Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2020
Ran by Fam (administrator) on DESKTOP-V6IOICE (Gigabyte Technology Co., Ltd. AB350M-DS3H) (21-03-2020 14:47:12)
Running from C:\Users\Fam\Downloads
Loaded Profiles: Fam (Available Profiles: Fam)
Platform: Windows 10 Pro Version 1903 18362.720 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Fam\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> The OpenVPN Project) C:\Program Files (x86)\NordVPN\Resources\Binaries\64bit\openvpn-nordvpn.exe
(Wireshark Foundation, Inc. -> The Wireshark developer community) C:\Program Files\Wireshark\dumpcap.exe
(Wireshark Foundation, Inc. -> The Wireshark developer community, hxxps://www.wireshark.org/) C:\Program Files\Wireshark\Wireshark.exe
(Wireshark Foundation, Inc. -> The Wireshark developer community, hxxps://www.wireshark.org/) C:\Program Files\Wireshark\Wireshark.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-03-06] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3290851689-1691938394-1071503787-1002\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1824800 2020-03-18] (TEFINCOM S.A. -> NordVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {695B22A1-653D-4BFE-841F-F0ECDE53725B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-20] (Google LLC -> Google LLC)
Task: {962F012A-7E8D-47E3-8747-A53CA282CD1E} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {AE8C10AB-E18F-4177-B4F8-302CBE9D7C27} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61F77D5E-AFE9-400B-A5E6-E9E80FC8E601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {B2DB6C17-2AE2-447E-AD0A-EB40E332C321} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-20] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{54f3ecc9-7521-469f-9876-52340b527076}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{917ae6b5-10d1-4d65-bcc5-18d2639cd4bf}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Internet Explorer:
==================
Edge:
======
DownloadDir: C:\Users\Fam\Downloads
Chrome:
=======
CHR Profile: C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default [2020-03-21]
CHR Extension: (Slides) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-20]
CHR Extension: (Docs) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-20]
CHR Extension: (Google Drive) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-20]
CHR Extension: (YouTube) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-20]
CHR Extension: (Sheets) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-20]
CHR Extension: (Google Docs Offline) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-20]
CHR Extension: (Gmail) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-20]
CHR Extension: (Chrome Media Router) - C:\Users\Fam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-03-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-03-06] (ESET, spol. s r.o. -> ESET)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [236576 2020-03-18] (TEFINCOM S.A. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16647736 2020-02-24] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154328 2020-03-06] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106840 2020-03-06] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188872 2020-03-06] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [53048 2020-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79520 2020-03-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115960 2020-03-06] (ESET, spol. s r.o. -> ESET)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [69744 2019-12-17] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-18] (Microsoft Windows -> Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2019-03-18] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-06-13] (TEFINCOM S.A. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-03-21] (Adlice -> )
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-21 14:46 - 2020-03-21 14:46 - 000016438 _____ C:\Users\Fam\Downloads\Addition.txt
2020-03-21 14:44 - 2020-03-21 14:47 - 000013240 _____ C:\Users\Fam\Downloads\FRST.txt
2020-03-21 14:43 - 2020-03-21 14:47 - 000000000 ____D C:\FRST
2020-03-21 14:43 - 2020-03-21 14:43 - 002279936 _____ (Farbar) C:\Users\Fam\Downloads\FRST64.exe
2020-03-21 13:04 - 2020-03-21 13:04 - 005941372 _____ C:\Users\Fam\Desktop\03212020_6.pcapng
2020-03-21 12:39 - 2020-03-21 12:39 - 003475420 _____ C:\Users\Fam\Desktop\03212020_5.pcapng
2020-03-21 11:55 - 2020-03-21 11:55 - 000220844 _____ C:\Users\Fam\Desktop\03212020_4.pcapng
2020-03-21 11:46 - 2020-03-21 11:46 - 001188484 _____ C:\Users\Fam\Desktop\03212020_3.pcapng
2020-03-21 11:36 - 2020-03-21 11:36 - 000877288 _____ C:\Users\Fam\Desktop\03212020_2.pcapng
2020-03-21 11:16 - 2020-03-21 11:16 - 002550892 _____ C:\Users\Fam\Desktop\03212020.pcapng
2020-03-21 10:44 - 2020-03-21 11:37 - 000000000 ____D C:\Users\Fam\AppData\Roaming\Wireshark
2020-03-21 10:40 - 2020-03-21 10:40 - 000003186 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2020-03-21 10:40 - 2020-03-21 10:40 - 000001841 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2020-03-21 10:40 - 2020-03-21 10:40 - 000001829 _____ C:\Users\Public\Desktop\Wireshark.lnk
2020-03-21 10:40 - 2020-03-21 10:40 - 000001829 _____ C:\ProgramData\Desktop\Wireshark.lnk
2020-03-21 10:40 - 2020-03-21 10:40 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
2020-03-21 10:40 - 2020-03-21 10:40 - 000000000 ____D C:\WINDOWS\system32\Npcap
2020-03-21 10:40 - 2020-03-21 10:40 - 000000000 ____D C:\Program Files\Npcap
2020-03-21 10:39 - 2020-03-21 10:41 - 000000000 ____D C:\Program Files\Wireshark
2020-03-21 10:39 - 2020-03-21 10:39 - 060064040 _____ (Wireshark development team) C:\Users\Fam\Downloads\Wireshark-win64-3.2.2.exe
2020-03-21 10:30 - 2020-03-21 10:30 - 000028272 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-03-21 10:30 - 2020-03-21 10:30 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-03-21 10:30 - 2020-03-21 10:30 - 000000899 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-03-21 10:30 - 2020-03-21 10:30 - 000000000 ____D C:\ProgramData\RogueKiller
2020-03-21 10:30 - 2020-03-21 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-03-21 10:30 - 2020-03-21 10:30 - 000000000 ____D C:\Program Files\RogueKiller
2020-03-21 10:29 - 2020-03-21 10:30 - 047658504 _____ (Adlice Software ) C:\Users\Fam\Downloads\RogueKiller_setup.exe
2020-03-21 10:19 - 2020-03-21 10:19 - 000000000 ____D C:\Users\Fam\AppData\Local\PeerDistRepub
2020-03-20 21:07 - 2020-03-21 10:10 - 000000000 ____D C:\Users\Fam\AppData\Local\D3DSCache
2020-03-20 14:47 - 2020-03-20 14:01 - 000000000 ____D C:\Windows.old
2020-03-20 14:46 - 2020-03-20 14:47 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-03-20 14:45 - 2020-03-20 14:46 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-03-20 14:45 - 2020-03-20 14:45 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-03-20 14:43 - 2020-03-20 14:43 - 000000000 ____D C:\ProgramData\USOShared
2020-03-20 14:43 - 2020-03-20 14:43 - 000000000 ____D C:\ProgramData\ssh
2020-03-20 14:41 - 2020-03-20 14:41 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-20 14:41 - 2020-03-20 14:41 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-20 14:41 - 2020-03-20 14:41 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2020-03-20 14:41 - 2020-03-20 14:41 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-03-20 14:41 - 2020-03-20 14:41 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-03-20 14:41 - 2020-03-20 14:41 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-03-20 14:41 - 2020-03-20 14:41 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-03-20 14:41 - 2020-03-20 14:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-03-20 14:40 - 2020-03-20 14:40 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005848840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-20 14:40 - 2020-03-20 14:40 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-20 14:40 - 2020-03-20 14:40 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-20 14:40 - 2020-03-20 14:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-20 14:40 - 2020-03-20 14:40 - 002743808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-03-20 14:40 - 2020-03-20 14:40 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002369552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-03-20 14:40 - 2020-03-20 14:40 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001718584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001616696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-03-20 14:40 - 2020-03-20 14:40 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001531656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-20 14:40 - 2020-03-20 14:40 - 001387024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-03-20 14:40 - 2020-03-20 14:40 - 001305608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll