-08-03 10:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-28 06:29 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-28 06:29 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-28 06:29 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-28 06:29 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-28 06:29 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-28 06:29 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-28 06:29 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-28 06:29 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-28 06:29 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-28 06:29 - 2018-08-03 07:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:29 - 2018-08-03 06:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:29 - 2018-08-03 05:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-28 06:29 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-28 06:29 - 2018-08-03 05:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-28 06:29 - 2018-08-03 05:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-28 06:29 - 2018-08-03 05:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-28 06:29 - 2018-08-03 05:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-28 06:29 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-28 06:29 - 2018-08-03 05:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-28 06:29 - 2018-08-03 05:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-28 06:29 - 2018-08-03 05:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-28 06:29 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-28 06:29 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-28 06:29 - 2018-08-03 05:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-28 06:29 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-28 06:29 - 2018-08-03 05:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
Broni
Posts: 56,041 +516
2018-08-28 06:29 - 2018-08-03 05:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-28 06:29 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-28 06:29 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-28 06:29 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-28 06:29 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-28 06:29 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-28 06:29 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-28 06:29 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-28 06:29 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-28 06:29 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-28 06:29 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-28 06:29 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-28 06:29 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-28 06:29 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-28 06:29 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-28 06:29 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-28 06:29 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-28 06:29 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-28 06:29 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-28 06:29 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-28 06:29 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-28 06:29 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-28 06:29 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-28 06:29 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-28 06:29 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-28 06:29 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-28 06:28 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-28 06:28 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-28 06:28 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-28 06:28 - 2018-08-03 10:21 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2018-08-28 06:28 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-28 06:28 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-28 06:28 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-28 06:28 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-28 06:28 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-28 06:28 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-28 06:28 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-28 06:28 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-28 06:28 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-28 06:28 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-28 06:28 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-28 06:28 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-28 06:28 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-28 06:28 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-28 06:28 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-28 06:28 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-28 06:28 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-27 20:31 - 2018-08-27 20:39 - 000000000 ____D C:\Users\Frost\Zomboid
2018-08-26 21:51 - 2018-08-26 21:51 - 000001274 _____ C:\Users\Frost\Desktop\Uplay.lnk
2018-08-26 21:51 - 2018-08-26 21:51 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-08-26 04:05 - 2018-09-05 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2018-08-26 04:05 - 2018-08-26 04:05 - 000000000 ____D C:\ProgramData\Roblox
2018-08-26 04:04 - 2018-08-26 04:04 - 000000000 ____D C:\Program Files (x86)\Roblox
2018-08-26 02:38 - 2018-08-26 02:38 - 000000000 ____D C:\Users\Frost\Desktop\Lost Saga screenshot
2018-08-26 01:36 - 2018-08-26 01:36 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.08.27.18.52.52
2018-08-25 05:08 - 2018-08-26 01:08 - 000000000 ____D C:\Users\Frost\AppData\Local\PAYDAY 2
2018-08-25 05:08 - 2018-08-25 05:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-25 05:08 - 2018-08-25 05:08 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-08-22 19:05 - 2018-08-22 19:05 - 001813368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2018-08-22 08:32 - 2018-08-22 08:34 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-08-22 08:32 - 2018-08-22 08:33 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-08-22 08:31 - 2018-08-22 08:31 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-08-22 08:29 - 2018-08-22 08:29 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-08-22 08:29 - 2018-08-22 08:29 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-08-22 08:29 - 2018-08-22 08:29 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-08-22 08:29 - 2018-08-22 08:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-08-22 08:29 - 2018-08-22 08:29 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-08-22 08:29 - 2018-08-22 08:29 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002266528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002193920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001538968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-28 06:29 - 2018-08-03 05:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-28 06:29 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-28 06:29 - 2018-08-03 05:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-28 06:29 - 2018-08-03 05:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-28 06:29 - 2018-08-03 05:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-28 06:29 - 2018-08-03 05:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-28 06:29 - 2018-08-03 05:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-28 06:29 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-28 06:29 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-28 06:29 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-28 06:29 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-28 06:29 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-28 06:29 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-28 06:29 - 2018-08-03 05:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-28 06:29 - 2018-08-03 05:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-28 06:29 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-28 06:29 - 2018-08-03 05:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-28 06:29 - 2018-08-03 05:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-28 06:29 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-28 06:29 - 2018-08-03 05:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-28 06:29 - 2018-08-03 05:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-28 06:29 - 2018-08-03 05:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-28 06:29 - 2018-08-03 05:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-28 06:29 - 2018-08-03 05:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-28 06:29 - 2018-08-03 05:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-28 06:29 - 2018-08-03 05:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-28 06:29 - 2018-08-03 05:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-28 06:29 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-28 06:29 - 2018-08-03 05:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-28 06:29 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-28 06:29 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-28 06:29 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-28 06:29 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-28 06:29 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-28 06:29 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-28 06:28 - 2018-08-03 10:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-28 06:28 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-28 06:28 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-28 06:28 - 2018-08-03 10:21 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2018-08-28 06:28 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-28 06:28 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-28 06:28 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-28 06:28 - 2018-08-03 05:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-28 06:28 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-28 06:28 - 2018-08-03 05:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-28 06:28 - 2018-08-03 05:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-28 06:28 - 2018-08-03 05:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-28 06:28 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-28 06:28 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-28 06:28 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-28 06:28 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-28 06:28 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-28 06:28 - 2018-08-03 05:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-28 06:28 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-28 06:28 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-28 06:28 - 2018-08-03 03:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-27 20:31 - 2018-08-27 20:39 - 000000000 ____D C:\Users\Frost\Zomboid
2018-08-26 21:51 - 2018-08-26 21:51 - 000001274 _____ C:\Users\Frost\Desktop\Uplay.lnk
2018-08-26 21:51 - 2018-08-26 21:51 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-08-26 04:05 - 2018-09-05 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2018-08-26 04:05 - 2018-08-26 04:05 - 000000000 ____D C:\ProgramData\Roblox
2018-08-26 04:04 - 2018-08-26 04:04 - 000000000 ____D C:\Program Files (x86)\Roblox
2018-08-26 02:38 - 2018-08-26 02:38 - 000000000 ____D C:\Users\Frost\Desktop\Lost Saga screenshot
2018-08-26 01:36 - 2018-08-26 01:36 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.08.27.18.52.52
2018-08-25 05:08 - 2018-08-26 01:08 - 000000000 ____D C:\Users\Frost\AppData\Local\PAYDAY 2
2018-08-25 05:08 - 2018-08-25 05:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-25 05:08 - 2018-08-25 05:08 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-08-22 19:05 - 2018-08-22 19:05 - 001813368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2018-08-22 08:32 - 2018-08-22 08:34 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-08-22 08:32 - 2018-08-22 08:33 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-08-22 08:31 - 2018-08-22 08:31 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-08-22 08:29 - 2018-08-22 08:29 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-08-22 08:29 - 2018-08-22 08:29 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-08-22 08:29 - 2018-08-22 08:29 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-08-22 08:29 - 2018-08-22 08:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-08-22 08:29 - 2018-08-22 08:29 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-08-22 08:29 - 2018-08-22 08:29 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-22 08:29 - 2018-08-22 08:29 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-08-22 08:29 - 2018-08-22 08:29 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-08-22 08:29 - 2018-08-22 08:29 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002266528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002193920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001538968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
Broni
Posts: 56,041 +516
2018-08-22 08:28 - 2018-08-22 08:28 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-08-22 08:28 - 2018-08-22 08:28 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-08-22 08:28 - 2018-08-22 08:28 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-08-22 08:28 - 2018-08-22 08:28 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000826776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-08-22 08:28 - 2018-08-22 08:28 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-08-22 08:28 - 2018-08-22 08:28 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-08-22 08:28 - 2018-08-22 08:28 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000652184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-08-22 08:28 - 2018-08-22 08:28 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000399768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-08-22 08:28 - 2018-08-22 08:28 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000183736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000148888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-08-22 08:28 - 2018-08-22 08:28 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-08-22 08:28 - 2018-08-22 08:28 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-08-22 08:28 - 2018-08-22 08:28 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000826776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-08-22 08:28 - 2018-08-22 08:28 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-08-22 08:28 - 2018-08-22 08:28 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-08-22 08:28 - 2018-08-22 08:28 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000652184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-08-22 08:28 - 2018-08-22 08:28 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000399768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-08-22 08:28 - 2018-08-22 08:28 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000183736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000148888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
Broni
Posts: 56,041 +516
2018-08-22 08:28 - 2018-08-22 08:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000040864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000019872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-08-22 08:28 - 2018-08-22 08:28 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files\MSBuild
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-08-22 08:19 - 2018-03-06 02:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-08-22 08:19 - 2018-03-06 02:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-08-22 08:19 - 2018-03-06 02:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-08-22 08:18 - 2018-04-11 16:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-08-22 08:18 - 2018-04-11 16:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-08-22 08:18 - 2018-04-11 16:41 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-08-22 08:18 - 2018-04-11 15:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-08-22 08:18 - 2018-04-11 15:12 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-08-22 08:18 - 2018-04-11 15:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-08-22 08:18 - 2018-02-15 02:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-08-22 08:18 - 2018-02-15 02:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-08-22 08:18 - 2018-02-15 02:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-08-22 08:18 - 2017-10-30 04:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-08-22 08:18 - 2017-10-30 02:42 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-08-22 08:17 - 2018-04-11 07:09 - 016735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0001.dll
2018-08-22 08:14 - 2018-08-22 08:14 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2018-08-22 08:14 - 2018-08-22 08:14 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2018-08-22 08:14 - 2018-08-22 08:14 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-08-22 08:01 - 2018-08-22 08:01 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-08-22 02:41 - 2018-08-22 02:51 - 000000000 ____D C:\Users\Frost\Desktop\FTB_Pack_Install
2018-08-22 02:41 - 2018-02-11 17:04 - 010033331 _____ (hackphoenix.com) C:\Users\Frost\Desktop\FTBLauncher_64bit.exe
2018-08-21 23:16 - 2018-08-22 07:16 - 000000000 ____D C:\Users\Frost\AppData\Local\PlaceholderTileLogoFolder
2018-08-21 23:12 - 2018-09-04 01:00 - 000000000 ____D C:\Users\Frost\AppData\Local\D3DSCache
2018-08-21 23:11 - 2018-08-22 03:07 - 000000000 ____D C:\ProgramData\Packages
2018-08-21 22:58 - 2018-08-21 22:58 - 000000000 ____D C:\Users\Frost\AppData\Local\DBG
2018-08-21 22:57 - 2018-08-21 22:57 - 000001417 _____ C:\Users\Frost\Desktop\Microsoft Edge.lnk
2018-08-21 22:57 - 2018-08-21 22:57 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-08-21 22:55 - 2018-08-21 22:55 - 000000000 ___HD C:\Users\Frost\MicrosoftEdgeBackups
2018-08-21 22:54 - 2018-08-28 18:13 - 000000000 ___RD C:\Users\Frost\3D Objects
2018-08-21 22:53 - 2018-08-21 22:55 - 000000000 ____D C:\Users\Frost\AppData\Local\ConnectedDevicesPlatform
2018-08-21 22:53 - 2018-08-21 22:53 - 000000020 ___SH C:\Users\Frost\ntuser.ini
2018-08-21 22:52 - 2018-09-12 04:39 - 000003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-08-21 22:52 - 2018-09-12 04:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-21 22:52 - 2018-09-12 04:28 - 000003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Frost)
2018-08-21 22:52 - 2018-08-21 22:52 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-21 22:52 - 2018-08-21 22:52 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-21 22:52 - 2018-08-21 22:52 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-160697542-1886492661-2065992700-1001
2018-08-21 22:52 - 2018-08-21 22:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-21 22:51 - 2018-08-21 22:52 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-08-21 22:51 - 2018-08-21 22:52 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-08-21 22:51 - 2018-08-21 22:51 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-08-21 22:45 - 2018-08-21 22:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-08-21 22:43 - 2018-09-11 08:29 - 000000000 ____D C:\Users\Frost
2018-08-21 22:43 - 2018-04-12 01:34 - 000001105 _____ C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-21 22:38 - 2018-08-21 22:38 - 000000000 ____D C:\ProgramData\USOShared
2018-08-21 22:38 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-08-21 22:37 - 2018-07-10 19:15 - 000091088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-08-21 22:35 - 2018-09-12 04:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-21 22:34 - 2018-09-03 18:08 - 000251800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-18 02:35 - 2018-08-18 02:35 - 000000000 ____D C:\Users\Frost\Desktop\ATLauncher
2018-08-18 02:35 - 2018-08-18 02:35 - 000000000 ____D C:\Users\Frost\AppData\Roaming\.atlauncher
2018-08-18 02:33 - 2018-08-18 02:33 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-08-18 02:33 - 2018-08-18 02:33 - 000000000 ____D C:\Program Files\Java
2018-08-18 02:14 - 2015-09-08 18:38 - 005125301 _____ (Mc Phoenix Launcher) C:\Users\Frost\Desktop\ATLauncher_64bit.exe
2018-08-17 16:12 - 2018-08-17 16:12 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-08-17 16:12 - 2018-08-17 16:12 - 000000000 ____D C:\Users\Frost\AppData\Local\UnrealEngine
2018-08-17 16:12 - 2018-08-17 16:12 - 000000000 ____D C:\ProgramData\Documents\Steam
2018-08-17 06:45 - 2018-08-17 06:45 - 000001199 _____ C:\Users\Public\Desktop\We Happy Few.lnk
2018-08-17 06:45 - 2018-08-17 06:45 - 000001199 _____ C:\ProgramData\Desktop\We Happy Few.lnk
2018-08-17 04:56 - 2018-08-17 05:06 - 000000000 ____D C:\Users\Frost\Documents\ArmA 2
2018-08-17 04:56 - 2018-08-17 05:04 - 000000000 ____D C:\Users\Frost\AppData\Local\ArmA 2
2018-08-13 23:45 - 2018-08-13 23:45 - 000000222 _____ C:\Users\Frost\Desktop\Insurgency.url
2018-08-13 01:20 - 2018-08-22 19:05 - 000062856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\XtuAcpiDriver.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-12 06:08 - 2018-07-10 19:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-12 04:51 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-12 04:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-12 04:48 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-12 04:34 - 2018-07-10 18:54 - 000000000 __SHD C:\Users\Frost\IntelGraphicsProfiles
2018-09-12 04:32 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-09-12 04:31 - 2018-07-10 19:05 - 000000000 ____D C:\Users\Frost\AppData\Roaming\IObit
2018-09-12 04:30 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\AppData\Roaming\DMCache
2018-09-12 04:29 - 2018-07-10 18:00 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-12 04:29 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-12 04:26 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-12 03:17 - 2018-07-10 19:41 - 000000000 ____D C:\Users\Frost\AppData\Local\Ubisoft Game Launcher
2018-09-11 20:57 - 2018-07-10 18:54 - 000000000 ____D C:\Users\Frost\AppData\Roaming\discord
2018-09-10 19:22 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\Downloads\Compressed
2018-09-09 00:19 - 2018-07-10 19:33 - 000000000 ____D C:\Users\Frost\AppData\Local\Nox
2018-09-09 00:10 - 2018-07-10 19:34 - 000000000 ____D C:\Users\Frost\.android
2018-09-09 00:09 - 2018-07-10 19:33 - 000000000 ____D C:\Users\Frost\vmlogs
2018-09-09 00:09 - 2018-07-10 19:33 - 000000000 ____D C:\Users\Frost\.BigNox
2018-09-08 21:09 - 2018-07-10 18:54 - 000000000 ____D C:\Users\Frost\AppData\Local\SquirrelTemp
2018-09-05 02:47 - 2018-07-10 19:07 - 000000000 ____D C:\ProgramData\ProductData
2018-09-03 07:21 - 2018-08-12 19:25 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Red Alert 3
2018-09-03 06:57 - 2018-08-12 18:53 - 000002955 _____ C:\Users\Frost\Desktop\C&C Online.lnk
2018-09-03 06:57 - 2018-08-12 18:53 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNCOnline
2018-08-31 17:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-30 18:10 - 2018-07-10 19:05 - 000002351 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-08-30 18:10 - 2018-07-10 19:05 - 000002351 _____ C:\ProgramData\Desktop\Driver Booster 5.lnk
2018-08-30 06:49 - 2018-08-12 03:50 - 000000000 ____D C:\Users\Frost\AppData\Roaming\EasyAntiCheat
2018-08-30 06:49 - 2018-07-15 01:06 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-08-29 07:55 - 2018-08-08 22:45 - 000000000 ____D C:\Fraps
2018-08-29 07:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-08-29 05:01 - 2018-07-26 23:12 - 000000000 ____D C:\Users\Frost\AppData\Roaming\uTorrent
2018-08-28 18:13 - 2015-09-10 07:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-26 04:06 - 2018-07-22 23:11 - 000000254 _____ C:\Users\Frost\AppData\LocalLow\rbxcsettings.rbx
2018-08-25 06:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-23 01:28 - 2018-08-04 19:30 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.08.23.05.22.07
2018-08-22 17:43 - 2018-08-12 18:06 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-22 08:34 - 2018-07-27 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2018-08-22 08:34 - 2018-07-22 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2018-08-22 08:34 - 2018-07-16 04:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-22 08:34 - 2018-07-10 23:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-22 08:34 - 2018-07-10 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-22 08:34 - 2018-07-10 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-08-22 08:34 - 2018-07-10 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-08-22 08:34 - 2018-07-10 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-08-22 08:34 - 2018-07-10 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2018-08-22 08:34 - 2018-07-10 18:54 - 000000000 ____D C:\Program Files\Intel
2018-08-22 08:34 - 2018-04-12 01:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-08-22 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-08-22 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-08-22 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-08-22 08:34 - 2015-07-31 00:42 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-08-22 08:34 - 2015-07-31 00:42 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-08-22 08:33 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
2018-08-22 08:32 - 2018-07-27 02:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coop-Land
2018-08-22 08:32 - 2018-07-10 19:17 - 000000000 ____D C:\Program Files\Realtek
2018-08-22 08:30 - 2018-04-12 11:37 - 000000000 ____D C:\WINDOWS\Containers
2018-08-22 08:30 - 2018-04-12 11:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-08-22 08:30 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-08-22 08:19 - 2018-04-12 01:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-08-22 08:19 - 2018-04-12 01:33 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-08-22 08:17 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\OCR
2018-08-22 06:37 - 2018-07-10 18:46 - 000000000 ____D C:\Users\Frost\AppData\Local\Publishers
2018-08-22 06:37 - 2018-07-10 18:45 - 000000000 ____D C:\Users\Frost\AppData\Local\Packages
2018-08-22 04:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-08-22 04:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-08-21 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-08-21 22:55 - 2018-07-10 18:50 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-21 22:55 - 2018-07-10 18:50 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-21 22:55 - 2018-07-10 18:50 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2018-08-21 22:53 - 2018-07-20 06:44 - 000001246 __RSH C:\ProgramData\ntuser.pol
2018-08-21 22:50 - 2018-04-12 01:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-08-21 22:46 - 2018-07-16 04:31 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2018-08-21 22:46 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-08-21 22:46 - 2018-07-10 19:51 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-08-21 22:44 - 2018-07-10 18:54 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-08-21 22:39 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-21 22:39 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-08-21 22:38 - 2018-07-10 18:54 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-08-21 22:38 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-08-21 22:37 - 2018-07-10 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-08-21 04:55 - 2018-07-16 04:13 - 000000000 ____D C:\Users\Frost\AppData\Roaming\.minecraft
2018-08-18 05:47 - 2018-08-12 20:15 - 000008192 _____ C:\WINDOWS\system32\edb.chk
2018-08-18 02:23 - 2018-07-16 04:25 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-18 02:22 - 2018-07-16 04:26 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-08-17 16:34 - 2018-07-10 20:31 - 000000000 ____D C:\Users\Frost\Documents\My Games
2018-08-17 06:05 - 2018-07-27 02:51 - 000001113 _____ C:\Users\Frost\Desktop\Dark Souls Prepare To Die Edition.lnk
2018-08-17 05:20 - 2018-07-10 23:09 - 000000000 ____D C:\Program Files\rempl
2018-08-14 23:26 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\Downloads\Video
2018-08-14 22:26 - 2018-07-10 23:09 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-14 00:46 - 2018-07-10 20:11 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-13 22:29 - 2018-07-10 18:47 - 000000000 ___RD C:\Users\Frost\OneDrive
==================== Files in the root of some directories =======
2018-08-03 05:53 - 2018-08-03 05:53 - 000000017 _____ () C:\Users\Frost\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2018-09-09 22:33 - 2018-09-11 21:38 - 000000088 _____ () C:\Users\Frost\AppData\Local\Temp\109bc304f8f928a68f54a1ae49b4520c.dll
2018-09-09 22:31 - 2018-09-11 21:50 - 000000000 _____ () C:\Users\Frost\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll
2018-09-12 03:18 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\Users\Frost\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-21 22:34
==================== End of FRST.txt ============================
2018-08-22 08:28 - 2018-08-22 08:28 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000040864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-08-22 08:28 - 2018-08-22 08:28 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-08-22 08:28 - 2018-08-22 08:28 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000019872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-08-22 08:28 - 2018-08-22 08:28 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-22 08:28 - 2018-08-22 08:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files\MSBuild
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-08-22 08:19 - 2018-08-22 08:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-08-22 08:19 - 2018-03-06 02:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-08-22 08:19 - 2018-03-06 02:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-08-22 08:19 - 2018-03-06 02:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-08-22 08:18 - 2018-04-11 16:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-08-22 08:18 - 2018-04-11 16:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-08-22 08:18 - 2018-04-11 16:41 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-08-22 08:18 - 2018-04-11 15:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-08-22 08:18 - 2018-04-11 15:12 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-08-22 08:18 - 2018-04-11 15:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-08-22 08:18 - 2018-02-15 02:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-08-22 08:18 - 2018-02-15 02:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-08-22 08:18 - 2018-02-15 02:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-08-22 08:18 - 2017-10-30 04:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-08-22 08:18 - 2017-10-30 02:42 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-08-22 08:17 - 2018-04-11 07:09 - 016735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0001.dll
2018-08-22 08:14 - 2018-08-22 08:14 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2018-08-22 08:14 - 2018-08-22 08:14 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2018-08-22 08:14 - 2018-08-22 08:14 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-08-22 08:01 - 2018-08-22 08:01 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-08-22 02:41 - 2018-08-22 02:51 - 000000000 ____D C:\Users\Frost\Desktop\FTB_Pack_Install
2018-08-22 02:41 - 2018-02-11 17:04 - 010033331 _____ (hackphoenix.com) C:\Users\Frost\Desktop\FTBLauncher_64bit.exe
2018-08-21 23:16 - 2018-08-22 07:16 - 000000000 ____D C:\Users\Frost\AppData\Local\PlaceholderTileLogoFolder
2018-08-21 23:12 - 2018-09-04 01:00 - 000000000 ____D C:\Users\Frost\AppData\Local\D3DSCache
2018-08-21 23:11 - 2018-08-22 03:07 - 000000000 ____D C:\ProgramData\Packages
2018-08-21 22:58 - 2018-08-21 22:58 - 000000000 ____D C:\Users\Frost\AppData\Local\DBG
2018-08-21 22:57 - 2018-08-21 22:57 - 000001417 _____ C:\Users\Frost\Desktop\Microsoft Edge.lnk
2018-08-21 22:57 - 2018-08-21 22:57 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-08-21 22:55 - 2018-08-21 22:55 - 000000000 ___HD C:\Users\Frost\MicrosoftEdgeBackups
2018-08-21 22:54 - 2018-08-28 18:13 - 000000000 ___RD C:\Users\Frost\3D Objects
2018-08-21 22:53 - 2018-08-21 22:55 - 000000000 ____D C:\Users\Frost\AppData\Local\ConnectedDevicesPlatform
2018-08-21 22:53 - 2018-08-21 22:53 - 000000020 ___SH C:\Users\Frost\ntuser.ini
2018-08-21 22:52 - 2018-09-12 04:39 - 000003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-08-21 22:52 - 2018-09-12 04:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-21 22:52 - 2018-09-12 04:28 - 000003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Frost)
2018-08-21 22:52 - 2018-08-21 22:52 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-21 22:52 - 2018-08-21 22:52 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-21 22:52 - 2018-08-21 22:52 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-160697542-1886492661-2065992700-1001
2018-08-21 22:52 - 2018-08-21 22:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-21 22:51 - 2018-08-21 22:52 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-08-21 22:51 - 2018-08-21 22:52 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-08-21 22:51 - 2018-08-21 22:51 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-08-21 22:45 - 2018-08-21 22:45 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-08-21 22:43 - 2018-09-11 08:29 - 000000000 ____D C:\Users\Frost
2018-08-21 22:43 - 2018-04-12 01:34 - 000001105 _____ C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-21 22:38 - 2018-08-21 22:38 - 000000000 ____D C:\ProgramData\USOShared
2018-08-21 22:38 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-08-21 22:37 - 2018-07-10 19:15 - 000091088 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-08-21 22:35 - 2018-09-12 04:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-21 22:34 - 2018-09-03 18:08 - 000251800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-18 02:35 - 2018-08-18 02:35 - 000000000 ____D C:\Users\Frost\Desktop\ATLauncher
2018-08-18 02:35 - 2018-08-18 02:35 - 000000000 ____D C:\Users\Frost\AppData\Roaming\.atlauncher
2018-08-18 02:33 - 2018-08-18 02:33 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-08-18 02:33 - 2018-08-18 02:33 - 000000000 ____D C:\Program Files\Java
2018-08-18 02:14 - 2015-09-08 18:38 - 005125301 _____ (Mc Phoenix Launcher) C:\Users\Frost\Desktop\ATLauncher_64bit.exe
2018-08-17 16:12 - 2018-08-17 16:12 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-08-17 16:12 - 2018-08-17 16:12 - 000000000 ____D C:\Users\Frost\AppData\Local\UnrealEngine
2018-08-17 16:12 - 2018-08-17 16:12 - 000000000 ____D C:\ProgramData\Documents\Steam
2018-08-17 06:45 - 2018-08-17 06:45 - 000001199 _____ C:\Users\Public\Desktop\We Happy Few.lnk
2018-08-17 06:45 - 2018-08-17 06:45 - 000001199 _____ C:\ProgramData\Desktop\We Happy Few.lnk
2018-08-17 04:56 - 2018-08-17 05:06 - 000000000 ____D C:\Users\Frost\Documents\ArmA 2
2018-08-17 04:56 - 2018-08-17 05:04 - 000000000 ____D C:\Users\Frost\AppData\Local\ArmA 2
2018-08-13 23:45 - 2018-08-13 23:45 - 000000222 _____ C:\Users\Frost\Desktop\Insurgency.url
2018-08-13 01:20 - 2018-08-22 19:05 - 000062856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\XtuAcpiDriver.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-12 06:08 - 2018-07-10 19:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-09-12 04:51 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-12 04:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-12 04:48 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-12 04:34 - 2018-07-10 18:54 - 000000000 __SHD C:\Users\Frost\IntelGraphicsProfiles
2018-09-12 04:32 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-09-12 04:31 - 2018-07-10 19:05 - 000000000 ____D C:\Users\Frost\AppData\Roaming\IObit
2018-09-12 04:30 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\AppData\Roaming\DMCache
2018-09-12 04:29 - 2018-07-10 18:00 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-12 04:29 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-12 04:26 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-12 03:17 - 2018-07-10 19:41 - 000000000 ____D C:\Users\Frost\AppData\Local\Ubisoft Game Launcher
2018-09-11 20:57 - 2018-07-10 18:54 - 000000000 ____D C:\Users\Frost\AppData\Roaming\discord
2018-09-10 19:22 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\Downloads\Compressed
2018-09-09 00:19 - 2018-07-10 19:33 - 000000000 ____D C:\Users\Frost\AppData\Local\Nox
2018-09-09 00:10 - 2018-07-10 19:34 - 000000000 ____D C:\Users\Frost\.android
2018-09-09 00:09 - 2018-07-10 19:33 - 000000000 ____D C:\Users\Frost\vmlogs
2018-09-09 00:09 - 2018-07-10 19:33 - 000000000 ____D C:\Users\Frost\.BigNox
2018-09-08 21:09 - 2018-07-10 18:54 - 000000000 ____D C:\Users\Frost\AppData\Local\SquirrelTemp
2018-09-05 02:47 - 2018-07-10 19:07 - 000000000 ____D C:\ProgramData\ProductData
2018-09-03 07:21 - 2018-08-12 19:25 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Red Alert 3
2018-09-03 06:57 - 2018-08-12 18:53 - 000002955 _____ C:\Users\Frost\Desktop\C&C Online.lnk
2018-09-03 06:57 - 2018-08-12 18:53 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNCOnline
2018-08-31 17:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-30 18:10 - 2018-07-10 19:05 - 000002351 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2018-08-30 18:10 - 2018-07-10 19:05 - 000002351 _____ C:\ProgramData\Desktop\Driver Booster 5.lnk
2018-08-30 06:49 - 2018-08-12 03:50 - 000000000 ____D C:\Users\Frost\AppData\Roaming\EasyAntiCheat
2018-08-30 06:49 - 2018-07-15 01:06 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-08-29 07:55 - 2018-08-08 22:45 - 000000000 ____D C:\Fraps
2018-08-29 07:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-08-29 05:01 - 2018-07-26 23:12 - 000000000 ____D C:\Users\Frost\AppData\Roaming\uTorrent
2018-08-28 18:13 - 2015-09-10 07:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-28 08:20 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-08-28 08:20 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-26 04:06 - 2018-07-22 23:11 - 000000254 _____ C:\Users\Frost\AppData\LocalLow\rbxcsettings.rbx
2018-08-25 06:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-23 01:28 - 2018-08-04 19:30 - 000029000 _____ C:\WINDOWS\SysWOW64\Drivers\X6va066_2018.08.23.05.22.07
2018-08-22 17:43 - 2018-08-12 18:06 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-22 08:34 - 2018-07-27 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2018-08-22 08:34 - 2018-07-22 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2018-08-22 08:34 - 2018-07-16 04:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-22 08:34 - 2018-07-10 23:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-22 08:34 - 2018-07-10 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-22 08:34 - 2018-07-10 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-08-22 08:34 - 2018-07-10 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-08-22 08:34 - 2018-07-10 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-08-22 08:34 - 2018-07-10 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2018-08-22 08:34 - 2018-07-10 18:54 - 000000000 ____D C:\Program Files\Intel
2018-08-22 08:34 - 2018-04-12 01:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-08-22 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-08-22 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-08-22 08:34 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-08-22 08:34 - 2015-07-31 00:42 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-08-22 08:34 - 2015-07-31 00:42 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-08-22 08:33 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
2018-08-22 08:32 - 2018-07-27 02:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coop-Land
2018-08-22 08:32 - 2018-07-10 19:17 - 000000000 ____D C:\Program Files\Realtek
2018-08-22 08:30 - 2018-04-12 11:37 - 000000000 ____D C:\WINDOWS\Containers
2018-08-22 08:30 - 2018-04-12 11:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-08-22 08:30 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-08-22 08:30 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-08-22 08:30 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-08-22 08:19 - 2018-04-12 01:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-08-22 08:19 - 2018-04-12 01:33 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-08-22 08:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-08-22 08:17 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\OCR
2018-08-22 06:37 - 2018-07-10 18:46 - 000000000 ____D C:\Users\Frost\AppData\Local\Publishers
2018-08-22 06:37 - 2018-07-10 18:45 - 000000000 ____D C:\Users\Frost\AppData\Local\Packages
2018-08-22 04:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-08-22 04:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-08-21 22:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-08-21 22:55 - 2018-07-10 18:50 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-21 22:55 - 2018-07-10 18:50 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-21 22:55 - 2018-07-10 18:50 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2018-08-21 22:53 - 2018-07-20 06:44 - 000001246 __RSH C:\ProgramData\ntuser.pol
2018-08-21 22:50 - 2018-04-12 01:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-08-21 22:46 - 2018-07-16 04:31 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2018-08-21 22:46 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-08-21 22:46 - 2018-07-10 19:51 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-08-21 22:44 - 2018-07-10 18:54 - 000000000 ____D C:\Users\Frost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-08-21 22:39 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-21 22:39 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-08-21 22:38 - 2018-07-10 18:54 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-08-21 22:38 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-08-21 22:37 - 2018-07-10 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-08-21 04:55 - 2018-07-16 04:13 - 000000000 ____D C:\Users\Frost\AppData\Roaming\.minecraft
2018-08-18 05:47 - 2018-08-12 20:15 - 000008192 _____ C:\WINDOWS\system32\edb.chk
2018-08-18 02:23 - 2018-07-16 04:25 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-18 02:22 - 2018-07-16 04:26 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-08-17 16:34 - 2018-07-10 20:31 - 000000000 ____D C:\Users\Frost\Documents\My Games
2018-08-17 06:05 - 2018-07-27 02:51 - 000001113 _____ C:\Users\Frost\Desktop\Dark Souls Prepare To Die Edition.lnk
2018-08-17 05:20 - 2018-07-10 23:09 - 000000000 ____D C:\Program Files\rempl
2018-08-14 23:26 - 2018-07-10 19:55 - 000000000 ____D C:\Users\Frost\Downloads\Video
2018-08-14 22:26 - 2018-07-10 23:09 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-14 00:46 - 2018-07-10 20:11 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-13 22:29 - 2018-07-10 18:47 - 000000000 ___RD C:\Users\Frost\OneDrive
==================== Files in the root of some directories =======
2018-08-03 05:53 - 2018-08-03 05:53 - 000000017 _____ () C:\Users\Frost\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2018-09-09 22:33 - 2018-09-11 21:38 - 000000088 _____ () C:\Users\Frost\AppData\Local\Temp\109bc304f8f928a68f54a1ae49b4520c.dll
2018-09-09 22:31 - 2018-09-11 21:50 - 000000000 _____ () C:\Users\Frost\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll
2018-09-12 03:18 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\Users\Frost\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-21 22:34
==================== End of FRST.txt ============================
Broni
Posts: 56,041 +516
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018 01
Ran by Frost (12-09-2018 06:27:44)
Running from C:\Users\Frost\Downloads\Programs
Windows 10 Pro Version 1803 17134.228 (X64) (2018-08-21 20:53:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-160697542-1886492661-2065992700-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-160697542-1886492661-2065992700-503 - Limited - Disabled)
Frost (S-1-5-21-160697542-1886492661-2065992700-1001 - Administrator - Enabled) => C:\Users\Frost
Guest (S-1-5-21-160697542-1886492661-2065992700-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-160697542-1886492661-2065992700-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora)
Command & Conquer™ Red Alert™ 3 (HKLM\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
CrossFire NA (HKLM-x32\...\CrossFire_is1) (Version: - Z8Games.com)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Dark Souls Prepare To Die Edition [Steam} (HKLM-x32\...\{DSPTDE-6B52-2B42-48D3-6FDF3A861253}_is1) (Version: 1.0 - )
Discord (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
hide.me VPN 1.4.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.4.2 - eVenture Limited)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8395 - Realtek Semiconductor Corp.)
Roblox Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
RogueKiller version 12.13.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.13.0.0 - Adlice Software)
Spotify (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Spotify) (Version: 1.0.84.344.gfc674f6f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 67.0 - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
We Happy Few (HKLM-x32\...\We Happy Few_is1) (Version: - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
X-VPN (HKLM-x32\...\X-VPN) (Version: 27.0 - Free Connected Limited)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-10] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {113F4262-CE67-4EB9-9863-1BCF27A30206} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {285DDFF9-2EBF-498E-A21C-1F1BD37FAFDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-10] (Google Inc.)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4E07476A-6F68-497E-93D8-584936A1082B} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {554C5031-B4E1-49DA-A841-7135DB4410A0} - System32\Tasks\UAC_X-VPN => C:\Program Files (x86)\X-VPN\X-VPN.exe [2018-09-07] ()
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {9A842319-043C-4FB4-BB28-33835A3BF718} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-08-22] (Microsoft Corporation)
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D4779B42-6446-4278-AF70-F9885B72C464} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2018-07-10] ()
Task: {D9EA10B2-76B2-4203-BE5E-793EC7FFE14B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-160697542-1886492661-2065992700-1001 => C:\Users\Frost\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {DB367377-40AC-4A68-9FE4-1BC222E1E5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-10] (Google Inc.)
Task: {F0ABB4CE-32E3-4F11-B433-C20821A045FA} - System32\Tasks\Driver Booster SkipUAC (Frost) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [2018-07-07] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000598528 _____ () C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-10 19:15 - 2018-07-10 19:15 - 000381928 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-08-30 00:39 - 2018-08-30 00:39 - 003855360 _____ () C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe
2018-08-08 23:55 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-08 23:55 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 003524736 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClient.exe
2018-09-12 06:10 - 2018-09-12 06:10 - 001748440 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUx.exe
2018-09-12 06:10 - 2018-09-12 06:10 - 000916608 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUxRender.exe
2018-07-10 18:54 - 2018-05-01 08:01 - 001891672 _____ () C:\Users\Frost\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-07-10 18:54 - 2018-05-01 08:01 - 001937752 _____ () C:\Users\Frost\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-07-10 18:54 - 2018-05-01 08:01 - 000095576 _____ () C:\Users\Frost\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-07-10 18:54 - 2018-08-30 00:27 - 011321176 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-07-10 18:54 - 2018-07-18 11:05 - 001635160 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-07-10 18:54 - 2018-07-10 18:54 - 001910104 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-07-10 18:54 - 2018-07-10 18:54 - 000422744 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-07-10 18:54 - 2018-07-10 18:54 - 000145240 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-07-10 18:54 - 2018-07-10 18:54 - 000512856 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-07-10 18:54 - 2018-08-11 05:52 - 001641304 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-07-10 18:54 - 2018-07-10 18:54 - 002722648 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-11 05:53 - 2018-08-11 05:53 - 001247576 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-11 05:53 - 2018-09-12 02:26 - 022378328 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-07-10 18:57 - 2018-07-10 18:57 - 001249112 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-07-10 18:57 - 2018-07-10 18:57 - 002760536 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-09-12 06:12 - 2018-09-12 06:12 - 000113792 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\zlib.dll
2018-09-12 06:12 - 2018-09-12 06:12 - 000128640 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\yaml.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 001975936 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-patch\rcp-be-patch.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000614528 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000550528 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-riot-messaging-service\rcp-be-riot-messaging-service.dll
2018-09-12 06:09 - 2018-03-22 12:34 - 000492160 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-entitlements\rcp-be-entitlements.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001463424 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-patch\rcp-be-lol-patch.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001392600 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000999040 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000522368 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000733824 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000523392 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000452224 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000610944 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000539264 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000587736 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000535168 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000770688 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000479360 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-pre-end-of-game\rcp-be-lol-pre-end-of-game.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000761472 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000444544 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000501888 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000481920 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000443008 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2018-09-12 06:09 - 2018-05-31 03:25 - 000778368 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000641152 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-champions\rcp-be-lol-champions.dll
2018-09-12 06:09 - 2017-11-21 12:27 - 000446592 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000841856 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000691328 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000628184 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-inventory\rcp-be-lol-inventory.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000899712 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2018-09-12 06:09 - 2018-02-07 23:20 - 000567424 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2018-09-12 06:09 - 2018-05-15 14:18 - 000645248 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000518272 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 001578112 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001691776 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000740992 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000563840 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000609752 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-loadouts\rcp-be-lol-loadouts.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000493696 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000518272 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2018-09-12 06:09 - 2018-06-27 14:31 - 000923264 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000472704 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-kickout\rcp-be-lol-kickout.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000432256 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000479360 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2018-09-12 06:09 - 2018-02-22 11:57 - 000439936 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2018-09-12 06:09 - 2018-05-15 13:40 - 000662656 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2018-09-12 06:09 - 2017-07-12 03:17 - 000522368 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000594560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2018-09-12 06:09 - 2018-05-15 14:18 - 000598656 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2018-09-12 06:09 - 2018-06-21 15:16 - 000485504 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000530560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000558720 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000562816 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2018-09-12 06:09 - 2017-08-23 03:58 - 000715392 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2018-09-12 06:09 - 2018-05-31 03:25 - 000716928 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2018-09-12 06:09 - 2017-08-10 03:42 - 000530560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000574080 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2018-09-12 06:09 - 2018-05-15 14:18 - 000451200 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000487040 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000546432 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2018-09-12 06:09 - 2018-01-10 11:40 - 000484992 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-purchase-widget\rcp-be-lol-purchase-widget.dll
2018-09-12 06:09 - 2018-05-31 03:25 - 000546432 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-personalized-offers\rcp-be-lol-personalized-offers.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000618624 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-recommendations\rcp-be-lol-recommendations.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000469632 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-user-experience\rcp-be-lol-user-experience.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000542848 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-simple-dialog-messages\rcp-be-lol-simple-dialog-messages.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000610944 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-highlights\rcp-be-lol-highlights.dll
2018-09-12 06:09 - 2018-06-27 14:31 - 000627840 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-honor-v2\rcp-be-lol-honor-v2.dll
2018-09-12 06:09 - 2018-01-10 11:40 - 000465024 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000632448 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-missions\rcp-be-lol-missions.dll
2018-09-12 06:09 - 2017-09-13 15:52 - 000584832 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-item-sets\rcp-be-lol-item-sets.dll
2018-09-12 06:09 - 2018-01-24 14:36 - 000500352 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-email-verification\rcp-be-lol-email-verification.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000471680 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-geoinfo\rcp-be-lol-geoinfo.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000489088 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-content-targeting\rcp-be-lol-content-targeting.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001309824 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-clash\rcp-be-lol-clash.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000658560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000750208 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-voice-chat\rcp-be-voice-chat.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000664704 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-gcloud-voice-chat\rcp-be-gcloud-voice-chat.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000635008 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-premade-voice\rcp-be-lol-premade-voice.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000511104 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-featured-modes\rcp-be-lol-featured-modes.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000606336 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-npe-tutorial-path\rcp-be-lol-npe-tutorial-path.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000486016 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-catalog\rcp-be-lol-catalog.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000556160 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-regalia\rcp-be-lol-regalia.dll
2018-09-12 06:09 - 2017-11-21 12:27 - 000451712 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-payments\rcp-be-payments.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000566400 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-banners\rcp-be-lol-banners.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000484480 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-trophies\rcp-be-lol-trophies.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000766080 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-perks\rcp-be-lol-perks.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000455296 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-discord-rp\rcp-be-lol-discord-rp.dll
2018-09-12 06:09 - 2018-02-07 23:20 - 000530560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-account-verification\rcp-be-lol-account-verification.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000567936 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-career-stats\rcp-be-lol-career-stats.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 055045760 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\libcef.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000832640 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\ffmpeg.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001801344 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\libglesv2.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000022144 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-31 00:42 - 2018-09-08 21:30 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frost\Pictures\aoi-ogata-doalow2.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\StartupFolder: => "ZenMate.bat"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "utweb"
Ran by Frost (12-09-2018 06:27:44)
Running from C:\Users\Frost\Downloads\Programs
Windows 10 Pro Version 1803 17134.228 (X64) (2018-08-21 20:53:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-160697542-1886492661-2065992700-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-160697542-1886492661-2065992700-503 - Limited - Disabled)
Frost (S-1-5-21-160697542-1886492661-2065992700-1001 - Administrator - Enabled) => C:\Users\Frost
Guest (S-1-5-21-160697542-1886492661-2065992700-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-160697542-1886492661-2065992700-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
C&C:Online (HKLM-x32\...\{1298F091-2180-4779-BDA0-1176247252D0}) (Version: 2.0.7 - Revora)
Command & Conquer™ Red Alert™ 3 (HKLM\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
CrossFire NA (HKLM-x32\...\CrossFire_is1) (Version: - Z8Games.com)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version: - )
Dark Souls Prepare To Die Edition [Steam} (HKLM-x32\...\{DSPTDE-6B52-2B42-48D3-6FDF3A861253}_is1) (Version: 1.0 - )
Discord (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
hide.me VPN 1.4.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.4.2 - eVenture Limited)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8395 - Realtek Semiconductor Corp.)
Roblox Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
RogueKiller version 12.13.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.13.0.0 - Adlice Software)
Spotify (HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\Spotify) (Version: 1.0.84.344.gfc674f6f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 67.0 - Ubisoft)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
We Happy Few (HKLM-x32\...\We Happy Few_is1) (Version: - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
X-VPN (HKLM-x32\...\X-VPN) (Version: 27.0 - Free Connected Limited)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-160697542-1886492661-2065992700-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-10] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {113F4262-CE67-4EB9-9863-1BCF27A30206} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {285DDFF9-2EBF-498E-A21C-1F1BD37FAFDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-10] (Google Inc.)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4E07476A-6F68-497E-93D8-584936A1082B} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {554C5031-B4E1-49DA-A841-7135DB4410A0} - System32\Tasks\UAC_X-VPN => C:\Program Files (x86)\X-VPN\X-VPN.exe [2018-09-07] ()
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {9A842319-043C-4FB4-BB28-33835A3BF718} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-08-22] (Microsoft Corporation)
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D4779B42-6446-4278-AF70-F9885B72C464} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2018-07-10] ()
Task: {D9EA10B2-76B2-4203-BE5E-793EC7FFE14B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-160697542-1886492661-2065992700-1001 => C:\Users\Frost\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {DB367377-40AC-4A68-9FE4-1BC222E1E5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-10] (Google Inc.)
Task: {F0ABB4CE-32E3-4F11-B433-C20821A045FA} - System32\Tasks\Driver Booster SkipUAC (Frost) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [2018-07-07] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000598528 _____ () C:\Users\Frost\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-10 19:15 - 2018-07-10 19:15 - 000381928 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-08-30 00:39 - 2018-08-30 00:39 - 003855360 _____ () C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe
2018-08-08 23:55 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-08 23:55 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 003524736 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClient.exe
2018-09-12 06:10 - 2018-09-12 06:10 - 001748440 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUx.exe
2018-09-12 06:10 - 2018-09-12 06:10 - 000916608 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\LeagueClientUxRender.exe
2018-07-10 18:54 - 2018-05-01 08:01 - 001891672 _____ () C:\Users\Frost\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-07-10 18:54 - 2018-05-01 08:01 - 001937752 _____ () C:\Users\Frost\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-07-10 18:54 - 2018-05-01 08:01 - 000095576 _____ () C:\Users\Frost\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-07-10 18:54 - 2018-08-30 00:27 - 011321176 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-07-10 18:54 - 2018-07-18 11:05 - 001635160 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-07-10 18:54 - 2018-07-10 18:54 - 001910104 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-07-10 18:54 - 2018-07-10 18:54 - 000422744 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-07-10 18:54 - 2018-07-10 18:54 - 000145240 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-07-10 18:54 - 2018-07-10 18:54 - 000512856 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-07-10 18:54 - 2018-08-11 05:52 - 001641304 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-07-10 18:54 - 2018-07-10 18:54 - 002722648 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-11 05:53 - 2018-08-11 05:53 - 001247576 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-11 05:53 - 2018-09-12 02:26 - 022378328 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-07-10 18:57 - 2018-07-10 18:57 - 001249112 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-07-10 18:57 - 2018-07-10 18:57 - 002760536 _____ () \\?\C:\Users\Frost\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-09-12 06:12 - 2018-09-12 06:12 - 000113792 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\zlib.dll
2018-09-12 06:12 - 2018-09-12 06:12 - 000128640 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\yaml.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 001975936 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-patch\rcp-be-patch.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000614528 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000550528 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-riot-messaging-service\rcp-be-riot-messaging-service.dll
2018-09-12 06:09 - 2018-03-22 12:34 - 000492160 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-entitlements\rcp-be-entitlements.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001463424 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-patch\rcp-be-lol-patch.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001392600 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000999040 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000522368 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000733824 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000523392 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000452224 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000610944 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000539264 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000587736 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000535168 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000770688 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000479360 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-pre-end-of-game\rcp-be-lol-pre-end-of-game.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000761472 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000444544 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000501888 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000481920 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000443008 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2018-09-12 06:09 - 2018-05-31 03:25 - 000778368 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000641152 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-champions\rcp-be-lol-champions.dll
2018-09-12 06:09 - 2017-11-21 12:27 - 000446592 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000841856 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000691328 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000628184 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-inventory\rcp-be-lol-inventory.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000899712 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2018-09-12 06:09 - 2018-02-07 23:20 - 000567424 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2018-09-12 06:09 - 2018-05-15 14:18 - 000645248 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000518272 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 001578112 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001691776 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000740992 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000563840 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000609752 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-loadouts\rcp-be-lol-loadouts.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000493696 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000518272 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2018-09-12 06:09 - 2018-06-27 14:31 - 000923264 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000472704 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-kickout\rcp-be-lol-kickout.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000432256 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000479360 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2018-09-12 06:09 - 2018-02-22 11:57 - 000439936 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2018-09-12 06:09 - 2018-05-15 13:40 - 000662656 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2018-09-12 06:09 - 2017-07-12 03:17 - 000522368 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000594560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2018-09-12 06:09 - 2018-05-15 14:18 - 000598656 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2018-09-12 06:09 - 2018-06-21 15:16 - 000485504 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000530560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000558720 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000562816 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2018-09-12 06:09 - 2017-08-23 03:58 - 000715392 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2018-09-12 06:09 - 2018-05-31 03:25 - 000716928 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2018-09-12 06:09 - 2017-08-10 03:42 - 000530560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000574080 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2018-09-12 06:09 - 2018-05-15 14:18 - 000451200 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000487040 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000546432 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2018-09-12 06:09 - 2018-01-10 11:40 - 000484992 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-purchase-widget\rcp-be-lol-purchase-widget.dll
2018-09-12 06:09 - 2018-05-31 03:25 - 000546432 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-personalized-offers\rcp-be-lol-personalized-offers.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000618624 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-recommendations\rcp-be-lol-recommendations.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000469632 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-user-experience\rcp-be-lol-user-experience.dll
2018-09-12 06:09 - 2017-11-08 07:33 - 000542848 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-simple-dialog-messages\rcp-be-lol-simple-dialog-messages.dll
2018-09-12 06:09 - 2017-07-12 03:18 - 000610944 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-highlights\rcp-be-lol-highlights.dll
2018-09-12 06:09 - 2018-06-27 14:31 - 000627840 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-honor-v2\rcp-be-lol-honor-v2.dll
2018-09-12 06:09 - 2018-01-10 11:40 - 000465024 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000632448 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-missions\rcp-be-lol-missions.dll
2018-09-12 06:09 - 2017-09-13 15:52 - 000584832 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-item-sets\rcp-be-lol-item-sets.dll
2018-09-12 06:09 - 2018-01-24 14:36 - 000500352 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-email-verification\rcp-be-lol-email-verification.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000471680 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-geoinfo\rcp-be-lol-geoinfo.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000489088 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-content-targeting\rcp-be-lol-content-targeting.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001309824 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-clash\rcp-be-lol-clash.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000658560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000750208 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-voice-chat\rcp-be-voice-chat.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000664704 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-gcloud-voice-chat\rcp-be-gcloud-voice-chat.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000635008 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-premade-voice\rcp-be-lol-premade-voice.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000511104 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-featured-modes\rcp-be-lol-featured-modes.dll
2018-09-12 06:09 - 2018-08-02 05:03 - 000606336 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-npe-tutorial-path\rcp-be-lol-npe-tutorial-path.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000486016 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-catalog\rcp-be-lol-catalog.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000556160 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-regalia\rcp-be-lol-regalia.dll
2018-09-12 06:09 - 2017-11-21 12:27 - 000451712 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-payments\rcp-be-payments.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000566400 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-banners\rcp-be-lol-banners.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000484480 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-trophies\rcp-be-lol-trophies.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000766080 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-perks\rcp-be-lol-perks.dll
2018-09-12 06:09 - 2018-05-16 18:43 - 000455296 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-discord-rp\rcp-be-lol-discord-rp.dll
2018-09-12 06:09 - 2018-02-07 23:20 - 000530560 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-account-verification\rcp-be-lol-account-verification.dll
2018-09-12 06:09 - 2018-09-10 00:08 - 000567936 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\Plugins\rcp-be-lol-career-stats\rcp-be-lol-career-stats.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 055045760 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\libcef.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000832640 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\ffmpeg.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 001801344 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\libglesv2.dll
2018-09-12 06:10 - 2018-09-12 06:10 - 000022144 _____ () E:\League of Legends\RADS\projects\league_client\releases\0.0.0.161\deploy\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-31 00:42 - 2018-09-08 21:30 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frost\Pictures\aoi-ogata-doalow2.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\StartupFolder: => "ZenMate.bat"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\StartupApproved\Run: => "utweb"
Broni
Posts: 56,041 +516
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8BF69AC5-E9EC-4E68-ABA3-169A2C5CC55F}] => (Allow) G:\SteamLibrary\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{E7BD2C6E-0531-482B-99E5-47E6DA1A49E0}] => (Allow) G:\SteamLibrary\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{BD7CD0FC-19C5-4A4B-AC1B-93755032541E}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{EFB753E3-B997-48E2-803B-E0225EF05F4D}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{9B9BC98F-97E0-498E-B704-5FA82FC41EA2}] => (Allow) G:\SteamLibrary\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{BCB64B34-BAD9-4497-A7B1-12724F6810A8}] => (Allow) G:\SteamLibrary\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{5E9E2140-7A71-42FD-93CD-44DB8342F364}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FEA5EA62-FFAF-451F-8A21-A8E767E599BC}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3B7281E8-C541-4E79-91C0-3F82DE3BC2FC}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [UDP Query User{8CC6748F-6ADC-463A-BE10-E6EEF947506A}E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [TCP Query User{632CF773-980D-41F9-8B8A-B328949DCF8F}E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{02822F3B-B3B9-40E2-A206-CB46166F91F2}E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [TCP Query User{0FFC42DB-81EA-42FC-8AE7-FF820FA37775}E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [UDP Query User{37CA033F-70C3-4CEA-9BF3-C02FC79C7685}E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe] => (Block) E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{DF95A884-3F47-4967-BB1B-475C8ED830DC}E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe] => (Block) E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A4EB2005-8532-4694-BEE3-04E4F12E30D0}C:\users\frost\appdata\local\temp\winifibpc.exe] => (Block) C:\users\frost\appdata\local\temp\winifibpc.exe
FirewallRules: [TCP Query User{FF858D07-3543-464B-8845-25168EB65C67}C:\users\frost\appdata\local\temp\winifibpc.exe] => (Block) C:\users\frost\appdata\local\temp\winifibpc.exe
FirewallRules: [UDP Query User{4B110979-9F1F-4059-8B53-C08195FD2001}C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe
FirewallRules: [TCP Query User{0C7E618D-BEB5-473F-80AB-88888EB60E46}C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe
FirewallRules: [UDP Query User{312A579D-FBC6-4E78-A544-6683ECB8ED77}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [TCP Query User{2802DAC9-81C2-42B6-843B-739AAD11A398}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{F9CB0064-22AD-4C55-B274-ADF86C0800C8}C:\users\frost\appdata\local\temp\winqhne.exe] => (Block) C:\users\frost\appdata\local\temp\winqhne.exe
FirewallRules: [TCP Query User{20FE3D24-49CD-41E2-9F43-23F4AC31E4F1}C:\users\frost\appdata\local\temp\winqhne.exe] => (Block) C:\users\frost\appdata\local\temp\winqhne.exe
FirewallRules: [{2443501C-C303-4654-B01F-658082F19089}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C860FA23-181B-4B0B-BBDE-D1B58345F32F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C7661BE1-2CBE-424B-AA60-26B7C295CC5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4149C241-15CD-405A-984A-73AF8B0AD137}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C71ABE5E-BD66-47F1-9CC0-BD1A1020F18D}] => (Allow) C:\Users\Frost\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{358BA189-D14A-4FA4-A686-171BA547C1BB}] => (Allow) C:\Users\Frost\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{A9D8629C-F1CE-4E9D-81B4-7AFBD9BA323A}C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe
FirewallRules: [TCP Query User{16FD5362-706F-4008-936D-81497A578914}C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe
FirewallRules: [UDP Query User{22832ADE-B57D-40B6-B8DE-9B229E03D0CE}E:\hotf\overwatch\overwatch.exe] => (Allow) E:\hotf\overwatch\overwatch.exe
FirewallRules: [TCP Query User{47DE0EB9-9C60-4392-AD4C-9AE0B0A6B2DD}E:\hotf\overwatch\overwatch.exe] => (Allow) E:\hotf\overwatch\overwatch.exe
FirewallRules: [UDP Query User{DC59BFF6-E7C0-41D6-9452-1842F7D72072}C:\users\frost\appdata\local\temp\ooet.exe] => (Block) C:\users\frost\appdata\local\temp\ooet.exe
FirewallRules: [TCP Query User{13F7A066-CC37-448B-AD7E-8422CFAAECC4}C:\users\frost\appdata\local\temp\ooet.exe] => (Block) C:\users\frost\appdata\local\temp\ooet.exe
FirewallRules: [UDP Query User{9D0CFE1D-BCDF-4F9E-9FA8-936018D91E95}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe
FirewallRules: [TCP Query User{D40C4795-1B2E-42B8-822C-F82CC1A4C503}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe
FirewallRules: [UDP Query User{A6AFFFE4-9540-4484-8AF3-404773EC3C40}C:\program files (x86)\steam\gameoverlayui.exe] => (Allow) C:\program files (x86)\steam\gameoverlayui.exe
FirewallRules: [TCP Query User{97EBF0DB-1EB4-494E-8784-3DF68D89B1F0}C:\program files (x86)\steam\gameoverlayui.exe] => (Allow) C:\program files (x86)\steam\gameoverlayui.exe
FirewallRules: [UDP Query User{BB81F757-F1A9-4F62-9C88-C9A752796DF7}C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe
FirewallRules: [TCP Query User{6A5F547A-FA52-436A-9B66-AA37B85ED746}C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe
FirewallRules: [UDP Query User{75E996B7-98A8-4371-8794-C26759E7DE9A}C:\users\frost\appdata\local\temp\winkxilrj.exe] => (Block) C:\users\frost\appdata\local\temp\winkxilrj.exe
FirewallRules: [TCP Query User{E292C9D7-E47D-479B-8C72-5D65FC0BA7EC}C:\users\frost\appdata\local\temp\winkxilrj.exe] => (Block) C:\users\frost\appdata\local\temp\winkxilrj.exe
FirewallRules: [UDP Query User{6A9358B7-DB57-41FD-B26B-65B802952B69}C:\users\frost\appdata\local\temp\winiynreq.exe] => (Block) C:\users\frost\appdata\local\temp\winiynreq.exe
FirewallRules: [TCP Query User{8B750CB6-37EB-4332-8EBF-DE7049F8690C}C:\users\frost\appdata\local\temp\winiynreq.exe] => (Block) C:\users\frost\appdata\local\temp\winiynreq.exe
FirewallRules: [UDP Query User{601C0EB8-E851-486C-9713-C3835BE513E0}C:\users\frost\appdata\local\temp\winqgleo.exe] => (Block) C:\users\frost\appdata\local\temp\winqgleo.exe
FirewallRules: [TCP Query User{5E76C0BD-564F-465D-9838-619375017970}C:\users\frost\appdata\local\temp\winqgleo.exe] => (Block) C:\users\frost\appdata\local\temp\winqgleo.exe
FirewallRules: [UDP Query User{89883189-13BC-47C3-B782-8EA55BF49421}E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe] => (Allow) E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7AFC155F-1699-4447-8D4B-9377B5CBE159}E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe] => (Allow) E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E435034E-7C7F-48A4-B279-948CC5921968}C:\users\frost\appdata\local\temp\oauv.exe] => (Block) C:\users\frost\appdata\local\temp\oauv.exe
FirewallRules: [TCP Query User{8BCA9B73-9448-473E-92E3-D6EC816A546A}C:\users\frost\appdata\local\temp\oauv.exe] => (Block) C:\users\frost\appdata\local\temp\oauv.exe
FirewallRules: [UDP Query User{055FA22A-7FC7-4AB9-9083-57B53943777A}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [TCP Query User{ABEB11D1-A6BC-4AAB-B070-766F74149E9C}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [UDP Query User{5A7399F4-553A-4A7C-AC6D-EFE1A3D29B94}C:\users\frost\appdata\local\temp\ollore.exe] => (Block) C:\users\frost\appdata\local\temp\ollore.exe
FirewallRules: [TCP Query User{C3150885-74E3-49A6-BDF3-2440C8C9B036}C:\users\frost\appdata\local\temp\ollore.exe] => (Block) C:\users\frost\appdata\local\temp\ollore.exe
FirewallRules: [UDP Query User{B141EECE-E93C-4DEA-A0C4-12910F873180}C:\program files (x86)\internet download manager\iemonitor.exe] => (Block) C:\program files (x86)\internet download manager\iemonitor.exe
FirewallRules: [TCP Query User{F449405F-16BA-4812-88D2-19B7001C39FA}C:\program files (x86)\internet download manager\iemonitor.exe] => (Block) C:\program files (x86)\internet download manager\iemonitor.exe
FirewallRules: [UDP Query User{33893D50-5E70-4E75-B5A3-075941374664}C:\users\frost\appdata\local\temp\winejfqn.exe] => (Block) C:\users\frost\appdata\local\temp\winejfqn.exe
FirewallRules: [TCP Query User{D0FE2C47-BF73-49DC-9C15-CEEF7D4D0E34}C:\users\frost\appdata\local\temp\winejfqn.exe] => (Block) C:\users\frost\appdata\local\temp\winejfqn.exe
FirewallRules: [UDP Query User{0923C0B5-6764-4B84-AE19-CBB7217A9CF7}C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe
FirewallRules: [TCP Query User{FCDB94CC-4E0C-4A1E-A057-A13DBFE7FE31}C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe
FirewallRules: [UDP Query User{4EB4CE1A-9633-4B0C-A747-56AB116F0149}C:\users\frost\appdata\local\temp\winband.exe] => (Block) C:\users\frost\appdata\local\temp\winband.exe
FirewallRules: [TCP Query User{7C7271A6-D3B0-485F-8450-390723542C0C}C:\users\frost\appdata\local\temp\winband.exe] => (Block) C:\users\frost\appdata\local\temp\winband.exe
FirewallRules: [UDP Query User{03000240-815F-4E81-BC55-D45D8B278FE0}C:\users\frost\appdata\local\temp\wincinqux.exe] => (Block) C:\users\frost\appdata\local\temp\wincinqux.exe
FirewallRules: [TCP Query User{62773930-E0FB-4F58-8035-C15296953B34}C:\users\frost\appdata\local\temp\wincinqux.exe] => (Block) C:\users\frost\appdata\local\temp\wincinqux.exe
FirewallRules: [UDP Query User{028BF80E-2687-47B1-8452-407A71B61EF4}C:\users\frost\appdata\local\temp\winqjxq.exe] => (Block) C:\users\frost\appdata\local\temp\winqjxq.exe
FirewallRules: [TCP Query User{CD9404BF-1E3C-44AC-8A52-D7E4008F513E}C:\users\frost\appdata\local\temp\winqjxq.exe] => (Block) C:\users\frost\appdata\local\temp\winqjxq.exe
FirewallRules: [UDP Query User{CFBFF35B-8D30-4726-BAAD-5601ECF27DE4}C:\program files (x86)\common files\java\java update\jusched.exe] => (Allow) C:\program files (x86)\common files\java\java update\jusched.exe
FirewallRules: [TCP Query User{BF6639E5-BE14-4114-99D5-C8DDE903D83E}C:\program files (x86)\common files\java\java update\jusched.exe] => (Allow) C:\program files (x86)\common files\java\java update\jusched.exe
FirewallRules: [UDP Query User{7714FF1D-FE7F-4473-9180-042C8B8D8488}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{C06E7251-4970-44E2-B045-DB684EFF2784}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{620FCAEC-63D7-476A-8F13-9C1B0AD2C068}C:\users\frost\appdata\local\temp\wincpxtrb.exe] => (Block) C:\users\frost\appdata\local\temp\wincpxtrb.exe
FirewallRules: [TCP Query User{29CBEC8F-2A38-477D-B36C-70B3B16FA7C4}C:\users\frost\appdata\local\temp\wincpxtrb.exe] => (Block) C:\users\frost\appdata\local\temp\wincpxtrb.exe
FirewallRules: [UDP Query User{F48CA12E-14BF-4FFF-A5BB-278A59926573}C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe] => (Allow) C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe
FirewallRules: [TCP Query User{4DBFB322-3BA3-4062-B4F2-CD874ACAE20D}C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe] => (Allow) C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe
FirewallRules: [UDP Query User{EB943153-0C38-4644-A940-9D249B0C76B4}F:\games\far cry 3\game\far cry 3\bin\farcry3.exe] => (Block) F:\games\far cry 3\game\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{CFC0A43D-2B11-4B8B-9BC1-B9D7246ABEF7}F:\games\far cry 3\game\far cry 3\bin\farcry3.exe] => (Block) F:\games\far cry 3\game\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{9316A839-829B-46FB-8B64-CCF4B0D40E87}F:\games\far cry 3\game\far cry 3\play-farcry3.exe] => (Allow) F:\games\far cry 3\game\far cry 3\play-farcry3.exe
FirewallRules: [TCP Query User{61C63F1A-C36F-40FB-9B09-ABEE3640F3BC}F:\games\far cry 3\game\far cry 3\play-farcry3.exe] => (Allow) F:\games\far cry 3\game\far cry 3\play-farcry3.exe
FirewallRules: [{69D740CB-174D-4DF7-AABB-08274F2452A1}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{3B40B5BF-5CE8-4AE3-84EF-18BB0E7C51D0}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{148F2E3C-D0F4-4E33-B157-BB8FCFCDBF0A}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{80EA71C1-03EE-4857-A119-DA1DE1FB858C}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [UDP Query User{9C557590-14C7-4E27-9C9D-F1AF4A7C2105}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [TCP Query User{E129E47D-7BE4-4884-B347-042D3BD78536}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [UDP Query User{1B3B08FE-A145-417B-9EBB-520449F6D963}C:\users\frost\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frost\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3A3EF4EE-E315-43C5-9585-F962D02DD4E2}C:\users\frost\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frost\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{468555DC-00B0-492F-A31F-DBC09D581BD0}C:\users\frost\downloads\programs\anydesk.exe] => (Allow) C:\users\frost\downloads\programs\anydesk.exe
FirewallRules: [TCP Query User{3886D55B-14CA-48A4-BE3D-E2D87868237C}C:\users\frost\downloads\programs\anydesk.exe] => (Allow) C:\users\frost\downloads\programs\anydesk.exe
FirewallRules: [UDP Query User{5C0C91A6-5475-4D7E-9E43-08458894733A}E:\games\red alert 3\red alert 3\ra3.exe] => (Allow) E:\games\red alert 3\red alert 3\ra3.exe
FirewallRules: [TCP Query User{84E47D9C-75C4-42F9-930E-1F87EACBD598}E:\games\red alert 3\red alert 3\ra3.exe] => (Allow) E:\games\red alert 3\red alert 3\ra3.exe
FirewallRules: [UDP Query User{9428C101-F407-407A-A51A-62F11F62F4C3}E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Block) E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{83FD1D4C-C94E-464E-9D14-1198C269D9FA}E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Block) E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [{10532962-0AB7-406A-95C8-72C62B83B0FF}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{9DAF384E-F2E0-437A-8671-2EBDF4ADBEBC}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{67F9AFD4-C9AA-4A5E-98E0-BF18214DB350}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{3810A3DB-7D22-474F-B6E3-55A4809F3D2F}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{1C336F23-F321-43FA-813E-DCE8CB0ADF34}] => (Allow) E:\Lost Saga\Game\LostSaga\lostsaga.exe
FirewallRules: [{24382B1E-1BE6-4B78-9B14-0465B3E5659A}] => (Allow) E:\Lost Saga\Game\LostSaga\lostsaga.exe
FirewallRules: [{A04E4300-4A14-4804-854C-184330E8453B}] => (Allow) E:\Lost Saga\Game\LostSaga\autoupgrade.exe
FirewallRules: [{AB1A8701-108D-4E2A-9A9E-220401B024F8}] => (Allow) E:\Lost Saga\Game\LostSaga\autoupgrade.exe
FirewallRules: [{18971076-BE66-4EBA-A5DB-B0AD4A2D2ABB}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{600149A1-C894-4AB2-9A32-D7B26881CA0D}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{7FA8E5DA-4050-4E7B-84AF-9FBA634A6B1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5069A7FC-34F2-43D0-BB01-E9CA16815A28}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{35088861-8431-4327-B429-464356A6EEF8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4709BCEA-FD0B-44EB-ABB8-53E26094007C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{49B3C2FB-6D0A-4DE5-ABEB-586B4C7C51E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{6DB9D0D8-077E-4921-983E-6AF4CFA6AE92}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{573DB394-DA06-4AE0-9684-8829A534081E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{25DB524C-FC36-42A7-86E4-BDC9CC90F6E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{3A91F594-ABE3-40E9-8CE6-663D5D81738F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{D8EFBB48-D433-4B90-BA0A-71A917D0B208}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{52A84570-4AAB-4735-998A-834BADAC16FD}] => (Allow) G:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{05722CE0-60BA-4030-AF88-17C8CD921C1D}] => (Allow) G:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7F2F9740-FBB6-4E50-999F-971A528ECDAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{F0ED581E-D3F7-40FE-968E-6D4099D10FE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{AD8F8CD8-8F7D-41E3-A7AD-5F64D38C6172}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{C452F5B2-7C85-44FA-A4C2-F8E89213D128}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{A442F395-5141-40BF-841F-3046B0F368C2}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{D8B5DCA5-F617-4752-96A6-3351FE34D547}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{F8F444F9-E2E1-4782-9DB6-79A1F12C8E6B}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8C92487F-3FAA-4AB2-9769-86CF19A3B83E}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/12/2018 04:50:29 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FROST)
Description: المسالةالمسالة-2147467263
Error: (09/12/2018 04:50:29 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FROST)
Description: المسالةالمسالة-2147467263
Error: (09/12/2018 04:35:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1398
Faulting application start time: 0x01d44a4136feeac5
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: d78fe1c7-a242-487d-a199-76c9e77df6be
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:34:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1ab8
Faulting application start time: 0x01d44a41238a73c5
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: 226be654-267b-431c-a4c0-40e900a4e007
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:33:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x774
Faulting application start time: 0x01d44a40edcf0735
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: e5336cdb-a6b7-4ffb-a01f-dfd4c6064a2f
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:26:09 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FROST)
Description: المسالةالمسالة-2147467263
Error: (09/12/2018 04:24:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1654
Faulting application start time: 0x01d44a3fbdaaf27e
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: 7f63b01e-0981-4997-9e43-94132ae0d96f
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:24:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1e34
Faulting application start time: 0x01d44a3fa903ebcf
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: 379a578f-ead6-463d-ba1d-3833a1cecf87
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (09/12/2018 06:09:07 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 06:01:15 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 05:31:08 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:55:39 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:49:54 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:35:34 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:35:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Connected User Experiences and Telemetry service terminated unexpectedly. It has done this 3 time(s).
Error: (09/12/2018 04:34:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Connected User Experiences and Telemetry service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2018-09-12 04:36:05.022
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-12 04:24:40.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-12 03:59:59.187
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-08 02:15:14.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-07 18:20:29.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-07 07:48:30.976
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 18:31:06.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-08-25 05:12:19.082
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8050.91 MB
Available physical RAM: 4859.15 MB
Total Virtual: 13046.56 MB
Available Virtual: 9461.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:46.22 GB) (Free:14.76 GB) NTFS
Drive e: (DRV1_VOL2) (Fixed) (Total:325.95 GB) (Free:35.71 GB) NTFS
Drive f: (DRV1_VOL3) (Fixed) (Total:279.38 GB) (Free:38.24 GB) NTFS
Drive g: (DRV1_VOL4) (Fixed) (Total:279.61 GB) (Free:48.81 GB) NTFS
\\?\Volume{9ae9701e-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9AE9701E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=46.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=884.9 GB) - (Type=05)
==================== End of Addition.txt ============================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8BF69AC5-E9EC-4E68-ABA3-169A2C5CC55F}] => (Allow) G:\SteamLibrary\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{E7BD2C6E-0531-482B-99E5-47E6DA1A49E0}] => (Allow) G:\SteamLibrary\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{BD7CD0FC-19C5-4A4B-AC1B-93755032541E}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{EFB753E3-B997-48E2-803B-E0225EF05F4D}] => (Allow) G:\SteamLibrary\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{9B9BC98F-97E0-498E-B704-5FA82FC41EA2}] => (Allow) G:\SteamLibrary\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{BCB64B34-BAD9-4497-A7B1-12724F6810A8}] => (Allow) G:\SteamLibrary\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{5E9E2140-7A71-42FD-93CD-44DB8342F364}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FEA5EA62-FFAF-451F-8A21-A8E767E599BC}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3B7281E8-C541-4E79-91C0-3F82DE3BC2FC}] => (Allow) E:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [UDP Query User{8CC6748F-6ADC-463A-BE10-E6EEF947506A}E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [TCP Query User{632CF773-980D-41F9-8B8A-B328949DCF8F}E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe
FirewallRules: [UDP Query User{02822F3B-B3B9-40E2-A206-CB46166F91F2}E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [TCP Query User{0FFC42DB-81EA-42FC-8AE7-FF820FA37775}E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe] => (Allow) E:\league of legends\rads\projects\league_client\releases\0.0.0.157\deploy\leagueclient.exe
FirewallRules: [UDP Query User{37CA033F-70C3-4CEA-9BF3-C02FC79C7685}E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe] => (Block) E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{DF95A884-3F47-4967-BB1B-475C8ED830DC}E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe] => (Block) E:\hotf\heroes of the storm\versions\base66946\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A4EB2005-8532-4694-BEE3-04E4F12E30D0}C:\users\frost\appdata\local\temp\winifibpc.exe] => (Block) C:\users\frost\appdata\local\temp\winifibpc.exe
FirewallRules: [TCP Query User{FF858D07-3543-464B-8845-25168EB65C67}C:\users\frost\appdata\local\temp\winifibpc.exe] => (Block) C:\users\frost\appdata\local\temp\winifibpc.exe
FirewallRules: [UDP Query User{4B110979-9F1F-4059-8B53-C08195FD2001}C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe
FirewallRules: [TCP Query User{0C7E618D-BEB5-473F-80AB-88888EB60E46}C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uninstall.exe
FirewallRules: [UDP Query User{312A579D-FBC6-4E78-A544-6683ECB8ED77}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [TCP Query User{2802DAC9-81C2-42B6-843B-739AAD11A398}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{F9CB0064-22AD-4C55-B274-ADF86C0800C8}C:\users\frost\appdata\local\temp\winqhne.exe] => (Block) C:\users\frost\appdata\local\temp\winqhne.exe
FirewallRules: [TCP Query User{20FE3D24-49CD-41E2-9F43-23F4AC31E4F1}C:\users\frost\appdata\local\temp\winqhne.exe] => (Block) C:\users\frost\appdata\local\temp\winqhne.exe
FirewallRules: [{2443501C-C303-4654-B01F-658082F19089}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C860FA23-181B-4B0B-BBDE-D1B58345F32F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C7661BE1-2CBE-424B-AA60-26B7C295CC5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4149C241-15CD-405A-984A-73AF8B0AD137}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C71ABE5E-BD66-47F1-9CC0-BD1A1020F18D}] => (Allow) C:\Users\Frost\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{358BA189-D14A-4FA4-A686-171BA547C1BB}] => (Allow) C:\Users\Frost\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{A9D8629C-F1CE-4E9D-81B4-7AFBD9BA323A}C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe
FirewallRules: [TCP Query User{16FD5362-706F-4008-936D-81497A578914}C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_172\bin\javaw.exe
FirewallRules: [UDP Query User{22832ADE-B57D-40B6-B8DE-9B229E03D0CE}E:\hotf\overwatch\overwatch.exe] => (Allow) E:\hotf\overwatch\overwatch.exe
FirewallRules: [TCP Query User{47DE0EB9-9C60-4392-AD4C-9AE0B0A6B2DD}E:\hotf\overwatch\overwatch.exe] => (Allow) E:\hotf\overwatch\overwatch.exe
FirewallRules: [UDP Query User{DC59BFF6-E7C0-41D6-9452-1842F7D72072}C:\users\frost\appdata\local\temp\ooet.exe] => (Block) C:\users\frost\appdata\local\temp\ooet.exe
FirewallRules: [TCP Query User{13F7A066-CC37-448B-AD7E-8422CFAAECC4}C:\users\frost\appdata\local\temp\ooet.exe] => (Block) C:\users\frost\appdata\local\temp\ooet.exe
FirewallRules: [UDP Query User{9D0CFE1D-BCDF-4F9E-9FA8-936018D91E95}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe
FirewallRules: [TCP Query User{D40C4795-1B2E-42B8-822C-F82CC1A4C503}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe
FirewallRules: [UDP Query User{A6AFFFE4-9540-4484-8AF3-404773EC3C40}C:\program files (x86)\steam\gameoverlayui.exe] => (Allow) C:\program files (x86)\steam\gameoverlayui.exe
FirewallRules: [TCP Query User{97EBF0DB-1EB4-494E-8784-3DF68D89B1F0}C:\program files (x86)\steam\gameoverlayui.exe] => (Allow) C:\program files (x86)\steam\gameoverlayui.exe
FirewallRules: [UDP Query User{BB81F757-F1A9-4F62-9C88-C9A752796DF7}C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe
FirewallRules: [TCP Query User{6A5F547A-FA52-436A-9B66-AA37B85ED746}C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe
FirewallRules: [UDP Query User{75E996B7-98A8-4371-8794-C26759E7DE9A}C:\users\frost\appdata\local\temp\winkxilrj.exe] => (Block) C:\users\frost\appdata\local\temp\winkxilrj.exe
FirewallRules: [TCP Query User{E292C9D7-E47D-479B-8C72-5D65FC0BA7EC}C:\users\frost\appdata\local\temp\winkxilrj.exe] => (Block) C:\users\frost\appdata\local\temp\winkxilrj.exe
FirewallRules: [UDP Query User{6A9358B7-DB57-41FD-B26B-65B802952B69}C:\users\frost\appdata\local\temp\winiynreq.exe] => (Block) C:\users\frost\appdata\local\temp\winiynreq.exe
FirewallRules: [TCP Query User{8B750CB6-37EB-4332-8EBF-DE7049F8690C}C:\users\frost\appdata\local\temp\winiynreq.exe] => (Block) C:\users\frost\appdata\local\temp\winiynreq.exe
FirewallRules: [UDP Query User{601C0EB8-E851-486C-9713-C3835BE513E0}C:\users\frost\appdata\local\temp\winqgleo.exe] => (Block) C:\users\frost\appdata\local\temp\winqgleo.exe
FirewallRules: [TCP Query User{5E76C0BD-564F-465D-9838-619375017970}C:\users\frost\appdata\local\temp\winqgleo.exe] => (Block) C:\users\frost\appdata\local\temp\winqgleo.exe
FirewallRules: [UDP Query User{89883189-13BC-47C3-B782-8EA55BF49421}E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe] => (Allow) E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7AFC155F-1699-4447-8D4B-9377B5CBE159}E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe] => (Allow) E:\hotf\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E435034E-7C7F-48A4-B279-948CC5921968}C:\users\frost\appdata\local\temp\oauv.exe] => (Block) C:\users\frost\appdata\local\temp\oauv.exe
FirewallRules: [TCP Query User{8BCA9B73-9448-473E-92E3-D6EC816A546A}C:\users\frost\appdata\local\temp\oauv.exe] => (Block) C:\users\frost\appdata\local\temp\oauv.exe
FirewallRules: [UDP Query User{055FA22A-7FC7-4AB9-9083-57B53943777A}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [TCP Query User{ABEB11D1-A6BC-4AAB-B070-766F74149E9C}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [UDP Query User{5A7399F4-553A-4A7C-AC6D-EFE1A3D29B94}C:\users\frost\appdata\local\temp\ollore.exe] => (Block) C:\users\frost\appdata\local\temp\ollore.exe
FirewallRules: [TCP Query User{C3150885-74E3-49A6-BDF3-2440C8C9B036}C:\users\frost\appdata\local\temp\ollore.exe] => (Block) C:\users\frost\appdata\local\temp\ollore.exe
FirewallRules: [UDP Query User{B141EECE-E93C-4DEA-A0C4-12910F873180}C:\program files (x86)\internet download manager\iemonitor.exe] => (Block) C:\program files (x86)\internet download manager\iemonitor.exe
FirewallRules: [TCP Query User{F449405F-16BA-4812-88D2-19B7001C39FA}C:\program files (x86)\internet download manager\iemonitor.exe] => (Block) C:\program files (x86)\internet download manager\iemonitor.exe
FirewallRules: [UDP Query User{33893D50-5E70-4E75-B5A3-075941374664}C:\users\frost\appdata\local\temp\winejfqn.exe] => (Block) C:\users\frost\appdata\local\temp\winejfqn.exe
FirewallRules: [TCP Query User{D0FE2C47-BF73-49DC-9C15-CEEF7D4D0E34}C:\users\frost\appdata\local\temp\winejfqn.exe] => (Block) C:\users\frost\appdata\local\temp\winejfqn.exe
FirewallRules: [UDP Query User{0923C0B5-6764-4B84-AE19-CBB7217A9CF7}C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe
FirewallRules: [TCP Query User{FCDB94CC-4E0C-4A1E-A057-A13DBFE7FE31}C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\upc.exe
FirewallRules: [UDP Query User{4EB4CE1A-9633-4B0C-A747-56AB116F0149}C:\users\frost\appdata\local\temp\winband.exe] => (Block) C:\users\frost\appdata\local\temp\winband.exe
FirewallRules: [TCP Query User{7C7271A6-D3B0-485F-8450-390723542C0C}C:\users\frost\appdata\local\temp\winband.exe] => (Block) C:\users\frost\appdata\local\temp\winband.exe
FirewallRules: [UDP Query User{03000240-815F-4E81-BC55-D45D8B278FE0}C:\users\frost\appdata\local\temp\wincinqux.exe] => (Block) C:\users\frost\appdata\local\temp\wincinqux.exe
FirewallRules: [TCP Query User{62773930-E0FB-4F58-8035-C15296953B34}C:\users\frost\appdata\local\temp\wincinqux.exe] => (Block) C:\users\frost\appdata\local\temp\wincinqux.exe
FirewallRules: [UDP Query User{028BF80E-2687-47B1-8452-407A71B61EF4}C:\users\frost\appdata\local\temp\winqjxq.exe] => (Block) C:\users\frost\appdata\local\temp\winqjxq.exe
FirewallRules: [TCP Query User{CD9404BF-1E3C-44AC-8A52-D7E4008F513E}C:\users\frost\appdata\local\temp\winqjxq.exe] => (Block) C:\users\frost\appdata\local\temp\winqjxq.exe
FirewallRules: [UDP Query User{CFBFF35B-8D30-4726-BAAD-5601ECF27DE4}C:\program files (x86)\common files\java\java update\jusched.exe] => (Allow) C:\program files (x86)\common files\java\java update\jusched.exe
FirewallRules: [TCP Query User{BF6639E5-BE14-4114-99D5-C8DDE903D83E}C:\program files (x86)\common files\java\java update\jusched.exe] => (Allow) C:\program files (x86)\common files\java\java update\jusched.exe
FirewallRules: [UDP Query User{7714FF1D-FE7F-4473-9180-042C8B8D8488}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{C06E7251-4970-44E2-B045-DB684EFF2784}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{620FCAEC-63D7-476A-8F13-9C1B0AD2C068}C:\users\frost\appdata\local\temp\wincpxtrb.exe] => (Block) C:\users\frost\appdata\local\temp\wincpxtrb.exe
FirewallRules: [TCP Query User{29CBEC8F-2A38-477D-B36C-70B3B16FA7C4}C:\users\frost\appdata\local\temp\wincpxtrb.exe] => (Block) C:\users\frost\appdata\local\temp\wincpxtrb.exe
FirewallRules: [UDP Query User{F48CA12E-14BF-4FFF-A5BB-278A59926573}C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe] => (Allow) C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe
FirewallRules: [TCP Query User{4DBFB322-3BA3-4062-B4F2-CD874ACAE20D}C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe] => (Allow) C:\users\frost\appdata\local\discord\app-0.0.301\discord.exe
FirewallRules: [UDP Query User{EB943153-0C38-4644-A940-9D249B0C76B4}F:\games\far cry 3\game\far cry 3\bin\farcry3.exe] => (Block) F:\games\far cry 3\game\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{CFC0A43D-2B11-4B8B-9BC1-B9D7246ABEF7}F:\games\far cry 3\game\far cry 3\bin\farcry3.exe] => (Block) F:\games\far cry 3\game\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{9316A839-829B-46FB-8B64-CCF4B0D40E87}F:\games\far cry 3\game\far cry 3\play-farcry3.exe] => (Allow) F:\games\far cry 3\game\far cry 3\play-farcry3.exe
FirewallRules: [TCP Query User{61C63F1A-C36F-40FB-9B09-ABEE3640F3BC}F:\games\far cry 3\game\far cry 3\play-farcry3.exe] => (Allow) F:\games\far cry 3\game\far cry 3\play-farcry3.exe
FirewallRules: [{69D740CB-174D-4DF7-AABB-08274F2452A1}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{3B40B5BF-5CE8-4AE3-84EF-18BB0E7C51D0}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{148F2E3C-D0F4-4E33-B157-BB8FCFCDBF0A}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{80EA71C1-03EE-4857-A119-DA1DE1FB858C}] => (Allow) F:\SteamLibrary\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [UDP Query User{9C557590-14C7-4E27-9C9D-F1AF4A7C2105}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [TCP Query User{E129E47D-7BE4-4884-B347-042D3BD78536}E:\games\the forest\game\theforest32.exe] => (Allow) E:\games\the forest\game\theforest32.exe
FirewallRules: [UDP Query User{1B3B08FE-A145-417B-9EBB-520449F6D963}C:\users\frost\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frost\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3A3EF4EE-E315-43C5-9585-F962D02DD4E2}C:\users\frost\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\frost\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{468555DC-00B0-492F-A31F-DBC09D581BD0}C:\users\frost\downloads\programs\anydesk.exe] => (Allow) C:\users\frost\downloads\programs\anydesk.exe
FirewallRules: [TCP Query User{3886D55B-14CA-48A4-BE3D-E2D87868237C}C:\users\frost\downloads\programs\anydesk.exe] => (Allow) C:\users\frost\downloads\programs\anydesk.exe
FirewallRules: [UDP Query User{5C0C91A6-5475-4D7E-9E43-08458894733A}E:\games\red alert 3\red alert 3\ra3.exe] => (Allow) E:\games\red alert 3\red alert 3\ra3.exe
FirewallRules: [TCP Query User{84E47D9C-75C4-42F9-930E-1F87EACBD598}E:\games\red alert 3\red alert 3\ra3.exe] => (Allow) E:\games\red alert 3\red alert 3\ra3.exe
FirewallRules: [UDP Query User{9428C101-F407-407A-A51A-62F11F62F4C3}E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Block) E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [TCP Query User{83FD1D4C-C94E-464E-9D14-1198C269D9FA}E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Block) E:\league of legends\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe
FirewallRules: [{10532962-0AB7-406A-95C8-72C62B83B0FF}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{9DAF384E-F2E0-437A-8671-2EBDF4ADBEBC}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{67F9AFD4-C9AA-4A5E-98E0-BF18214DB350}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{3810A3DB-7D22-474F-B6E3-55A4809F3D2F}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{1C336F23-F321-43FA-813E-DCE8CB0ADF34}] => (Allow) E:\Lost Saga\Game\LostSaga\lostsaga.exe
FirewallRules: [{24382B1E-1BE6-4B78-9B14-0465B3E5659A}] => (Allow) E:\Lost Saga\Game\LostSaga\lostsaga.exe
FirewallRules: [{A04E4300-4A14-4804-854C-184330E8453B}] => (Allow) E:\Lost Saga\Game\LostSaga\autoupgrade.exe
FirewallRules: [{AB1A8701-108D-4E2A-9A9E-220401B024F8}] => (Allow) E:\Lost Saga\Game\LostSaga\autoupgrade.exe
FirewallRules: [{18971076-BE66-4EBA-A5DB-B0AD4A2D2ABB}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{600149A1-C894-4AB2-9A32-D7B26881CA0D}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe
FirewallRules: [{7FA8E5DA-4050-4E7B-84AF-9FBA634A6B1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5069A7FC-34F2-43D0-BB01-E9CA16815A28}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{35088861-8431-4327-B429-464356A6EEF8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4709BCEA-FD0B-44EB-ABB8-53E26094007C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{49B3C2FB-6D0A-4DE5-ABEB-586B4C7C51E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{6DB9D0D8-077E-4921-983E-6AF4CFA6AE92}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{573DB394-DA06-4AE0-9684-8829A534081E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{25DB524C-FC36-42A7-86E4-BDC9CC90F6E7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{3A91F594-ABE3-40E9-8CE6-663D5D81738F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{D8EFBB48-D433-4B90-BA0A-71A917D0B208}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{52A84570-4AAB-4735-998A-834BADAC16FD}] => (Allow) G:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{05722CE0-60BA-4030-AF88-17C8CD921C1D}] => (Allow) G:\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7F2F9740-FBB6-4E50-999F-971A528ECDAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{F0ED581E-D3F7-40FE-968E-6D4099D10FE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{AD8F8CD8-8F7D-41E3-A7AD-5F64D38C6172}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{C452F5B2-7C85-44FA-A4C2-F8E89213D128}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{A442F395-5141-40BF-841F-3046B0F368C2}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{D8B5DCA5-F617-4752-96A6-3351FE34D547}] => (Allow) G:\SteamLibrary\steamapps\common\Sven Co-op\svends.exe
FirewallRules: [{F8F444F9-E2E1-4782-9DB6-79A1F12C8E6B}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8C92487F-3FAA-4AB2-9769-86CF19A3B83E}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/12/2018 04:50:29 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FROST)
Description: المسالةالمسالة-2147467263
Error: (09/12/2018 04:50:29 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FROST)
Description: المسالةالمسالة-2147467263
Error: (09/12/2018 04:35:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1398
Faulting application start time: 0x01d44a4136feeac5
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: d78fe1c7-a242-487d-a199-76c9e77df6be
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:34:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1ab8
Faulting application start time: 0x01d44a41238a73c5
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: 226be654-267b-431c-a4c0-40e900a4e007
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:33:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x774
Faulting application start time: 0x01d44a40edcf0735
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: e5336cdb-a6b7-4ffb-a01f-dfd4c6064a2f
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:26:09 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: FROST)
Description: المسالةالمسالة-2147467263
Error: (09/12/2018 04:24:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1654
Faulting application start time: 0x01d44a3fbdaaf27e
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: 7f63b01e-0981-4997-9e43-94132ae0d96f
Faulting package full name:
Faulting package-relative application ID:
Error: (09/12/2018 04:24:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: diagtrack.dll, version: 10.0.17134.48, time stamp: 0xa8ce1be4
Exception code: 0xc0000409
Fault offset: 0x000000000001dd90
Faulting process id: 0x1e34
Faulting application start time: 0x01d44a3fa903ebcf
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: c:\windows\system32\diagtrack.dll
Report Id: 379a578f-ead6-463d-ba1d-3833a1cecf87
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (09/12/2018 06:09:07 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 06:01:15 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 05:31:08 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:55:39 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:49:54 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:35:34 AM) (Source: DCOM) (EventID: 10016) (User: FROST)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user FROST\Frost SID (S-1-5-21-160697542-1886492661-2065992700-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/12/2018 04:35:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Connected User Experiences and Telemetry service terminated unexpectedly. It has done this 3 time(s).
Error: (09/12/2018 04:34:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Connected User Experiences and Telemetry service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2018-09-12 04:36:05.022
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-12 04:24:40.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-12 03:59:59.187
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-08 02:15:14.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-07 18:20:29.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-07 07:48:30.976
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-03 18:31:06.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-08-25 05:12:19.082
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8050.91 MB
Available physical RAM: 4859.15 MB
Total Virtual: 13046.56 MB
Available Virtual: 9461.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:46.22 GB) (Free:14.76 GB) NTFS
Drive e: (DRV1_VOL2) (Fixed) (Total:325.95 GB) (Free:35.71 GB) NTFS
Drive f: (DRV1_VOL3) (Fixed) (Total:279.38 GB) (Free:38.24 GB) NTFS
Drive g: (DRV1_VOL4) (Fixed) (Total:279.61 GB) (Free:48.81 GB) NTFS
\\?\Volume{9ae9701e-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9AE9701E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=46.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=884.9 GB) - (Type=05)
==================== End of Addition.txt ============================
Broni
Posts: 56,041 +516
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Frosted5
Posts: 34 +0
Fix result of Farbar Recovery Scan Tool (x64) Version: 22.04.2018 01
Ran by Frost (13-09-2018 03:30:27) Run:1
Running from C:\Users\Frost\Downloads\Programs
Loaded Profiles: Frost (Available Profiles: Frost)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\MountPoints2: D - "D:\Autorun.exe"
S3 BluetoothUserService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 X6va066; \??\C:\Windows\SysWOW64\Drivers\X6va066 [X]
2018-08-03 05:53 - 2018-08-03 05:53 - 000000017 _____ () C:\Users\Frost\AppData\Local\resmon.resmoncfg
2018-09-09 22:33 - 2018-09-11 21:38 - 000000088 _____ () C:\Users\Frost\AppData\Local\Temp\109bc304f8f928a68f54a1ae49b4520c.dll
2018-09-09 22:31 - 2018-09-11 21:50 - 000000000 _____ () C:\Users\Frost\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll
Ran by Frost (13-09-2018 03:30:27) Run:1
Running from C:\Users\Frost\Downloads\Programs
Loaded Profiles: Frost (Available Profiles: Frost)
Boot Mode: Normal
==============================================
fixlist content:
*****************
HKU\S-1-5-21-160697542-1886492661-2065992700-1001\...\MountPoints2: D - "D:\Autorun.exe"
S3 BluetoothUserService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_4d612; C:\WINDOWS\system32\svchost.exe [51288 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_4d612; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-12] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 X6va066; \??\C:\Windows\SysWOW64\Drivers\X6va066 [X]
2018-08-03 05:53 - 2018-08-03 05:53 - 000000017 _____ () C:\Users\Frost\AppData\Local\resmon.resmoncfg
2018-09-09 22:33 - 2018-09-11 21:38 - 000000088 _____ () C:\Users\Frost\AppData\Local\Temp\109bc304f8f928a68f54a1ae49b4520c.dll
2018-09-09 22:31 - 2018-09-11 21:50 - 000000000 _____ () C:\Users\Frost\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll
Frosted5
Posts: 34 +0
2018-09-12 03:18 - 2018-08-03 05:38 - 001945792 _____ (Microsoft Corporation) C:\Users\Frost\AppData\Local\Temp\dllnt_dump.dll
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll -> No File
Frosted5
Posts: 34 +0
*****************
"HKU\S-1-5-21-160697542-1886492661-2065992700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => removed successfully
BluetoothUserService_4d612 => service not found.
BluetoothUserService_4d612 => service not found.
CaptureService_4d612 => service not found.
CaptureService_4d612 => service not found.
"HKLM\System\CurrentControlSet\Services\X6va066" => removed successfully
X6va066 => service removed successfully
C:\Users\Frost\AppData\Local\resmon.resmoncfg => moved successfully
C:\Users\Frost\AppData\Local\Temp\109bc304f8f928a68f54a1ae49b4520c.dll => moved successfully
C:\Users\Frost\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll => moved successfully
C:\Users\Frost\AppData\Local\Temp\dllnt_dump.dll => moved successfully
"HKU\S-1-5-21-160697542-1886492661-2065992700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => removed successfully
BluetoothUserService_4d612 => service not found.
BluetoothUserService_4d612 => service not found.
CaptureService_4d612 => service not found.
CaptureService_4d612 => service not found.
"HKLM\System\CurrentControlSet\Services\X6va066" => removed successfully
X6va066 => service removed successfully
C:\Users\Frost\AppData\Local\resmon.resmoncfg => moved successfully
C:\Users\Frost\AppData\Local\Temp\109bc304f8f928a68f54a1ae49b4520c.dll => moved successfully
C:\Users\Frost\AppData\Local\Temp\19480092594194a127310869d618ccd6.dll => moved successfully
C:\Users\Frost\AppData\Local\Temp\dllnt_dump.dll => moved successfully
Similar threads
