Solved Got a neighbors old computer, its a good one, but slow.

[Cuteykat1701]

My neighbor gave me his old computer he has had for about 5 yrs.
Its got alot of issues with speed.
Expecially when Im playing games(long load screens, lag, ect)
It also will randomly pop up a screen saying Im locked that makes a loud noise. I can clear it by simply closing the browser but it gets annoying.
Dont know if its a virus slowing it, or if its leftovers from programs long deleted or whatnot.
Any help would be appreciated. He told me you guys helped him fix similar issues in the past.

Also the Farbar Recovery thing it said to download, keeps getting flagged as infected by avast. So I dont know how to make the log you ask for.
Neighbor said he might still have it installed, but I cant find it. I see old frst logs tho.

 

[Broni]

Disable Avast momentarily and download FRST.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Cuteykat1701]

Download FRST, it stuck in an update loop evry few seconds pops up saying new update and stops everything like typing until I click ok each time.

 

[Cuteykat1701]

Fixed it by deleting and reinstalling. making logs now

 

[Cuteykat1701]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by mibut (administrator) on DESKTOP-CJUGRS5 (HP 580-023w) (07-06-2020 15:31:20)
Running from C:\Users\mibut\Downloads
Loaded Profiles: mibut
Platform: Windows 10 Home Version 1909 18363.836 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <3>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) RMT -> Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
(McAfee, Inc. -> McAfee LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee LLC) C:\Windows\System32\mfevtps.exe <2>
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\2.7.371.0\McCSPServiceHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <2>
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_7\mcapexe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <32>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mibut\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mibut\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingNews_4.39.21501.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.65.22001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-02-23] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [Google Update] => C:\Users\mibut\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8146520 2020-06-06] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7606344 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [gtarcade] => C:\Users\mibut\AppData\Local\Gtarcade\app\gtarcade.exe [4092344 2020-05-13] (上海游族互娱网络科技有限公司 -> )
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3372832 2020-04-27] (Valve -> Valve Corporation)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [AvastBrowserAutoLaunch_1916A628A6D1E6569E08E91212F5C97D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2000104 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mibut\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mibut\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\RunOnce: [Uninstall 20.052.0311.0011\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mibut\AppData\Local\Microsoft\OneDrive\20.052.0311.0011\amd64"
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\RunOnce: [Uninstall 20.052.0311.0011] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mibut\AppData\Local\Microsoft\OneDrive\20.052.0311.0011"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4223.139\Installer\chrmstp.exe [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2019-11-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-03-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E22C87-EC55-49D5-93DF-EC09EDC664CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2000104 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {014C1117-58D4-4396-98CA-B5A9573990DA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {057D9CD9-93B5-44B2-94AA-0CEFE0AC58A6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A2500DA-77CD-4CE4-97B6-23F05CE290C6} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {0F6FE593-F5CC-44B6-8260-F89F6FF36B18} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {13FE5011-23DB-453F-AF77-86E776BFAF22} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1015416 2017-07-24] (McAfee, Inc. -> McAfee, Inc.)
Task: {1B94DCCB-121C-4EC2-A2D1-1ECF1E8542DB} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {243A3715-DCFA-42D5-B90F-C2A38CD04B9A} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {2700F37A-1061-492D-B823-2D270EF16105} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23755640 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DD756AA-729F-4585-8295-8FFDB23E0CBE} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {37D93982-0D31-4EEB-8265-A35769ABD92B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [745296 2017-10-04] (McAfee, Inc. -> McAfee, Inc.)
Task: {38E1A4AF-96EA-48D0-8A2C-13964AAE8B3E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3929CD31-7A70-4D26-BF83-17599CF933F8} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {3AA2BACF-33CE-4E21-986B-2EC2EF7B39C3} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {43F71AE4-7EA6-4661-BE50-1405AF86FD55} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {478ADB9A-C2FA-4D00-A03E-CFB639C2BFD8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4F535FE1-91DD-44B3-B0B4-E4992C9D7F28} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1015416 2017-07-24] (McAfee, Inc. -> McAfee, Inc.)
Task: {597A2AF9-16C4-4096-A116-1BDD8ECD6C21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {5F31735D-F887-4202-A2B0-116896CA3CA1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6666B3FD-E25B-40E1-857D-A0C1AA9C3BDE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {6AAC37C9-28D9-4C48-AC68-A511722D7649} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {705AF40A-28C3-4909-8C2C-0016E7F1D792} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2417424753-1909548177-4206843061-1001Core => C:\Users\mibut\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-13] (Google Inc -> Google Inc.)
Task: {70E206BD-1192-4243-84D5-E04977ACB7CA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7BA0BACB-76AA-446A-A84A-13948C467B26} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {7BC1DABE-4C18-4A4F-ACE9-D1CD0C5B207F} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {86EDBC22-93F3-4BA2-9B24-0E1F0C06BA6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {8F3C00F4-B800-4BE1-BA0A-C2DF3231A21C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3314272 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {A136C36E-7486-488D-98E3-C520CABDB53F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {ADDF7C97-F958-4201-A0CC-4884CB064AF0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {B393725C-55BF-486D-BA17-C9DE9395C583} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4566248 2020-03-29] (McAfee, LLC -> McAfee, LLC)
Task: {B395F0E2-C27C-4EC7-A33C-6075805EA448} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {B3D82445-678E-4492-9973-3D0613B2F631} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {BB172566-2DE2-4225-900E-27B146683E3E} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe [4147336 2020-03-20] (McAfee, Inc. -> McAfee, LLC)
Task: {BC6EDE11-1F15-4E6F-BBAB-40D5251DC051} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-04-07] (HP Inc. -> HP Inc.)
Task: {C0274FAE-4BF4-45CE-800A-D3CF9E6A9EA0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124744 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C08A296A-9184-47E7-AD70-03F37237B9A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {C0DA44C6-A40E-4EC4-B924-02435E9C1758} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23755640 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4A6108C-6215-4DDA-9C9C-7C0FA2914578} - System32\Tasks\HPCeeScheduleFormibut => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {C5A8BA8D-A0C8-4DFA-9F58-83B16C69ABA7} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe [26747856 2020-05-19] (Wizards of the Coast, LLC -> Wizards of the Coast)
Task: {C80146BC-9CDB-472E-9904-204004B8F39A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0F98E24-9B5C-4925-AC1D-FAF4D83EF2D2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2417424753-1909548177-4206843061-1001UA => C:\Users\mibut\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-13] (Google Inc -> Google Inc.)
Task: {DD8DC957-5DD8-4CCF-AF4D-3A7E2644D724} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE0ADF7A-F559-47B3-8D63-5733C1C6FA00} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {E77F51EB-2F5A-470B-8897-DC2065A7A65F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA502CE4-F356-499C-8EA2-DE733B05A858} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC871212-693F-44B0-9C6D-AA53FE52B429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {ECFF51D6-146D-479A-A7BE-9FDC28BA8467} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124744 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3522EEF-1D90-44EC-8FAC-746424482F28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {FCD01B06-D723-4F35-961A-4C380F217849} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2000104 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {FD287C5A-48B0-4D7D-96E2-13420D09C5CE} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-28] (Dropbox, Inc -> DropboxOEM)
Task: {FDDC9557-0AED-4909-B8B1-037927599F6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFormibut.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exeϺ/I C:\Users\mibut\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,B35B3203FEB4CFFA576A27CB835D3E6 ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=C:\ AI_PREREQDIRS=C:\Users\mibut\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x86 AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-05-19T21:00:49.6599671Z TARGETLOCKED=TRUE TARGETDIR=C:\ APPDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8c4547c6-c007-43fb-b730-a71c6d9d44e0}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D042619-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D042619-N0700A9FCDBB39EF&form=CONBDF&conlogo=CT3335799&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)

Edge:
======
DownloadDir: C:\Users\mibut\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\mibut\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-07]
Edge DownloadDir: C:\Users\mibut\Downloads
Edge HomePage: Default -> hxxp://xfinity.com/
Edge StartupUrls: Default -> "hxxp://my.xfinity.com/"

FireFox:
========
FF DefaultProfile: o5egvgj2.default
FF ProfilePath: C:\Users\mibut\AppData\Roaming\Mozilla\Firefox\Profiles\o5egvgj2.default [2019-11-22]
FF Homepage: Mozilla\Firefox\Profiles\o5egvgj2.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-04-26 07:32:56&bName=&bitmask=0600
FF NewTab: Mozilla\Firefox\Profiles\o5egvgj2.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-04-26 07:32:56&bName=&bitmask=0600
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-01-21] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-12-21] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-12-21] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin HKU\S-1-5-21-2417424753-1909548177-4206843061-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mibut\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default [2020-05-11]
CHR Extension: (Slides) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Docs) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Google Drive) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-13]
CHR Extension: (YouTube) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-13]
CHR Extension: (Sheets) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Google Docs Offline) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4223.139\elevation_service.exe [1106528 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2018-02-22] (BitRaider LLC -> BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10637168 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc. -> McAfee, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182896 2016-10-13] (Intel(R) RMT -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [728808 2017-12-20] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2016-11-15] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [357840 2017-09-29] (McAfee, Inc. -> McAfee LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [509904 2017-09-29] (McAfee, Inc. -> McAfee LLC)
R3 mfevtp; C:\windows\system32\mfevtps.exe [466384 2017-09-29] (McAfee, Inc. -> McAfee LLC)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1666224 2017-12-19] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [782320 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (McAfee, Inc. -> Intel Security, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268344 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-06-06] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
S2 0271111589481137mcinstcleanup; C:\WINDOWS\TEMP\027111~1.EXE -cleanup -nolog [X]
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205896 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235088 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178768 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175208 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [506152 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-06-07] (Avast Software s.r.o. -> AVAST Software)

 

[Cuteykat1701]

S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [462600 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216824 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [322248 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-01-14] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2018-02-22] (BitRaider -> BitRaider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-22] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77280 2017-10-19] (McAfee, Inc. -> McAfee LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc. -> McAfee, Inc.)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34720 2016-10-13] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [492512 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355808 2017-10-19] (McAfee, Inc. -> McAfee LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84016 2017-10-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [506336 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [938464 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [507304 2017-11-15] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108456 2017-11-15] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115168 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252896 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_1683e6c24d03a407\nvlddmkm.sys [21776528 2019-07-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [49208 2017-05-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-07 15:31 - 2020-06-07 15:33 - 000044064 _____ C:\Users\mibut\Downloads\FRST.txt
2020-06-07 15:30 - 2020-06-07 15:31 - 002289152 _____ (Farbar) C:\Users\mibut\Downloads\FRST64.exe
2020-06-07 15:12 - 2020-06-07 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2020-06-07 04:57 - 2020-06-07 04:57 - 000000000 ___HD C:\$AV_ASW
2020-06-07 04:56 - 2020-06-07 15:32 - 000000000 ____D C:\FRST
2020-06-07 04:54 - 2020-06-07 04:58 - 000000000 ____D C:\Users\mibut\AppData\Local\AVAST Software
2020-06-07 04:54 - 2020-06-07 04:54 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-07 04:54 - 2020-06-07 04:54 - 000003454 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2020-06-07 04:54 - 2020-06-07 04:54 - 000003330 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2020-06-07 04:54 - 2020-06-07 04:54 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-06-07 04:54 - 2020-06-07 04:54 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-06-07 04:54 - 2020-06-07 04:54 - 000002546 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-06-07 04:54 - 2020-06-07 04:54 - 000002546 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-06-07 04:51 - 2020-06-07 04:51 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-06-07 04:51 - 2020-06-07 04:51 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-07 04:51 - 2020-06-07 04:51 - 000002159 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-07 04:50 - 2020-06-07 04:51 - 000255320 _____ (Asurvio, LP) C:\Users\mibut\Downloads\DSOne.exe
2020-06-07 04:47 - 2020-06-07 04:48 - 000322248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-06-07 04:47 - 2020-06-07 04:47 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-06-07 04:47 - 2020-06-07 04:46 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000506152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000462600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000335976 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-06-07 04:47 - 2020-06-07 04:46 - 000235088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000216824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000205896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000178768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000175208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000060496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-06-07 04:46 - 2020-06-07 04:46 - 000000000 ____D C:\Program Files\Avast Software
2020-06-07 04:45 - 2020-06-07 04:47 - 000000000 ____D C:\ProgramData\Avast Software
2020-06-07 04:45 - 2020-06-07 04:45 - 000230080 _____ (AVAST Software) C:\Users\mibut\Downloads\avast_free_antivirus_setup_online.exe
2020-05-17 01:53 - 2020-05-17 01:53 - 000000000 ____D C:\Users\mibut\AppData\LocalLow\United Soft Media Verlag GmbH
2020-05-13 19:05 - 2020-05-13 19:05 - 000000000 ___HD C:\ProgramData\temp
2020-05-13 17:20 - 2020-05-13 17:20 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 007822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 005098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 002073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-13 17:20 - 2020-05-13 17:20 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-05-13 17:20 - 2020-05-13 17:20 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 022638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 019851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 007267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 004612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 003513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-13 17:19 - 2020-05-13 17:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-05-13 17:19 - 2020-05-13 17:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-05-13 17:19 - 2020-05-13 17:19 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 001393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-13 17:19 - 2020-05-13 17:19 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll

 

[Cuteykat1701]

2020-05-13 17:19 - 2020-05-13 17:19 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-05-13 17:19 - 2020-05-13 17:19 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-05-13 17:19 - 2020-05-13 17:19 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-13 17:18 - 2020-05-13 17:18 - 009929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 009339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 007902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 006435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 006168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 005280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 003807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 003655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 002854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-13 17:18 - 2020-05-13 17:18 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll

 

[Cuteykat1701]

2020-05-13 17:18 - 2020-05-13 17:18 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-13 17:17 - 2020-05-13 17:18 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 006232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 002504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-13 17:17 - 2020-05-13 17:17 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-07 15:32 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-07 15:07 - 2020-02-22 01:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-07 06:33 - 2018-04-07 08:24 - 000000000 ____D C:\Users\mibut\AppData\LocalLow\Mozilla
2020-06-07 06:25 - 2017-11-30 16:04 - 000000000 ____D C:\Users\mibut\AppData\Local\Battle.net
2020-06-07 04:53 - 2018-02-03 11:28 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-06-07 04:52 - 2018-01-21 15:48 - 000000000 ____D C:\Users\mibut\AppData\Roaming\AVAST Software
2020-06-07 04:47 - 2019-03-18 22:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-06 20:34 - 2017-08-24 09:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-06 17:01 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-06 17:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-06 07:42 - 2020-03-13 17:59 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-06 07:42 - 2020-03-13 17:59 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-06 07:42 - 2020-03-13 17:59 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-04 17:06 - 2018-01-10 00:10 - 000000000 ____D C:\Users\mibut\AppData\Local\Packages
2020-06-04 08:53 - 2018-05-18 18:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 19:07 - 2017-11-30 22:51 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2020-05-31 00:46 - 2017-08-24 09:32 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-05-30 12:17 - 2020-02-22 01:56 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleFormibut
2020-05-30 12:17 - 2020-01-14 23:53 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormibut.job
2020-05-29 22:13 - 2020-04-25 21:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-29 10:45 - 2019-06-18 17:54 - 000000000 ____D C:\Program Files\UNP
2020-05-29 07:30 - 2017-11-30 16:03 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-05-26 07:36 - 2020-03-13 17:59 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-05-26 07:36 - 2020-03-13 17:59 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-05-21 21:46 - 2017-11-30 15:40 - 000000000 ___RD C:\Users\mibut\OneDrive
2020-05-21 21:45 - 2020-02-22 01:56 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2417424753-1909548177-4206843061-1001
2020-05-21 21:45 - 2020-02-22 01:39 - 000002374 _____ C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-21 18:43 - 2017-12-13 14:53 - 000002509 _____ C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-19 15:01 - 2020-04-17 07:35 - 000004708 _____ C:\WINDOWS\system32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}
2020-05-19 15:01 - 2020-04-17 07:35 - 000002412 ____H C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job
2020-05-17 01:56 - 2017-11-30 15:37 - 000000000 ____D C:\Users\mibut\AppData\Local\ConnectedDevicesPlatform
2020-05-17 01:53 - 2020-04-25 21:32 - 000000000 ____D C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-14 15:00 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-14 12:32 - 2017-08-24 10:38 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-05-13 19:11 - 2020-02-22 01:49 - 000936976 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-13 19:08 - 2019-08-06 09:29 - 000000000 ____D C:\Users\mibut\AppData\Local\Gtarcade
2020-05-13 19:06 - 2018-01-10 09:19 - 000000000 ___RD C:\Users\mibut\3D Objects
2020-05-13 19:06 - 2017-08-24 10:30 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-13 19:06 - 2017-03-17 21:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-13 19:05 - 2020-02-22 01:33 - 000444408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-13 19:05 - 2019-03-18 22:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-13 19:04 - 2020-02-22 01:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-13 19:03 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-13 19:02 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-13 19:02 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\PerfLogs
2020-05-13 17:35 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-13 17:30 - 2017-11-30 16:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-13 17:25 - 2017-11-30 16:17 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-13 17:17 - 2020-02-22 01:36 - 002874880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

[Cuteykat1701]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by mibut (07-06-2020 15:35:01)
Running from C:\Users\mibut\Downloads
Windows 10 Home Version 1909 18363.836 (X64) (2020-02-22 07:57:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2417424753-1909548177-4206843061-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2417424753-1909548177-4206843061-503 - Limited - Disabled)
Guest (S-1-5-21-2417424753-1909548177-4206843061-501 - Limited - Disabled)
mibut (S-1-5-21-2417424753-1909548177-4206843061-1001 - Administrator - Enabled) => C:\Users\mibut
WDAGUtilityAccount (S-1-5-21-2417424753-1909548177-4206843061-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 81.1.4223.139 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.915.0 - AVAST Software) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-01b6d92e-5029-4c59-9ab2-2e7a9005dc9d) (Version: 3.0.2.48 - WildTangent) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7503 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC)
GTarcade (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\gtarcade) (Version: 2.1.0.3045 - YOOZOO Games)
GTarcade (HKU-x32\S-1-5-21-2417424753-1909548177-4206843061-1001\...\gtarcade) (Version: 2.0.0.1075 - YOOZOO Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}) (Version: 1.3.0.423 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}) (Version: 1.3.423.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.8.26.13 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{183BD477-774B-4700-B40B-EE43886E74D2}) (Version: 12.16.22.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.18 - HP Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{CC3C017C-876D-4A31-A128-593FF92A1FE7}) (Version: 1.1.70.528 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iPod Support (HKLM\...\{4B5933A1-A781-400E-B4A2-3ECC375375E4}) (Version: 120.7.3.55 - Apple Inc.)
Letter Quest - Grimm's Journey (HKLM-x32\...\WTA-92e34ed3-e3bb-4594-909c-23535f7c1c8e) (Version: 3.0.2.118 - WildTangent) Hidden
LINE (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\LINE) (Version: 5.11.4.1836 - LINE Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R7 - McAfee, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12827.20268 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft OneDrive (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MTG Arena (HKLM-x32\...\{F62E5477-A813-448F-AD6C-34FB7C31E360}) (Version: 0.1.1790 - Wizards of the Coast)
Mystika 2 (HKLM-x32\...\WTA-6bcc19ce-71db-4d4c-b7d3-a663afda0bd4) (Version: 1.1.2.4 - WildTangent) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0516 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0516 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20268 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
RogueKiller version 12.12.34.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.34.0 - Adlice Software)
Runefall (HKLM-x32\...\WTA-6127a291-0ce8-4972-8927-8b48dad7eb90) (Version: 3.0.2.126 - WildTangent) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Sparkle 2 (HKLM-x32\...\WTA-d3f11148-db3c-4e0d-b42d-86cbc038bc40) (Version: 3.0.2.51 - WildTangent) Hidden
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Unity Web Player (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com)
Web Companion (HKLM-x32\...\{b240e869-bc42-44a7-a069-f8d23f06d83e}) (Version: 6.0.2270.4122 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24125}) (Version: 24.0.13650 - Corel Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.169.300.0_x86__kgqvnymyfvs32 [2020-06-02] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.1.0.10_x86__h6adky7gbf63m [2020-06-02] (Gameloft SE)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-08-24] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa [2020-05-21] (Apple Inc.) [Startup Task]
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-29] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.39.21501.0_x64__8wekyb3d8bbwe [2020-06-01] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-11] (Netflix, Inc.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-11-30] (Plex)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.18.78.0_x64__kx24dqmazqk8j [2020-03-02] (Random Salad Games LLC) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-05-28] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\mibut\AppData\Local\Google\Chrome\Application\83.0.4103.61\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\mibut\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\mibut\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\mibut\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f1f36ebe66fce5e5\Google Chrome.lnk -> C:\Users\mibut\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUDU - Streaming Movies.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=*&locale=en_us&pf=cndt&s=VUDU_URL&tp=startmenu

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mibut\Downloads\avast_free_antivirus_setup_online.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\DSOne.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\FRST64.exe:SmartScreen [7]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 15:03 - 2019-01-04 04:14 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mibut\OneDrive\Pictures\Rey.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip PreLoader"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A1BDD902-943B-4334-938C-BD2E3939DED1}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{20AD8E14-F84C-457B-A9ED-EB8177204DA0}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{22ED328F-38BA-48E6-9121-59ED1685ED3F}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{941DD0F1-E9FF-470D-83CF-F73E081DBDD1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{68484261-70BF-4194-9555-8E3600B3D1B0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{3B5FFFE6-2548-4A43-99BE-D35C29A067C5}C:\users\mibut\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mibut\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{16C97EF7-A1C1-4A07-BE92-4B9B9707AE24}C:\users\mibut\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mibut\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A241F580-3C98-415D-9D1F-CFD7FDF665D6}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{00F7EAB0-B76E-483F-8DB9-A1D99EAEC277}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{5C39094F-4A83-4391-AAB7-44BC59F0FB1D}] => (Allow) C:\Users\mibut\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{E219C1F5-7987-44DB-9538-8001090434FD}] => (Allow) C:\Users\mibut\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{4D30C7AA-CD2C-4C84-BB71-0A46313939C5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{2C2A1A83-9220-493B-A9BB-1FFC1841DCDF}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{98EDA17C-6463-4EFD-8096-E4CB012B69DF}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A2F38A76-AAC8-439E-9B6E-1C972676A64E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{213A9662-B0C6-43E6-857D-88590AB874DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{3CA61BB5-16C7-473B-8BD5-64D8B1FC7DA6}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [{26CEEBA7-9D5F-46F2-9A74-1E3CD1D91C34}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [{61BCF1EA-B8B0-4266-AFEC-222448FD4CC5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [{2B7D4DBC-ADE7-4927-9C3C-73DE196C93F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [UDP Query User{9B865DC6-DDFE-4863-997B-2FAC3FB3BF3C}C:\program files (x86)\arc\arcchat.exe] => (Allow) C:\program files (x86)\arc\arcchat.exe => No File
FirewallRules: [TCP Query User{1C13A94C-A1A7-4F42-80F7-9F907F06B58C}C:\program files (x86)\arc\arcchat.exe] => (Allow) C:\program files (x86)\arc\arcchat.exe => No File
FirewallRules: [{14EAAEE9-E424-44ED-AF33-C7822D5331F6}] => (Allow) LPort=13148
FirewallRules: [{66E9426F-4FA7-4429-8BC9-5EB3D7EA4D3A}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe (HP Inc. -> HP Inc.)
FirewallRules: [UDP Query User{C32EBFD4-4743-43BF-9B77-526B8D99EDC5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe] => (Allow) C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe => No File
FirewallRules: [TCP Query User{683262DC-65EB-4DB7-AEE8-432192F643C5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe] => (Allow) C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe => No File
FirewallRules: [{4BA9337E-58C0-4933-9E77-A4E58FCC6CCF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2C69E28-0B0C-4D85-A026-2DC95CEFBFB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC69B604-027F-46A9-9419-716AE4F13163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{63C44D8F-A26D-4B88-A2B1-725B75A2F274}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F1A8874-6324-4D4F-A6D4-4A93E75597AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A3915C98-52C8-42E6-87B9-DE347D9C7DB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26FE87DE-ABF6-4D09-B561-FA440ACD1ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{1C6722D5-E121-4A0C-9182-9E1A9DAC9FC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9AB01026-20E3-4605-BDAA-2ED134C6C247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F84BC97-434A-4960-8E3B-E31359033C18}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E3742839-AB11-4CC0-8B72-D30C86FE9245}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{E5070A02-CD25-4605-817D-BE69868264A2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{3BB1B2E4-B5F5-4EC1-BDB8-6E34ACA5AD3E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{ADB1D5E5-340B-45BA-B4ED-6A9D08DB9E9F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{0F3FB5F8-04C6-4405-9C62-9041CE4D19C4}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{4987065C-6824-4D6F-9183-374793EC5432}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{9DC24332-1FC8-4F27-BF9D-4F28E6FD225B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AC02C539-60BF-4E06-B0E2-FC388E8D1273}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BDA92F3-78DD-4904-BFF8-3E01347ED7EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3891EF37-229D-4302-85A3-E6E0A8F7C415}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DDE4EE5-45ED-4636-910E-72B809856C11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FCA31944-D8C6-459B-A267-1C030AE466A1}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{903566A7-00BB-428C-9761-7D67B5938A34}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{61A9AE27-E321-49C0-A98B-FA6EADF01B63}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LINE.exe => No File
FirewallRules: [{8CF81C17-98CB-4500-9444-5F82E05D8AA7}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LINE.exe => No File
FirewallRules: [{2F972916-D2C3-4AC8-8C4F-D61EE5B8EC66}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LineUpdater.exe => No File
FirewallRules: [{5305DBC0-1093-4BD7-992C-6B020036A459}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LineUpdater.exe => No File
FirewallRules: [{8E0A84EF-9192-480E-8F22-C612A0053911}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B7BBD75-3059-456E-9E37-29D3D3BEC2A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{540E65B3-6DFA-4D28-98DF-542F97C66F9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B99BCB9A-D1EA-4B1B-A0BE-2B5ACAB43F21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0386BBB5-3EE2-4EB9-88DD-EECFC473A63F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D2C3EB02-8037-41ED-86D8-6E3E29DFB972}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VEGA Conflict\VEGAConflict.exe () [File not signed]
FirewallRules: [{2057DCFF-2714-4190-9E50-80E1FCE4C9F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VEGA Conflict\VEGAConflict.exe () [File not signed]
FirewallRules: [{B17A1752-0C36-482B-879B-FA103E9DE500}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DD4410CB-FF48-444B-A151-E5CC12C137A3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1BCE4ACB-F4F4-46CF-A0A9-282B9F4F5F52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{E849A941-BE1D-48A0-83F0-99E0529A4207}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{5AFC80DA-D1D0-4826-8255-A16B2B5ABC29}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4E628A41-0381-4AAC-8C65-38FACD0B4CBA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99B15575-3EC9-486D-A37A-0AB0DCDF5A79}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{827A1F88-CEC0-40A6-A4A2-D96E54902C8E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABFA7D04-B6DF-4E58-96A1-5AD4F667D8B4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9D73447-87A7-40D6-9BB8-6784B7D828A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{684F81EA-0169-41C0-8F05-DEBABBBB0F6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E561FBDB-B919-4CAD-85AC-4EF3192F248D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1BB98C3D-E74E-47D7-9127-A244D9EDA9E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0188FC53-6831-4C66-A5CA-11FEAB7E3E67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A356EDF-33E2-46AB-8154-3D5F919A93E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{663685C7-3243-4870-A4E4-10D14835F442}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D0480C9-76B0-4689-A113-D91EA5993841}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C62AACAD-7738-44D4-B71B-52767FE27D31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC5485B5-AC82-42F3-8A2A-7C1E49671DB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF6E8F30-48F7-4466-AD1B-31745A5B63BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{51F065FB-FE08-4ABA-B1B2-F3161C8CB177}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF4DFAAE-42C3-4176-93A6-1B53CBA42A0B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

19-05-2020 15:01:21 Installed MTGA Launcher
31-05-2020 02:10:33 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/07/2020 03:26:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 29.5.2020.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 5498

Start Time: 01d63d1244a32f74

Termination Time: 4294967295

Application Path: C:\Users\mibut\Downloads\FRST64.exe

Report Id: 2fc62e1a-a964-4c59-89d8-cfe5cd3907c3

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (06/07/2020 03:20:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 29.5.2020.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 24a4

Start Time: 01d63d11747de766

Termination Time: 4294967295

Application Path: C:\Users\mibut\Downloads\FRST64.exe

Report Id: a6965ed9-6a60-4891-be3d-97f403c21abe

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (06/07/2020 03:15:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3848,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/07/2020 03:09:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RemindersServer.exe version 10.0.18362.752 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 5890

Start Time: 01d63b4144d97d2c

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

Report Id: a36e9ad5-f6cc-4a6d-bf99-e709f70763cc

Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Hang type: Quiesce

Error: (06/07/2020 06:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7000

Error: (06/07/2020 06:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7000

Error: (06/07/2020 06:43:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/07/2020 06:43:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5344


System errors:
=============
Error: (06/05/2020 09:02:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CJUGRS5)
Description: The server Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca did not register with DCOM within the required timeout.

Error: (06/05/2020 09:02:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CJUGRS5)
Description: The server Microsoft.People_10.1909.10841.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca did not register with DCOM within the required timeout.

Error: (06/05/2020 09:02:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CJUGRS5)
Description: The server CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke!App.AppXk48pvprhnmbpxb9mn1fzqfhtnafp2k50.mca did not register with DCOM within the required timeout.

Error: (06/04/2020 09:32:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CJUGRS5)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!Cortana.ActionUris.ActionUri did not register with DCOM within the required timeout.

Error: (06/03/2020 05:03:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CJUGRS5)
Description: The server Microsoft.People_10.1909.10841.0_x64__8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca did not register with DCOM within the required timeout.

Error: (05/31/2020 01:49:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CJUGRS5)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaPlaces.PlaceStore did not register with DCOM within the required timeout.

Error: (05/25/2020 05:19:14 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (05/23/2020 12:24:18 AM) (Source: Netwtw04) (EventID: 5035) (User: )
Description: 5035 - Driver OSC Pending OID watchdog


Windows Defender:
===================================
Date: 2020-06-02 14:43:45.060
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

Trojan:HTML/FakeAlert!MSR threat description - Microsoft Security Intelligence

Name: Trojan:HTML/FakeAlert!MSR
ID: 2147744081
Severity: Severe
Category: Trojan
Path: file:_C:\Users\mibut\Downloads\This computer is BLOCKED.html; webfile:_C:\Users\mibut\Downloads\This computer is BLOCKED.html|http://138.68.251.107/xxxwinchrome0...html|pid:4752,ProcessStart:132356042235305004
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.317.467.0, AS: 1.317.467.0, NIS: 1.317.467.0
Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2

Date: 2020-05-27 17:59:15.788
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.54.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===================================

Date: 2020-06-07 15:30:55.739
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:55.737
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:55.723
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:55.721
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:32.226
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:32.224
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:32.169
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-07 15:30:32.154
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: AMI F.10 03/30/2017
Motherboard: HP 82F1
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 61%
Total physical RAM: 8127.92 MB
Available physical RAM: 3108.18 MB
Total Virtual: 15551.92 MB
Available Virtual: 6313.54 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:918.43 GB) (Free:705.67 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.85 GB) (Free:1.44 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{151c66e5-c7c5-4043-8f99-d10811ddbea8}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.49 GB) NTFS
\\?\Volume{890f18f1-083f-49a7-9053-645d8de06a3c}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E10C852)

Partition: GPT.

==================== End of Addition.txt =======================

 

[Broni]

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

• Close all the running programs
• Double click on downloaded setup.exe file to install the program.
• Click on Start Scan button.
• Click on another Start Scan button.
• Wait until the Status box shows Scan Finished
• Click on Remove Selected.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

• Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
• Then click Finish.
• Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
• If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
• When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
• Restart your computer when prompted to do so.
• The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8/10 users right-click and select Run As Administrator
• The tool will start to update the database if one is required.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Logfile button.
• A window will open which lists the logs of your scans.
• Click on the Scan tab.
• Double-click the most recent scan which will be at the top of the list....the log will appear.
• Review the results...see note below
• After reviewing the log, click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
• To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
• Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
• A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

 

[Cuteykat1701]

RogueKiller Anti-Malware V14.5.0.0 (x64) [May 27 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : mibut [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200608_121847, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/06/09 13:20:09 (Duration : 00:12:48)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.WebCompanion|PUP.Gen1 (Potentially Malicious)] Lavasoft.WCAssistant.WinService.exe [LAVASOFT SOFTWARE CANADA INC] -- %programfiles(x86)%\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe -> Killed [Tree]
[PUP.WebCompanion|PUP.Gen1 (Potentially Malicious)] WebCompanion.exe [LAVASOFT SOFTWARE CANADA INC] -- %programfiles(x86)%\Lavasoft\Web Companion\Application\WebCompanion.exe -> Killed [Tree]
[Suspicious.Path (Potentially Malicious)] 0271111589481137mcinstcleanup -- %SystemRoot%\TEMP\027111~1.EXE -> Stopped
[PUP.Gen0 (Potentially Malicious)] WCAssistantService [LAVASOFT SOFTWARE CANADA INC] -- %programfiles(x86)%\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe -> Stopped
[PUP.WebCompanion|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2417424753-1909548177-4206843061-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion -- [%programfiles(x86)%\Lavasoft\Web Companion\Application\WebCompanion.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\0271111589481137mcinstcleanup -- [%SystemRoot%\TEMP\027111~1.EXE] -> Deleted
[PUP.Gen0 (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WCAssistantService -- [%programfiles(x86)%\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe] -> Deleted
[PUP.Gen1 (Potentially Malicious)] Web Companion -- %_mibut_appdata%\Lavasoft\Web Companion -> Deleted
=> FData.txt -- C:\Users\mibut\AppData\Roaming\Lavasoft\WEBCOM~1\Options\FData.txt [1]
=> IData.txt -- C:\Users\mibut\AppData\Roaming\Lavasoft\WEBCOM~1\Options\IData.txt [1]
=> Language.txt -- C:\Users\mibut\AppData\Roaming\Lavasoft\WEBCOM~1\Options\Language.txt [1]
=> Options -- C:\Users\mibut\AppData\Roaming\Lavasoft\WEBCOM~1\Options [1]
[PUP.Gen1 (Potentially Malicious)] Web Companion -- %programdata%\Lavasoft\Web Companion -> Deleted
=> bing.ico -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Icons\bing.ico [1]
=> Icons -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Icons [1]
=> webcompanion.log -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Logs\WEBCOM~1\WEBCOM~1.LOG [1]
=> Webcompanion -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Logs\WEBCOM~1 [1]
=> WCAssistantServiceLog.log -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Logs\WINDOW~1\WCASSI~1.LOG [1]
=> Wcf.log -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Logs\WINDOW~1\Wcf.log [1]
=> WindowsService -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Logs\WINDOW~1 [1]
=> Logs -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Logs [1]
=> ActiveFeatures.zip -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\ACTIVE~1.ZIP [1]
=> AppSettings.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\APPSET~1.TXT [1]
=> b_search.json -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\B_SEAR~1.JSO [1]
=> ChannelInfo.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\CHANNE~1.TXT [1]
=> comresponse.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\COMRES~1.TXT [1]
=> com_ff_messaging.json -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\COM_FF~1.JSO [1]
=> config.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\config.txt [1]
=> CurrentReleaseNotes.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\CURREN~1.TXT [1]
=> EventSafeguard.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\EVENTS~1.TXT [1]
=> FeatureActions.zip -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\FEATUR~1.ZIP [1]
=> install.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\install.txt [1]
=> LatestReleaseNotes.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\LATEST~1.TXT [1]
=> partner.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\partner.txt [1]
=> ProfileInfo.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\PROFIL~1.TXT [1]
=> SearchInfo.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\SEARCH~1.TXT [1]
=> ServicePartnerInfo.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\SERVIC~1.TXT [1]
=> Statistics.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\STATIS~1.TXT [1]
=> UpdateServer.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\UPDATE~1.TXT [1]
=> UpgradeAttemptInfo.txt -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options\UPGRAD~1.TXT [1]
=> Options -- C:\PROGRA~3\Lavasoft\WEBCOM~1\Options [1]
[PUP.WebCompanion|PUP.Gen1 (Potentially Malicious)] Web Companion -- %programfiles(x86)%\Lavasoft\Web Companion -> Deleted
=> Ad-Aware Web Companion.exe -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\AD-AWA~1.EXE [1]
=> BCUEngineS.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\BCUENG~1.DLL [1]
=> BCUSDK.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\BCUSDK.dll [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\de-DE\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\de-DE\WEBCOM~2.DLL [1]
=> de-DE -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\de-DE [1]
=> DotNetZip.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\DOTNET~1.DLL [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\en-US\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\en-US\WEBCOM~2.DLL [1]
=> en-US -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\en-US [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\es-ES\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\es-ES\WEBCOM~2.DLL [1]
=> es-ES -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\es-ES [1]
=> Esent.Interop.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ESENTI~1.DLL [1]
=> @wcextensionff.xpi -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\EXTENS~1\@WCEXT~1.XPI [1]
=> Extension -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\EXTENS~1 [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\fr-CA\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\fr-CA\WEBCOM~2.DLL [1]
=> fr-CA -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\fr-CA [1]
=> ICSharpCode.SharpZipLib.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ICSHAR~1.DLL [1]
=> Interop.IWshRuntimeLibrary.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\INTERO~1.DLL [1]
=> Interop.LavasoftTcpServiceLib.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\INTERO~2.DLL [1]
=> Interop.SHDocVw.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\INTERO~3.DLL [1]
=> Interop.Shell32.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\INTERO~4.DLL [1]
=> Interop.WUApiLib.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\INED41~1.DLL [1]
=> Ionic.Zip.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\IONICZ~1.DLL [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\it-IT\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\it-IT\WEBCOM~2.DLL [1]
=> it-IT -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\it-IT [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ja-JP\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ja-JP\WEBCOM~2.DLL [1]
=> ja-JP -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ja-JP [1]
=> Lavasoft.adblocker.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAVASO~1.DLL [1]
=> Lavasoft.AppCore.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAVASO~2.DLL [1]
=> Lavasoft.Automation.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAVASO~3.DLL [1]
=> Lavasoft.Compression.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAVASO~4.DLL [1]
=> Lavasoft.CSharp.Utilities.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA56C0~1.DLL [1]
=> Lavasoft.Events.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LADD15~1.DLL [1]
=> Lavasoft.Extension.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA94E1~1.DLL [1]
=> Lavasoft.IEController.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA21E8~1.DLL [1]
=> Lavasoft.Omni.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA0D41~1.DLL [1]
=> Lavasoft.SearchProtect.Business.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAE30D~1.DLL [1]
=> Lavasoft.SearchProtect.Repositories.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA2CAC~1.DLL [1]
=> Lavasoft.Settings.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LADDAC~1.DLL [1]
=> Lavasoft.SysInfo.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAC1FE~1.DLL [1]
=> Lavasoft.Utils.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA04CD~1.DLL [1]
=> Lavasoft.Utils.SqlLite.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA84A0~1.DLL [1]
=> Lavasoft.WCAssistant.Service.Logger.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LA8AF0~1.DLL [1]
=> Lavasoft.WCAssistant.WcfService.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LACECB~1.DLL [1]
=> Lavasoft.WCAssistant.WinService.exe -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAVASO~1.EXE [1]
=> Lavasoft.WCAssistant.WinService.exe.config -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LAVASO~1.CON [1]
=> liblz4.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\liblz4.dll [1]
=> log4net.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\log4net.dll [1]
=> LZ4.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\LZ4.dll [1]
=> Microsoft.mshtml.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\MICROS~1.DLL [1]
=> MozCompressor.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\MOZCOM~1.DLL [1]
=> NCalc.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\NCalc.dll [1]
=> Newtonsoft.Json.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\NEWTON~1.DLL [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\pt-BR\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\pt-BR\WEBCOM~2.DLL [1]
=> pt-BR -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\pt-BR [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ru-RU\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ru-RU\WEBCOM~2.DLL [1]
=> ru-RU -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\ru-RU [1]
=> System.Data.SQLite.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\SYSTEM~1.DLL [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\tr-TR\WEBCOM~1.DLL [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\tr-TR\WEBCOM~2.DLL [1]
=> tr-TR -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\tr-TR [1]
=> ucrtbased.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\UCRTBA~1.DLL [1]
=> vcruntime140d.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\VCRUNT~1.DLL [1]
=> WcCommunication.exe -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WCCOMM~1.EXE [1]
=> WcCommunication.exe.config -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WCCOMM~1.CON [1]
=> WebcompaionReimageIcon.ico -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~1.ICO [1]
=> WebCompanion.exe -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~1.EXE [1]
=> WebCompanion.exe.config -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~1.CON [1]
=> WebCompanion.Loader.exe -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~2.EXE [1]
=> WebCompanionExtensionIE.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~1.DLL [1]
=> WebCompanionIcon.ico -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~2.ICO [1]
=> WebCompanionIcon_Pro.ico -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~3.ICO [1]
=> WebCompanionInstaller.exe -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~3.EXE [1]
=> WebCompanionInstaller.exe.config -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~2.CON [1]
=> WebCompanionInstaller.pdb -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\WEBCOM~1.PDB [1]
=> SQLite.Interop.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\x64\SQLITE~1.DLL [1]
=> x64 -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\x64 [1]
=> SQLite.Interop.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\x86\SQLITE~1.DLL [1]
=> x86 -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\x86 [1]
=> WebCompanionInstaller.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\zh-CHS\WEBCOM~1.DLL [1]
=> zh-CHS -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\zh-CHS [1]
=> WebCompanion.resources.dll -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\zh-Hans\WEBCOM~1.DLL [1]
=> zh-Hans -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1\zh-Hans [1]
=> Application -- C:\PROGRA~2\Lavasoft\WEBCOM~1\APPLIC~1 [1]
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- Bing Default Search -> Deleted
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- Bing Default Search -> Deleted

 

[Cuteykat1701]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/9/20
Scan Time: 1:26 PM
Log File: 18fe9a3a-aa87-11ea-a72f-100501452b6a.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.931
Update Package Version: 1.0.25274
License: Trial

-System Information-
OS: Windows 10 (Build 18362.836)
CPU: x64
File System: NTFS
User: DESKTOP-CJUGRS5\mibut

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 287312
Threats Detected: 7
Threats Quarantined: 7
Time Elapsed: 4 min, 34 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, 194, 236865, , , ,
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, 194, 236865, , , ,
PUP.Optional.Conduit, HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, 194, 236865, 1.0.25274, , ame,

Registry Value: 2
PUP.Optional.Conduit, HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, 194, 236865, 1.0.25274, , ame,
PUP.Optional.Conduit, HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, Quarantined, 194, 236865, 1.0.25274, , ame,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
PUP.Optional.BundleInstaller, C:\USERS\MIBUT\DOWNLOADS\UTORRENT.EXE, Quarantined, 510, 800966, 1.0.25274, , ame,
Generic.Malware/Suspicious, C:\WINDOWS\TEMP\WCTMP_5537628\WCINSTALLER.EXE, Quarantined, 0, 392686, 1.0.25274, , shuriken,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

[Cuteykat1701]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-19.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-09-2020
# Duration: 00:01:04
# OS: Windows 10 Home
# Cleaned: 84
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\mibut\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG

***** [ Files ] *****

Deleted C:\Windows\Temp\WebCompanion.zip

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\download.driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tangocard.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.tangocard.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\download.driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tangocard.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.tangocard.com
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b240e869-bc42-44a7-a069-f8d23f06d83e}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b240e869-bc42-44a7-a069-f8d23f06d83e}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b240e869-bc42-44a7-a069-f8d23f06d83e}|UninstallString
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted Bing Default Search
Deleted Bing Default Search
Deleted Bing Default Search
Deleted Bing Default Search
Deleted https://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-04-26 07:32:56&bName=&bitmask=0600
Deleted https://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-04-26 07:32:56&bName=&bitmask=0600

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AAC37C9-28D9-4C48-AC68-A511722D7649}
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted Preinstalled.HPJumpStartApps Folder C:\Program Files (x86)\HP\HP JUMPSTART APPS
Deleted Preinstalled.HPJumpStartApps Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\HP JumpStart Apps
Deleted Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}
Deleted Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC1DABE-4C18-4A4F-ACE9-D1CD0C5B207F}
Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Deleted Preinstalled.HPJumpStartLaunch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}
Deleted Preinstalled.HPJumpStartLaunch Task C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Deleted Preinstalled.HPOrbit File C:\Users\mibut\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Orbit.lnk
Deleted Preinstalled.HPOrbit Folder C:\Program Files\HP\HP ORBIT
Deleted Preinstalled.HPOrbit Folder C:\Program Files\HP\HP ORBIT SERVICE
Deleted Preinstalled.HPOrbit Folder C:\ProgramData\HP\HP ORBIT
Deleted Preinstalled.HPOrbit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1A083C69-5382-4CF9-8074-80EC050D9FC8}
Deleted Preinstalled.HPOrbit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B384505E-0FE1-4A0F-9E92-7C592276E0A4}
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\mibut\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\mibut\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{183BD477-774B-4700-B40B-EE43886E74D2}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-vegasworld
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Not Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12961 octets] - [09/06/2020 13:38:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

 

[Broni]

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

• Double click to run it.
• Press Scan button.
• Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

 

[Cuteykat1701]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by mibut (administrator) on DESKTOP-CJUGRS5 (HP 580-023w) (09-06-2020 14:40:25)
Running from C:\Users\mibut\Downloads
Loaded Profiles: mibut
Platform: Windows 10 Home Version 1909 18363.836 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunesHelper.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <3>
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) RMT -> Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
(McAfee, Inc. -> McAfee LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee LLC) C:\Windows\System32\mfevtps.exe <2>
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\2.7.371.0\McCSPServiceHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <2>
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_7\mcapexe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mibut\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mibut\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20290.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [108136 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-02-23] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [Google Update] => C:\Users\mibut\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7606344 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [gtarcade] => C:\Users\mibut\AppData\Local\Gtarcade\app\gtarcade.exe [4092344 2020-05-13] (上海游族互娱网络科技有限公司 -> )
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Run: [AvastBrowserAutoLaunch_1916A628A6D1E6569E08E91212F5C97D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2000104 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4223.139\Installer\chrmstp.exe [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2019-11-02]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-03-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E22C87-EC55-49D5-93DF-EC09EDC664CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2000104 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {014C1117-58D4-4396-98CA-B5A9573990DA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {057D9CD9-93B5-44B2-94AA-0CEFE0AC58A6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A2500DA-77CD-4CE4-97B6-23F05CE290C6} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {0F6FE593-F5CC-44B6-8260-F89F6FF36B18} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13FE5011-23DB-453F-AF77-86E776BFAF22} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1015416 2017-07-24] (McAfee, Inc. -> McAfee, Inc.)
Task: {1B94DCCB-121C-4EC2-A2D1-1ECF1E8542DB} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {243A3715-DCFA-42D5-B90F-C2A38CD04B9A} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {2700F37A-1061-492D-B823-2D270EF16105} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23755640 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DD756AA-729F-4585-8295-8FFDB23E0CBE} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {37D93982-0D31-4EEB-8265-A35769ABD92B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [745296 2017-10-04] (McAfee, Inc. -> McAfee, Inc.)
Task: {38E1A4AF-96EA-48D0-8A2C-13964AAE8B3E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3929CD31-7A70-4D26-BF83-17599CF933F8} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {3AA2BACF-33CE-4E21-986B-2EC2EF7B39C3} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {43F71AE4-7EA6-4661-BE50-1405AF86FD55} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {478ADB9A-C2FA-4D00-A03E-CFB639C2BFD8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4F535FE1-91DD-44B3-B0B4-E4992C9D7F28} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1015416 2017-07-24] (McAfee, Inc. -> McAfee, Inc.)
Task: {597A2AF9-16C4-4096-A116-1BDD8ECD6C21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {5F31735D-F887-4202-A2B0-116896CA3CA1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6666B3FD-E25B-40E1-857D-A0C1AA9C3BDE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {705AF40A-28C3-4909-8C2C-0016E7F1D792} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2417424753-1909548177-4206843061-1001Core => C:\Users\mibut\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-13] (Google Inc -> Google Inc.)
Task: {70E206BD-1192-4243-84D5-E04977ACB7CA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7BA0BACB-76AA-446A-A84A-13948C467B26} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {86EDBC22-93F3-4BA2-9B24-0E1F0C06BA6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {8F3C00F4-B800-4BE1-BA0A-C2DF3231A21C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3314272 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {A136C36E-7486-488D-98E3-C520CABDB53F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {ADDF7C97-F958-4201-A0CC-4884CB064AF0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {B393725C-55BF-486D-BA17-C9DE9395C583} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4566248 2020-03-29] (McAfee, LLC -> McAfee, LLC)
Task: {B395F0E2-C27C-4EC7-A33C-6075805EA448} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {B3D82445-678E-4492-9973-3D0613B2F631} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {BB172566-2DE2-4225-900E-27B146683E3E} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe [4147336 2020-03-20] (McAfee, Inc. -> McAfee, LLC)
Task: {BC6EDE11-1F15-4E6F-BBAB-40D5251DC051} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {C0274FAE-4BF4-45CE-800A-D3CF9E6A9EA0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124744 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C08A296A-9184-47E7-AD70-03F37237B9A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {C0DA44C6-A40E-4EC4-B924-02435E9C1758} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23755640 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4A6108C-6215-4DDA-9C9C-7C0FA2914578} - System32\Tasks\HPCeeScheduleFormibut => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {C5A8BA8D-A0C8-4DFA-9F58-83B16C69ABA7} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe [26747856 2020-05-19] (Wizards of the Coast, LLC -> Wizards of the Coast)
Task: {C80146BC-9CDB-472E-9904-204004B8F39A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0F98E24-9B5C-4925-AC1D-FAF4D83EF2D2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2417424753-1909548177-4206843061-1001UA => C:\Users\mibut\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-13] (Google Inc -> Google Inc.)
Task: {DD8DC957-5DD8-4CCF-AF4D-3A7E2644D724} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE0ADF7A-F559-47B3-8D63-5733C1C6FA00} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-12] (Corel Corporation -> Corel Corporation)
Task: {E77F51EB-2F5A-470B-8897-DC2065A7A65F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA502CE4-F356-499C-8EA2-DE733B05A858} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC871212-693F-44B0-9C6D-AA53FE52B429} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {ECFF51D6-146D-479A-A7BE-9FDC28BA8467} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124744 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3522EEF-1D90-44EC-8FAC-746424482F28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {FCD01B06-D723-4F35-961A-4C380F217849} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2000104 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {FD287C5A-48B0-4D7D-96E2-13420D09C5CE} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-28] (Dropbox, Inc -> DropboxOEM)
Task: {FDDC9557-0AED-4909-B8B1-037927599F6A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFormibut.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exeϺ/I C:\Users\mibut\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,B35B3203FEB4CFFA576A27CB835D3E6 ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=C:\ AI_PREREQDIRS=C:\Users\mibut\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x86 AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-05-19T21:00:49.6599671Z TARGETLOCKED=TRUE TARGETDIR=C:\ APPDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8c4547c6-c007-43fb-b730-a71c6d9d44e0}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)

Edge:
======
DownloadDir: C:\Users\mibut\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\mibut\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-09]
Edge DownloadDir: C:\Users\mibut\Downloads
Edge HomePage: Default -> hxxp://xfinity.com/
Edge StartupUrls: Default -> "hxxp://my.xfinity.com/"

FireFox:
========
FF DefaultProfile: o5egvgj2.default
FF ProfilePath: C:\Users\mibut\AppData\Roaming\Mozilla\Firefox\Profiles\o5egvgj2.default [2019-11-22]
FF Homepage: Mozilla\Firefox\Profiles\o5egvgj2.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\o5egvgj2.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2019-04-26 07:32:56&bName=&bitmask=0600
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-01-21] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-12-21] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-12-21] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.7.915.0\npAvastBrowserUpdate3.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin HKU\S-1-5-21-2417424753-1909548177-4206843061-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mibut\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default [2020-05-11]
CHR Extension: (Slides) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-13]
CHR Extension: (Docs) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Google Drive) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-13]
CHR Extension: (YouTube) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-13]
CHR Extension: (Sheets) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-13]
CHR Extension: (Google Docs Offline) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\mibut\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [6392728 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [348968 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193688 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4223.139\elevation_service.exe [1106528 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2018-02-22] (BitRaider LLC -> BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10637168 2020-05-29] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc. -> McAfee, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-30] (Dropbox, Inc -> Dropbox, Inc.)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2020-03-13] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-05-06] (GOG Sp. z o.o. -> GOG.com)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182896 2016-10-13] (Intel(R) RMT -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [728808 2017-12-20] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2016-11-15] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [357840 2017-09-29] (McAfee, Inc. -> McAfee LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [509904 2017-09-29] (McAfee, Inc. -> McAfee LLC)
R3 mfevtp; C:\windows\system32\mfevtps.exe [466384 2017-09-29] (McAfee, Inc. -> McAfee LLC)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1666224 2017-12-19] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [782320 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (McAfee, Inc. -> Intel Security, Inc.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13059640 2020-05-27] (Adlice -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268344 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HP Orbit Service; "C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe" [X]
S2 HPJumpStartBridge; "C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205896 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235088 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178768 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175208 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [506152 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [462600 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216824 2020-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [322256 2020-06-09] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-01-14] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2018-02-22] (BitRaider -> BitRaider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-22] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77280 2017-10-19] (McAfee, Inc. -> McAfee LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc. -> McAfee, Inc.)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34720 2016-10-13] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131736 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [492512 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355808 2017-10-19] (McAfee, Inc. -> McAfee LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84016 2017-10-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [506336 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [938464 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [507304 2017-11-15] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108456 2017-11-15] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115168 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252896 2017-10-19] (McAfee, Inc. -> McAfee LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_1683e6c24d03a407\nvlddmkm.sys [21776528 2019-07-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [49208 2017-05-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-06-09] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-09 13:51 - 2020-06-09 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2020-06-09 13:47 - 2020-06-09 13:47 - 000000000 ____D C:\ProgramData\Apple
2020-06-09 13:45 - 2020-06-09 13:45 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-06-09 13:44 - 2020-06-09 13:44 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-06-09 13:44 - 2020-06-09 13:44 - 000028272 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-06-09 13:37 - 2020-06-09 13:40 - 000000000 ____D C:\AdwCleaner
2020-06-09 13:37 - 2020-06-09 13:37 - 008402608 _____ (Malwarebytes) C:\Users\mibut\Downloads\AdwCleaner.exe
2020-06-09 13:26 - 2020-06-09 13:44 - 000131736 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-09 13:26 - 2020-06-09 13:31 - 000000000 ____D C:\Users\mibut\AppData\LocalLow\IGDump
2020-06-09 13:25 - 2020-06-09 13:25 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-09 13:25 - 2020-06-09 13:25 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-09 13:25 - 2020-06-09 13:25 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-09 13:25 - 2020-06-09 13:25 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-09 13:25 - 2020-06-09 13:25 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-09 13:25 - 2020-06-09 13:24 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-09 13:24 - 2020-06-09 13:24 - 001988280 _____ (Malwarebytes) C:\Users\mibut\Downloads\MBSetup.exe
2020-06-09 13:24 - 2020-06-09 13:24 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-09 13:24 - 2020-06-09 13:24 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-09 13:24 - 2020-06-09 13:24 - 000000000 ____D C:\Malwarebytes
2020-06-09 13:22 - 2020-06-09 13:22 - 000025422 _____ C:\Users\mibut\Desktop\report.txt
2020-06-09 13:05 - 2020-06-09 13:05 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-06-09 13:05 - 2020-06-09 13:05 - 000000906 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-06-09 13:04 - 2020-06-09 13:04 - 039917608 _____ (Adlice Software ) C:\Users\mibut\Downloads\RogueKiller_setup_ref3.exe
2020-06-07 15:35 - 2020-06-07 15:59 - 000050279 _____ C:\Users\mibut\Downloads\Addition.txt
2020-06-07 15:31 - 2020-06-09 14:42 - 000041777 _____ C:\Users\mibut\Downloads\FRST.txt
2020-06-07 15:17 - 2020-06-09 14:38 - 002289152 _____ (Farbar) C:\Users\mibut\Downloads\FRST64.exe
2020-06-07 04:57 - 2020-06-07 04:57 - 000000000 ___HD C:\$AV_ASW
2020-06-07 04:56 - 2020-06-09 14:41 - 000000000 ____D C:\FRST
2020-06-07 04:56 - 2020-06-09 14:39 - 000000000 ____D C:\Users\mibut\Downloads\FRST-OlderVersion
2020-06-07 04:54 - 2020-06-07 04:58 - 000000000 ____D C:\Users\mibut\AppData\Local\AVAST Software
2020-06-07 04:54 - 2020-06-07 04:54 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-07 04:54 - 2020-06-07 04:54 - 000003454 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2020-06-07 04:54 - 2020-06-07 04:54 - 000003330 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2020-06-07 04:54 - 2020-06-07 04:54 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-06-07 04:54 - 2020-06-07 04:54 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-06-07 04:54 - 2020-06-07 04:54 - 000002546 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-06-07 04:54 - 2020-06-07 04:54 - 000002546 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-06-07 04:51 - 2020-06-07 04:51 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-06-07 04:51 - 2020-06-07 04:51 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-06-07 04:51 - 2020-06-07 04:51 - 000002159 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-06-07 04:50 - 2020-06-07 04:51 - 000255320 _____ (Asurvio, LP) C:\Users\mibut\Downloads\DSOne.exe
2020-06-07 04:47 - 2020-06-09 13:46 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-06-07 04:47 - 2020-06-09 08:47 - 000322256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000506152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000462600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000335976 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-06-07 04:47 - 2020-06-07 04:46 - 000235088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000216824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000205896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000178768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000175208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000060496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-06-07 04:47 - 2020-06-07 04:46 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-06-07 04:46 - 2020-06-07 04:46 - 000000000 ____D C:\Program Files\Avast Software
2020-06-07 04:45 - 2020-06-07 04:47 - 000000000 ____D C:\ProgramData\Avast Software
2020-06-07 04:45 - 2020-06-07 04:45 - 000230080 _____ (AVAST Software) C:\Users\mibut\Downloads\avast_free_antivirus_setup_online.exe
2020-05-17 01:53 - 2020-05-17 01:53 - 000000000 ____D C:\Users\mibut\AppData\LocalLow\United Soft Media Verlag GmbH
2020-05-13 19:05 - 2020-05-13 19:05 - 000000000 ___HD C:\ProgramData\temp
2020-05-13 17:20 - 2020-05-13 17:20 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 007822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

 

[Cuteykat1701]

2020-05-13 17:20 - 2020-05-13 17:20 - 005098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 002073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-13 17:20 - 2020-05-13 17:20 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-05-13 17:20 - 2020-05-13 17:20 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2020-05-13 17:20 - 2020-05-13 17:20 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 022638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 019851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 007267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 005340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 004612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 003513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-13 17:19 - 2020-05-13 17:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-05-13 17:19 - 2020-05-13 17:19 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-05-13 17:19 - 2020-05-13 17:19 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 001393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 001011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-13 17:19 - 2020-05-13 17:19 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-05-13 17:19 - 2020-05-13 17:19 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-05-13 17:19 - 2020-05-13 17:19 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-13 17:19 - 2020-05-13 17:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-13 17:19 - 2020-05-13 17:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-13 17:18 - 2020-05-13 17:18 - 009929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 009339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 007902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 006435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 006168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 005280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 003807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 003655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 002854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

 

[Cuteykat1701]

2020-05-13 17:18 - 2020-05-13 17:18 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 002072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-13 17:18 - 2020-05-13 17:18 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-13 17:18 - 2020-05-13 17:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-13 17:18 - 2020-05-13 17:18 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-13 17:18 - 2020-05-13 17:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-13 17:17 - 2020-05-13 17:18 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 006232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 002504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 002060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 001007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-13 17:17 - 2020-05-13 17:17 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

 

[Cuteykat1701]

2020-05-13 17:17 - 2020-05-13 17:17 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-13 17:17 - 2020-05-13 17:17 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-13 17:17 - 2020-05-13 17:17 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-13 17:17 - 2020-05-13 17:17 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-09 14:41 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-09 14:31 - 2020-04-17 07:35 - 000004448 _____ C:\WINDOWS\system32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}
2020-06-09 14:31 - 2020-04-17 07:35 - 000002412 ____H C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job
2020-06-09 14:31 - 2020-03-13 17:59 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-09 14:31 - 2020-03-13 17:59 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-09 14:31 - 2020-02-22 01:56 - 000003526 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2417424753-1909548177-4206843061-1001UA
2020-06-09 14:31 - 2020-02-22 01:56 - 000003258 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2417424753-1909548177-4206843061-1001Core
2020-06-09 14:31 - 2020-02-22 01:56 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-06-09 14:31 - 2020-02-22 01:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2417424753-1909548177-4206843061-1001
2020-06-09 14:31 - 2020-02-22 01:56 - 000002802 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleFormibut
2020-06-09 14:31 - 2020-02-22 01:56 - 000002698 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2020-06-09 14:31 - 2020-02-22 01:56 - 000002696 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2020-06-09 14:31 - 2020-02-22 01:56 - 000002696 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2020-06-09 14:31 - 2020-02-22 01:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-06-09 14:31 - 2020-01-14 23:53 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormibut.job
2020-06-09 14:31 - 2017-11-30 16:04 - 000000000 ____D C:\Users\mibut\AppData\Local\Battle.net
2020-06-09 13:51 - 2020-02-22 01:49 - 000936976 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-09 13:51 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-09 13:49 - 2020-04-25 21:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-09 13:48 - 2017-11-30 15:40 - 000000000 ___RD C:\Users\mibut\OneDrive
2020-06-09 13:47 - 2019-03-18 22:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-06-09 13:45 - 2017-08-24 10:30 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-09 13:43 - 2020-02-22 01:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-09 13:42 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-09 13:41 - 2017-08-24 09:35 - 000000000 ____D C:\Program Files (x86)\HP Inc
2020-06-09 13:41 - 2017-08-24 09:32 - 000000000 ____D C:\Program Files (x86)\HP
2020-06-09 13:40 - 2019-04-26 13:32 - 000000000 ____D C:\Users\mibut\AppData\Local\Lavasoft
2020-06-09 13:40 - 2019-04-26 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-06-09 13:40 - 2017-11-30 15:41 - 000000000 ____D C:\Users\mibut\AppData\Roaming\Hewlett-Packard
2020-06-09 13:40 - 2017-11-30 15:37 - 000000000 ____D C:\Users\mibut\AppData\Local\Hewlett-Packard
2020-06-09 13:40 - 2017-08-24 09:32 - 000000000 ____D C:\ProgramData\HP
2020-06-09 13:40 - 2017-08-24 09:32 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-06-09 13:40 - 2017-08-24 09:32 - 000000000 ____D C:\Program Files\HP
2020-06-09 13:40 - 2017-08-24 09:32 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-06-09 13:40 - 2017-07-21 16:17 - 000000000 ___HD C:\hp
2020-06-09 13:36 - 2017-11-30 16:04 - 000000000 ____D C:\Users\mibut\AppData\Local\CrashDumps
2020-06-09 13:25 - 2019-03-18 22:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-09 13:24 - 2018-01-21 15:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-09 13:20 - 2019-04-26 13:32 - 000000000 ____D C:\Users\mibut\AppData\Roaming\Lavasoft
2020-06-09 13:20 - 2019-04-26 13:32 - 000000000 ____D C:\ProgramData\Lavasoft
2020-06-09 13:20 - 2019-04-26 13:32 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-06-09 13:10 - 2018-09-06 23:53 - 000000000 ____D C:\ProgramData\RogueKiller
2020-06-09 13:05 - 2018-09-06 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-06-09 13:05 - 2018-09-06 23:52 - 000000000 ____D C:\Program Files\RogueKiller
2020-06-09 13:02 - 2020-02-22 01:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-09 09:38 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-09 09:38 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-08 19:14 - 2017-12-13 14:53 - 000002509 _____ C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-07 06:33 - 2018-04-07 08:24 - 000000000 ____D C:\Users\mibut\AppData\LocalLow\Mozilla
2020-06-07 04:53 - 2018-02-03 11:28 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-06-07 04:52 - 2018-01-21 15:48 - 000000000 ____D C:\Users\mibut\AppData\Roaming\AVAST Software
2020-06-06 20:34 - 2017-08-24 09:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-06 07:42 - 2020-03-13 17:59 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-06 07:42 - 2020-03-13 17:59 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-06 07:42 - 2020-03-13 17:59 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-04 17:06 - 2018-01-10 00:10 - 000000000 ____D C:\Users\mibut\AppData\Local\Packages
2020-06-04 08:53 - 2018-05-18 18:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 19:07 - 2017-11-30 22:51 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2020-05-29 10:45 - 2019-06-18 17:54 - 000000000 ____D C:\Program Files\UNP
2020-05-29 07:30 - 2017-11-30 16:03 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-05-21 21:45 - 2020-02-22 01:39 - 000002374 _____ C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-17 01:56 - 2017-11-30 15:37 - 000000000 ____D C:\Users\mibut\AppData\Local\ConnectedDevicesPlatform
2020-05-17 01:53 - 2020-04-25 21:32 - 000000000 ____D C:\Users\mibut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-14 12:32 - 2017-08-24 10:38 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-05-13 19:08 - 2019-08-06 09:29 - 000000000 ____D C:\Users\mibut\AppData\Local\Gtarcade
2020-05-13 19:06 - 2018-01-10 09:19 - 000000000 ___RD C:\Users\mibut\3D Objects
2020-05-13 19:06 - 2017-03-17 21:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-13 19:05 - 2020-02-22 01:33 - 000444408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-13 19:02 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-13 19:02 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-13 19:01 - 2019-03-18 22:52 - 000000000 ____D C:\PerfLogs
2020-05-13 17:35 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-13 17:30 - 2017-11-30 16:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-13 17:25 - 2017-11-30 16:17 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-13 17:17 - 2020-02-22 01:36 - 002874880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

[Cuteykat1701]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by mibut (09-06-2020 14:43:09)
Running from C:\Users\mibut\Downloads
Windows 10 Home Version 1909 18363.836 (X64) (2020-02-22 07:57:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2417424753-1909548177-4206843061-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2417424753-1909548177-4206843061-503 - Limited - Disabled)
Guest (S-1-5-21-2417424753-1909548177-4206843061-501 - Limited - Disabled)
mibut (S-1-5-21-2417424753-1909548177-4206843061-1001 - Administrator - Enabled) => C:\Users\mibut
WDAGUtilityAccount (S-1-5-21-2417424753-1909548177-4206843061-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 81.1.4223.139 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.915.0 - AVAST Software) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-01b6d92e-5029-4c59-9ab2-2e7a9005dc9d) (Version: 3.0.2.48 - WildTangent) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7503 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
GTarcade (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\gtarcade) (Version: 2.1.0.3045 - YOOZOO Games)
GTarcade (HKU-x32\S-1-5-21-2417424753-1909548177-4206843061-1001\...\gtarcade) (Version: 2.0.0.1075 - YOOZOO Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.18 - HP Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{CC3C017C-876D-4A31-A128-593FF92A1FE7}) (Version: 1.1.70.528 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iPod Support (HKLM\...\{4B5933A1-A781-400E-B4A2-3ECC375375E4}) (Version: 120.7.3.55 - Apple Inc.)
Letter Quest - Grimm's Journey (HKLM-x32\...\WTA-92e34ed3-e3bb-4594-909c-23535f7c1c8e) (Version: 3.0.2.118 - WildTangent) Hidden
LINE (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\LINE) (Version: 5.11.4.1836 - LINE Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R7 - McAfee, Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12827.20268 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft OneDrive (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MTG Arena (HKLM-x32\...\{F62E5477-A813-448F-AD6C-34FB7C31E360}) (Version: 0.1.1790 - Wizards of the Coast)
Mystika 2 (HKLM-x32\...\WTA-6bcc19ce-71db-4d4c-b7d3-a663afda0bd4) (Version: 1.1.2.4 - WildTangent) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0516 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0516 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20268 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
RogueKiller version 14.5.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.5.0.0 - Adlice Software)
Runefall (HKLM-x32\...\WTA-6127a291-0ce8-4972-8927-8b48dad7eb90) (Version: 3.0.2.126 - WildTangent) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Sparkle 2 (HKLM-x32\...\WTA-d3f11148-db3c-4e0d-b42d-86cbc038bc40) (Version: 3.0.2.51 - WildTangent) Hidden
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twitch (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Unity Web Player (HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24125}) (Version: 24.0.13650 - Corel Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-08] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.169.300.0_x86__kgqvnymyfvs32 [2020-06-02] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.1.0.10_x86__h6adky7gbf63m [2020-06-02] (Gameloft SE)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-08-24] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa [2020-05-21] (Apple Inc.) [Startup Task]
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-29] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-12] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.40.21551.0_x64__8wekyb3d8bbwe [2020-06-09] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-01] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-15] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-11] (Netflix, Inc.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-11-30] (Plex)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.19.82.0_x64__kx24dqmazqk8j [2020-06-09] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-05-28] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\mibut\AppData\Local\Google\Chrome\Application\83.0.4103.97\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-12-21] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-12] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\mibut\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\mibut\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\mibut\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f1f36ebe66fce5e5\Google Chrome.lnk -> C:\Users\mibut\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUDU - Streaming Movies.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=*&locale=en_us&pf=cndt&s=VUDU_URL&tp=startmenu

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mibut\Downloads\AdwCleaner.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\avast_free_antivirus_setup_online.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\DSOne.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\MBSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\RogueKiller_setup_ref3.exe:SmartScreen [7]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 15:03 - 2019-01-04 04:14 - 000000827 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mibut\OneDrive\Pictures\Rey.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WinZip UN"
HKLM\...\StartupApproved\Run: => "WinZip PreLoader"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A1BDD902-943B-4334-938C-BD2E3939DED1}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{20AD8E14-F84C-457B-A9ED-EB8177204DA0}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{22ED328F-38BA-48E6-9121-59ED1685ED3F}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{941DD0F1-E9FF-470D-83CF-F73E081DBDD1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{68484261-70BF-4194-9555-8E3600B3D1B0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{3B5FFFE6-2548-4A43-99BE-D35C29A067C5}C:\users\mibut\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mibut\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{16C97EF7-A1C1-4A07-BE92-4B9B9707AE24}C:\users\mibut\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mibut\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A241F580-3C98-415D-9D1F-CFD7FDF665D6}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [{00F7EAB0-B76E-483F-8DB9-A1D99EAEC277}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{5C39094F-4A83-4391-AAB7-44BC59F0FB1D}] => (Allow) C:\Users\mibut\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{E219C1F5-7987-44DB-9538-8001090434FD}] => (Allow) C:\Users\mibut\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{4D30C7AA-CD2C-4C84-BB71-0A46313939C5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{2C2A1A83-9220-493B-A9BB-1FFC1841DCDF}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{98EDA17C-6463-4EFD-8096-E4CB012B69DF}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A2F38A76-AAC8-439E-9B6E-1C972676A64E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{213A9662-B0C6-43E6-857D-88590AB874DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{3CA61BB5-16C7-473B-8BD5-64D8B1FC7DA6}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [{26CEEBA7-9D5F-46F2-9A74-1E3CD1D91C34}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [{61BCF1EA-B8B0-4266-AFEC-222448FD4CC5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [{2B7D4DBC-ADE7-4927-9C3C-73DE196C93F9}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts, Inc. -> BioWare)
FirewallRules: [UDP Query User{9B865DC6-DDFE-4863-997B-2FAC3FB3BF3C}C:\program files (x86)\arc\arcchat.exe] => (Allow) C:\program files (x86)\arc\arcchat.exe => No File
FirewallRules: [TCP Query User{1C13A94C-A1A7-4F42-80F7-9F907F06B58C}C:\program files (x86)\arc\arcchat.exe] => (Allow) C:\program files (x86)\arc\arcchat.exe => No File
FirewallRules: [{14EAAEE9-E424-44ED-AF33-C7822D5331F6}] => (Allow) LPort=13148
FirewallRules: [{66E9426F-4FA7-4429-8BC9-5EB3D7EA4D3A}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe => No File
FirewallRules: [UDP Query User{C32EBFD4-4743-43BF-9B77-526B8D99EDC5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe] => (Allow) C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe => No File
FirewallRules: [TCP Query User{683262DC-65EB-4DB7-AEE8-432192F643C5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe] => (Allow) C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe => No File
FirewallRules: [{4BA9337E-58C0-4933-9E77-A4E58FCC6CCF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2C69E28-0B0C-4D85-A026-2DC95CEFBFB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC69B604-027F-46A9-9419-716AE4F13163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{63C44D8F-A26D-4B88-A2B1-725B75A2F274}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4F1A8874-6324-4D4F-A6D4-4A93E75597AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A3915C98-52C8-42E6-87B9-DE347D9C7DB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26FE87DE-ABF6-4D09-B561-FA440ACD1ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{1C6722D5-E121-4A0C-9182-9E1A9DAC9FC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9AB01026-20E3-4605-BDAA-2ED134C6C247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F84BC97-434A-4960-8E3B-E31359033C18}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E3742839-AB11-4CC0-8B72-D30C86FE9245}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{E5070A02-CD25-4605-817D-BE69868264A2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{3BB1B2E4-B5F5-4EC1-BDB8-6E34ACA5AD3E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{ADB1D5E5-340B-45BA-B4ED-6A9D08DB9E9F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{0F3FB5F8-04C6-4405-9C62-9041CE4D19C4}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{4987065C-6824-4D6F-9183-374793EC5432}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{9DC24332-1FC8-4F27-BF9D-4F28E6FD225B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AC02C539-60BF-4E06-B0E2-FC388E8D1273}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BDA92F3-78DD-4904-BFF8-3E01347ED7EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3891EF37-229D-4302-85A3-E6E0A8F7C415}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DDE4EE5-45ED-4636-910E-72B809856C11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{FCA31944-D8C6-459B-A267-1C030AE466A1}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [UDP Query User{903566A7-00BB-428C-9761-7D67B5938A34}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe (Wizards of the Coast, LLC -> )
FirewallRules: [{61A9AE27-E321-49C0-A98B-FA6EADF01B63}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LINE.exe => No File
FirewallRules: [{8CF81C17-98CB-4500-9444-5F82E05D8AA7}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LINE.exe => No File
FirewallRules: [{2F972916-D2C3-4AC8-8C4F-D61EE5B8EC66}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LineUpdater.exe => No File
FirewallRules: [{5305DBC0-1093-4BD7-992C-6B020036A459}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LineUpdater.exe => No File
FirewallRules: [{8E0A84EF-9192-480E-8F22-C612A0053911}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2B7BBD75-3059-456E-9E37-29D3D3BEC2A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{540E65B3-6DFA-4D28-98DF-542F97C66F9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B99BCB9A-D1EA-4B1B-A0BE-2B5ACAB43F21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0386BBB5-3EE2-4EB9-88DD-EECFC473A63F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D2C3EB02-8037-41ED-86D8-6E3E29DFB972}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VEGA Conflict\VEGAConflict.exe () [File not signed]
FirewallRules: [{2057DCFF-2714-4190-9E50-80E1FCE4C9F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VEGA Conflict\VEGAConflict.exe () [File not signed]
FirewallRules: [{B17A1752-0C36-482B-879B-FA103E9DE500}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DD4410CB-FF48-444B-A151-E5CC12C137A3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1BCE4ACB-F4F4-46CF-A0A9-282B9F4F5F52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{E849A941-BE1D-48A0-83F0-99E0529A4207}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Catan Universe\CatanUniverse.exe () [File not signed]
FirewallRules: [{5AFC80DA-D1D0-4826-8255-A16B2B5ABC29}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4E628A41-0381-4AAC-8C65-38FACD0B4CBA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99B15575-3EC9-486D-A37A-0AB0DCDF5A79}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{827A1F88-CEC0-40A6-A4A2-D96E54902C8E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABFA7D04-B6DF-4E58-96A1-5AD4F667D8B4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E9D73447-87A7-40D6-9BB8-6784B7D828A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{684F81EA-0169-41C0-8F05-DEBABBBB0F6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E561FBDB-B919-4CAD-85AC-4EF3192F248D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1BB98C3D-E74E-47D7-9127-A244D9EDA9E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0188FC53-6831-4C66-A5CA-11FEAB7E3E67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A356EDF-33E2-46AB-8154-3D5F919A93E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{663685C7-3243-4870-A4E4-10D14835F442}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D0480C9-76B0-4689-A113-D91EA5993841}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C62AACAD-7738-44D4-B71B-52767FE27D31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC5485B5-AC82-42F3-8A2A-7C1E49671DB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF6E8F30-48F7-4466-AD1B-31745A5B63BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{51F065FB-FE08-4ABA-B1B2-F3161C8CB177}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF4DFAAE-42C3-4176-93A6-1B53CBA42A0B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

19-05-2020 15:01:21 Installed MTGA Launcher
31-05-2020 02:10:33 Scheduled Checkpoint
09-06-2020 13:39:22 AdwCleaner_BeforeCleaning_09/06/2020_13:39:20

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/09/2020 02:43:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8464,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/09/2020 02:05:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3216,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/09/2020 01:49:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (06/09/2020 01:47:06 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (06/09/2020 01:39:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service WC Assistant since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (06/09/2020 01:39:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Application Installer Cleanup (0271111589481137) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (06/09/2020 01:35:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 4.0.0.680, time stamp: 0x5ecfd2a3
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5e8272e4
Exception code: 0xc0000005
Fault offset: 0x0000000000232860
Faulting process id: 0x3218
Faulting application start time: 0x01d63e93be944aec
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 8d78e345-fad8-45dc-aa33-c8787fba20db
Faulting package full name:
Faulting package-relative application ID:

Error: (06/09/2020 01:35:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 4.0.0.680, time stamp: 0x5ecfd2a3
Faulting module name: mbam.exe, version: 4.0.0.680, time stamp: 0x5ecfd2a3
Exception code: 0xc0000005
Fault offset: 0x0000000000071a19
Faulting process id: 0x3218
Faulting application start time: 0x01d63e93be944aec
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Report Id: 5406f159-2c8b-4b81-a040-e00840f75790
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (06/09/2020 01:49:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (06/09/2020 01:49:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (06/09/2020 01:46:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Comm Recovery service failed to start due to the following error:
The system cannot find the file specified.

Error: (06/09/2020 01:46:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GamesAppIntegrationService service failed to start due to the following error:
The system cannot find the file specified.

Error: (06/09/2020 01:44:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Orbit Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (06/09/2020 01:42:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ModuleCoreService service.

Error: (06/09/2020 01:42:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.

Error: (06/09/2020 01:42:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll


Windows Defender:
===================================
Date: 2020-06-02 14:43:45.060
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:

Trojan:HTML/FakeAlert!MSR threat description - Microsoft Security Intelligence

Name: Trojan:HTML/FakeAlert!MSR
ID: 2147744081
Severity: Severe
Category: Trojan
Path: file:_C:\Users\mibut\Downloads\This computer is BLOCKED.html; webfile:_C:\Users\mibut\Downloads\This computer is BLOCKED.html|http://138.68.251.107/xxxwinchrome0...html|pid:4752,ProcessStart:132356042235305004
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.317.467.0, AS: 1.317.467.0, NIS: 1.317.467.0
Engine Version: AM: 1.1.17100.2, NIS: 1.1.17100.2

Date: 2020-05-27 17:59:15.788
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.54.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===================================

Date: 2020-06-09 14:35:59.768
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:59.343
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:58.928
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:58.598
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:58.106
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:57.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:57.436
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-09 14:35:57.234
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: AMI F.10 03/30/2017
Motherboard: HP 82F1
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 55%
Total physical RAM: 8127.92 MB
Available physical RAM: 3637.24 MB
Total Virtual: 13759.92 MB
Available Virtual: 7092.23 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:918.43 GB) (Free:705.45 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.85 GB) (Free:1.44 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{151c66e5-c7c5-4043-8f99-d10811ddbea8}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.49 GB) NTFS
\\?\Volume{890f18f1-083f-49a7-9053-645d8de06a3c}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7E10C852)

Partition: GPT.

==================== End of Addition.txt =======================

 

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[Cuteykat1701]

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by mibut (10-06-2020 12:42:02) Run:1
Running from C:\Users\mibut\Downloads
Loaded Profiles: mibut
Boot Mode: Normal
==============================================

fixlist content:
*****************
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exeϺ/I C:\Users\mibut\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,B35B3203FEB4CFFA576A27CB835D3E6 ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=C:\ AI_PREREQDIRS=C:\Users\mibut\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x86 AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-05-19T21:00:49.6599671Z TARGETLOCKED=TRUE TARGETDIR=C:\ APPDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.64.exe <==== ATTENTION
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HP Orbit Service; "C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe" [X]
S2 HPJumpStartBridge; "C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
U3 mfeavfk01; no ImagePath
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\mibut\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
AlternateDataStreams: C:\Users\mibut\Downloads\AdwCleaner.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\avast_free_antivirus_setup_online.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\DSOne.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\MBSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\mibut\Downloads\RogueKiller_setup_ref3.exe:SmartScreen [7]
FirewallRules: [UDP Query User{941DD0F1-E9FF-470D-83CF-F73E081DBDD1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [TCP Query User{68484261-70BF-4194-9555-8E3600B3D1B0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe => No File
FirewallRules: [{5C39094F-4A83-4391-AAB7-44BC59F0FB1D}] => (Allow) C:\Users\mibut\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{E219C1F5-7987-44DB-9538-8001090434FD}] => (Allow) C:\Users\mibut\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{A2F38A76-AAC8-439E-9B6E-1C972676A64E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{213A9662-B0C6-43E6-857D-88590AB874DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [UDP Query User{9B865DC6-DDFE-4863-997B-2FAC3FB3BF3C}C:\program files (x86)\arc\arcchat.exe] => (Allow) C:\program files (x86)\arc\arcchat.exe => No File
FirewallRules: [TCP Query User{1C13A94C-A1A7-4F42-80F7-9F907F06B58C}C:\program files (x86)\arc\arcchat.exe] => (Allow) C:\program files (x86)\arc\arcchat.exe => No File
FirewallRules: [{66E9426F-4FA7-4429-8BC9-5EB3D7EA4D3A}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe => No File
FirewallRules: [UDP Query User{C32EBFD4-4743-43BF-9B77-526B8D99EDC5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe] => (Allow) C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe => No File
FirewallRules: [TCP Query User{683262DC-65EB-4DB7-AEE8-432192F643C5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe] => (Allow) C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe => No File
FirewallRules: [{26FE87DE-ABF6-4D09-B561-FA440ACD1ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{E3742839-AB11-4CC0-8B72-D30C86FE9245}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{E5070A02-CD25-4605-817D-BE69868264A2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{61A9AE27-E321-49C0-A98B-FA6EADF01B63}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LINE.exe => No File
FirewallRules: [{8CF81C17-98CB-4500-9444-5F82E05D8AA7}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LINE.exe => No File
FirewallRules: [{2F972916-D2C3-4AC8-8C4F-D61EE5B8EC66}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LineUpdater.exe => No File
FirewallRules: [{5305DBC0-1093-4BD7-992C-6B020036A459}] => (Allow) C:\Users\mibut\AppData\Local\LINE\bin\5.9.2.1760\LineUpdater.exe => No File
FirewallRules: [{B99BCB9A-D1EA-4B1B-A0BE-2B5ACAB43F21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0386BBB5-3EE2-4EB9-88DD-EECFC473A63F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File

*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => moved successfully
HKLM\System\CurrentControlSet\Services\ArcService => removed successfully
ArcService => service removed successfully
HKLM\System\CurrentControlSet\Services\GamesAppIntegrationService => removed successfully
GamesAppIntegrationService => service removed successfully
HKLM\System\CurrentControlSet\Services\GamesAppService => removed successfully
GamesAppService => service removed successfully
HKLM\System\CurrentControlSet\Services\HP Comm Recover => removed successfully
HP Comm Recover => service removed successfully
HKLM\System\CurrentControlSet\Services\HP Orbit Service => removed successfully
HP Orbit Service => service removed successfully
HKLM\System\CurrentControlSet\Services\HPJumpStartBridge => removed successfully
HPJumpStartBridge => service removed successfully
HKLM\System\CurrentControlSet\Services\mfeavfk01 => removed successfully
mfeavfk01 => service removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-2417424753-1909548177-4206843061-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully
C:\Users\mibut\Downloads\AdwCleaner.exe => ":SmartScreen" ADS removed successfully
C:\Users\mibut\Downloads\avast_free_antivirus_setup_online.exe => ":SmartScreen" ADS removed successfully
C:\Users\mibut\Downloads\DSOne.exe => ":SmartScreen" ADS removed successfully
C:\Users\mibut\Downloads\MBSetup.exe => ":SmartScreen" ADS removed successfully
C:\Users\mibut\Downloads\RogueKiller_setup_ref3.exe => ":SmartScreen" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{941DD0F1-E9FF-470D-83CF-F73E081DBDD1}C:\program files (x86)\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68484261-70BF-4194-9555-8E3600B3D1B0}C:\program files (x86)\hearthstone\hearthstone.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C39094F-4A83-4391-AAB7-44BC59F0FB1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E219C1F5-7987-44DB-9538-8001090434FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2F38A76-AAC8-439E-9B6E-1C972676A64E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{213A9662-B0C6-43E6-857D-88590AB874DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9B865DC6-DDFE-4863-997B-2FAC3FB3BF3C}C:\program files (x86)\arc\arcchat.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1C13A94C-A1A7-4F42-80F7-9F907F06B58C}C:\program files (x86)\arc\arcchat.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66E9426F-4FA7-4429-8BC9-5EB3D7EA4D3A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C32EBFD4-4743-43BF-9B77-526B8D99EDC5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{683262DC-65EB-4DB7-AEE8-432192F643C5}C:\program files (x86)\star trek online_en\star trek online\live\x86\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26FE87DE-ABF6-4D09-B561-FA440ACD1ADB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3742839-AB11-4CC0-8B72-D30C86FE9245}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5070A02-CD25-4605-817D-BE69868264A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61A9AE27-E321-49C0-A98B-FA6EADF01B63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CF81C17-98CB-4500-9444-5F82E05D8AA7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F972916-D2C3-4AC8-8C4F-D61EE5B8EC66}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5305DBC0-1093-4BD7-992C-6B020036A459}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B99BCB9A-D1EA-4B1B-A0BE-2B5ACAB43F21}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0386BBB5-3EE2-4EB9-88DD-EECFC473A63F}" => removed successfully

==== End of Fixlog 12:42:03 ====

 

[Broni]

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

• Internet Services
• Windows Firewall
• System Restore
• Security Center
• Windows Update
• Windows Defender
• Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View log file... (bottom left hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program

 

[Cuteykat1701]

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
Avast Antivirus
Malwarebytes
McAfee VirusScan
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome (83.0.4103.97)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamtray.exe
Intel iCLS Client AvastSvc.exe -?-
Avast Software Avast aswEngSrv.exe
AVAST Software Browser Update 1.7.915.0\AvastBrowserCrashHandler.exe
AVAST Software Browser Update 1.7.915.0\AvastBrowserCrashHandler64.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

 

[Cuteykat1701]

Farbar Service Scanner Version: 14-12-2019
Ran by mibut (administrator) on 11-06-2020 at 08:20:16
Running from "C:\Users\mibut\Downloads"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

[Cuteykat1701]

SFVRT produced no logs, said clean