Serveur minecraft

Récemment infecté – Aide sur la suppression des virus, chevaux de Troie, logiciels espions et programmes malveillants – Monter un serveur MineCraft

Le 27 mars 2020 - 79 minutes de lecture

Administrateur (S-1-5-21-3185253573-1872692611-2104222873-500 – Administrateur – désactivé)

Andre Castillo (S-1-5-21-3185253573-1872692611-2104222873-1001 – Administrateur – Activé) => C: Users Andre Castillo

DefaultAccount (S-1-5-21-3185253573-1872692611-2104222873-503 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-3185253573-1872692611-2104222873-504 – Limited – Disabled)

AV: Windows Defender (activé – à jour) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AS: Windows Defender (désactivé – à jour) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AS: Avast Antivirus (activé – à jour) 35C973AA-9ABB-D3CA-B100-B0DC0E5F2402

(Seuls les programmes publicitaires avec l'indicateur "Caché" peuvent être ajoutés à la liste de correctifs pour les afficher. Les programmes publicitaires doivent être désinstallés manuellement.)

Centre de commande Alienware (HKLM … D5BC2B54-1297-4765-ABF5-FE43ED0067DD) (Version: 4.5.16.0 – Dell Inc.) Masqué

Centre de commande Alienware (HKLM-x32 … InstallShield_ D5BC2B54-1297-4765-ABF5-FE43ED0067DD) (version: 4.5.16.0 – Dell Inc.)

Connexion client Alienware (HKLM-x32 … 4FA72FF9-DD64-43A8-8704-6380A11F11D5) (Version: 1.4.15.0 – Dell Inc.)

Alienware Digital Delivery (HKLM-x32 … AB7F2792-2ED1-4C5C-9F28-680E5110BF72) (Version: 3.1.1018.0 – Dell Products, LP)

Programme d'installation du logiciel d'amplificateur graphique Alienware (HKLM … 6AAC93BE-2E1D-4E49-8DDD-2DDF00AB4B33) (Version: 2.0.16.0 – Dell Inc.) Masqué

Programme d'installation du logiciel d'amplificateur graphique Alienware (HKLM-x32 … InstallShield_ 6AAC93BE-2E1D-4E49-8DDD-2DDF00AB4B33) (Version: 2.0.16.0 – Dell Inc.)

Affichage à l'écran Alienware (HKLM-x32 … 0D69462F-99CC-4F8D-942E-666E21CE59F8) (Version: 0.33.0.19C -) Masqué

Affichage à l'écran d'Alienware (HKLM-x32 … InstallShield_ 0D69462F-99CC-4F8D-942E-666E21CE59F8) (Version: 0.33.0.19C -)

ARMA 2 Army of The Czech Republic – Suppression du cache de données (HKLM-x32 … A2ACR Suppression du cache de données) (Version: -)

ARMA 2: Forces armées britanniques – Suppression du cache de données (HKLM-x32 … A2BAF Suppression du cache de données) (Version: -)

ARMA 2: Private Military Company – Suppression du cache de données (HKLM-x32 … A2PMC Suppression du cache de données) (Version: -)

Battlefield 4 ™ (HKLM-x32 … ABADE36E-EC37-413B-8179-B432AD3FACE7) (Version: 1.8.2.48475 – Electronic Arts)

Plugins Web Battlelog (HKLM-x32 … Plugins Web Battlelog) (Version: 2.3.0 – EA Digital Illusions CE AB)

Blender (HKLM … F343C69A-4ABA-434C-9C73-12A519D269CD) (Version: 2.80.0 – Blender Foundation)

Services Dell Foundation (HKLM … BDB50421-E961-42F3-B803-6DAC6F173834) (Version: 3.4.16100.0 – Dell Inc.)

DisplayDriverAnalyzer (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _DisplayDriverAnalyzer) (Version: 390.77 – NVIDIA Corporation) Masqué

EMSC (HKLM-x32 … FEF06E73-A519-4510-8CF3-B66041B91D8A) (Version: 0.0.0.28 – Compal Electronics, Inc.) Masqué

EMSC (HKLM-x32 … InstallShield_ FEF06E73-A519-4510-8CF3-B66041B91D8A) (Version: 0.0.0.28 – Compal Electronics, Inc.) Masqué

Sonar ESN (HKLM-x32 … Sonar ESN-0.70.4) (Version: 0.70.4 – ESN Social Software AB)

Protection des données en cas de chute libre (HKLM … 5141F653-8707-4B96-9349-247C66319C11) (Version: 1.1.2.8 – Kionix, Inc.)

Aide à la mise à jour Google (HKLM-x32 … 60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.441 – Google LLC) Masqué

Logiciel Intel® Chipset Device (HKLM-x32 … 60c073df-e736-4210-9c3a-5fc2b651cef3) (Version: 10.1.1.7 – Intel® Corporation) Masqué

Plateforme dynamique Intel® et infrastructure thermique (HKLM-x32 … 654EE65D-FAA4-4EA6-8C07-DC94E6A304D4) (Version: 8.2.10900.330 – Intel Corporation)

Composants du moteur de gestion Intel® (HKLM … 1CEAC85D-2590-4760-800F-8DE5E91F3700) (Version: 11.0.0.1173 – Intel Corporation)

Carte graphique du processeur Intel® (HKLM-x32 … F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 22.20.16.4836 – Intel Corporation)

Technologie de stockage rapide Intel® (HKLM … 409CB30E-E457-4008-9B1A-ED1B9EA21140) (Version: 14.8.9.1053 – Intel Corporation)

Intel® Security Assist (HKLM-x32 … 4B230374-6475-4A73-BA6E-41015E9C5013) (Version: 1.0.0.532 – Intel Corporation)

Java 8 Update 181 (HKLM-x32 … 26A24AE4-039D-4CA4-87B4-2F32180181F0) (Version: 8.0.1810.13 – Oracle Corporation)

Pilotes Killer (HKLM … EE85183F-5DC3-4A91-98B4-B922172F0DE3) (Version: 2.1.2907 – Rivet Networks)

Convertisseur LDD en POV-Ray (HKLM … 2D11259F-B441-4AF3-9B78-8A23AC27528F) (Version: 1.2.11 – Outils LDD)

LEGO Digital Designer (HKLM-x32 … New LEGO Digital Designer) (Version: – LEGO A / S)

Logitech Gaming Software 8.82 (HKLM … Logitech Gaming Software) (Version: 8.82.151 – Logitech Inc.)

Malwarebytes version 4.1.0.56 (HKLM … 35065F43-4BB2-439A-BFF7-0F1014F2E0CD _is1) (Version: 4.1.0.56 – Malwarebytes)

Microsoft Office Famille et Étudiant 2019 – fr-fr (HKLM … HomeStudent2019Retail – fr-fr) (Version: 16.0.12430.20288 – Microsoft Corporation)

Microsoft OneDrive (HKU S-1-5-21-3185253573-1872692611-2104222873-1001 … OneDriveSetup.exe) (Version: 19.232.1124.0008 – Microsoft Corporation)

Microsoft Visual C ++ 2005 redistribuable (HKLM-x32 … 7299052b-02a4-4627-81f2-1818da5d550d) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C ++ 2010 x64 redistribuable – 10.0.40219 (HKLM … 1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C ++ 2010 x86 redistribuable – 10.0.40219 (HKLM-x32 … F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C ++ 2012 Redistributable (x64) – 11.0.60610 (HKLM-x32 … a1909659-0a08-4554-8af1-2175904903a1) (Version: 11.0.60610.1 – Microsoft Corporation)

Microsoft Visual C ++ 2012 Redistributable (x86) – 11.0.60610 (HKLM-x32 … 95716cce-fc71-413f-8ad5-56c2892d4b3a) (Version: 11.0.60610.1 – Microsoft Corporation)

Microsoft Visual C ++ 2013 redistribuable (x64) – 12.0.30501 (HKLM-x32 … 050d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C ++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32 … f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C ++ 2015 Redistributable (x64) – 14.0.24212 (HKLM-x32 … 323dad84-0974-4d90-a1c1-e006c7fdbb7d) (Version: 14.0.24212.0 – Microsoft Corporation)

Microsoft Visual C ++ 2015 Redistributable (x86) – 14.0.24215 (HKLM-x32 … e2803110-78b3-4664-a479-3611a381656a) (Version: 14.0.24215.1 – Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32 … E3E71D07-CD27-46CB-8448-16D4FB29AA13) (Version: 3.0.5305.0 – Microsoft Corp.)

Accessoires Microsoft Xbox 360 1.2 (HKLM … D9C50188-12D5-4D3E-8F00-682346C2AA5F) (Version: 1.20.146.0 – Microsoft)

Minecraft (HKLM-x32 … 1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872) (Version: 1.0.3.0 – Mojang)

Lanceur Minecraft (HKLM-x32 … 810F1419-7760-402E-8772-B4054FAA2B72) (Version: 1.0.0.0 – Mojang)

Plugin NVAPI Monitor pour NvContainer (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _NvContainer.NvapiMonitor) (Version: 1.19 – NVIDIA Corporation) Masqué

NVIDIA GeForce Experience 3.20.2.34 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _Display.GFExperience) (Version: 3.20.2.34 – NVIDIA Corporation)

Logiciel système NVIDIA PhysX 9.17.0524 (HKLM … B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 _Display.PhysX) (Version: 9.17.0524 – NVIDIA Corporation)

Composant d'extensibilité d'Office 16 Click-to-Run (HKLM … 90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.12430.20288 – Microsoft Corporation) Masqué

Composant de licence d'Office 16 Click-to-Run (HKLM … 90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.12430.20184 – Microsoft Corporation) Masqué

Composant de localisation Démarrer en un clic Office 16 (HKLM … 90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.12430.20288 – Microsoft Corporation) Masqué

POV-Ray pour Windows v3.7 (HKU S-1-5-21-3185253573-1872692611-2104222873-1001 … POV-Ray pour Windows v3.7) (Version: 3.7 – Persistance de Vision Raytracer Pty Ltd.)

Lecture à distance PS4 (HKLM-x32 … 1F1AAC07-945B-451F-9CE6-1C7E7BB9CBF2) (Version: 1.0.0.15181 – Sony Interactive Entertainment Inc.)

Services PunkBuster (HKLM-x32 … PunkBusterSvc) (Version: 0.993 – Even Balance, Inc.)

Suite Bluetooth Qualcomm Atheros 61×4 (64) (HKLM … 628988B4-3FA5-4EA6-BAA3-DA640F6718BD) (Version: 12.0.0.102 – Qualcomm Atheros)

Skype ™ 7.40 (HKLM-x32 … 3B7E914A-93D5-4A29-92BB-AF8C3F66C431) (Version: 7.40.151 – Skype Technologies S.A.)

Sound Blaster Recon3Di (HKLM-x32 … ACC0DC90-EC1E-4614-A828-A65C63CEBC51) (Version: 1.01.09 – Creative Technology Limited)

Extras Sound Blaster Recon3Di (HKLM-x32 … C45E715E-442E-4D82-BD46-A08A0870957C) (Version: 1.0 – Creative Technology Limited)

Logiciel Thunderbolt ™ (HKLM-x32 … E265C71F-14DA-462C-A06A-CBA776B695F1) (Version: 15.2.32.250 – Intel Corporation)

Pavé tactile (HKLM … SynTPDeinstKey) (Version: 19.2.17.70 – Synaptics Incorporated)

Mise à jour pour Windows 10 pour systèmes x64 (KB4023057) (HKLM … 32DC821E-4A7D-4878-BEE8-337FA153D7F2) (Version: 2.63.0.0 – Microsoft Corporation) Masqué

Bibliothèques d'exécution Vulkan 1.0.33.0 (HKLM … VulkanRT1.0.33.0) (Version: 1.0.33.0 – LunarG, Inc.)

Vulkan Run Time Libraries 1.0.54.1 (HKLM … VulkanRT1.0.54.1) (Version: 1.0.54.1 – Intel Corporation Inc.) Masqué

Bibliothèques d'exécution Vulkan 1.0.54.1 (HKLM … VulkanRT1.0.54.1-2) (Version: 1.0.54.1 – Intel Corporation Inc.)

Vulkan Run Time Libraries 1.0.65.0 (HKLM … VulkanRT1.0.65.0) (Version: 1.0.65.0 – LunarG, Inc.) Masqué

Vulkan Run Time Libraries 1.0.65.1 (HKLM … VulkanRT1.0.65.1) (Version: 1.0.65.1 – LunarG, Inc.) Masqué

Vulkan Run Time Libraries 1.0.65.1 (HKLM … VulkanRT1.0.65.1-2) (Version: 1.0.65.1 – LunarG, Inc.) Masqué

Assistant de mise à jour Windows 10 (HKLM-x32 … D5C69738-B486-402E-85AC-2456D98A64E4) (Version: 1.4.9200.22866 – Microsoft Corporation)

Windows Driver Package – Kionix, Inc. (kiox_ff_driver) Périphériques d'E / S de capteur (10/09/2014 1.1.2.8) (HKLM … 8DF797456310A45326D5CA27FA380061A19FA127) (Version: 10/09/2014 1.1.2.8 – Kionix, Inc .)

Package de pilotes Windows – Kionix, Inc. kxdiskprot DiskDrive (10/09/2014 1.1.2.8) (HKLM … 7115C5B3174715E634D96D0883A6ACF1B11140A8) (Version: 10/09/2014 1.1.2.8 – Kionix, Inc.)

iTunes -> C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-01-30] (Apple Inc.) [Startup Task]

Centre de contrôle Killer -> C: Program Files WindowsApps RivetNetworks.KillerControlCenter_2.0.2369.0_x64__rh07ty8m5nkag [2019-11-18] (Rivet Networks LLC) [Startup Task]

Kit de développement logiciel (SDK) Microsoft Advertising pour XAML -> C: Program Files WindowsApps Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-18] (Microsoft Corporation) [MS Ad]

Kit de développement logiciel Microsoft Advertising pour XAML -> C: Program Files WindowsApps Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-18] (Microsoft Corporation) [MS Ad]

Microsoft News -> C: Program Files WindowsApps Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) [MS Ad]

Collection Microsoft Solitaire -> C: Program Files WindowsApps Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]

Tableau blanc Microsoft -> C: Program Files WindowsApps Microsoft.Whiteboard_20.10210.4823.0_x64__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation)

MSN Money -> C: Program Files WindowsApps Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]

MSN Sport -> C: Program Files WindowsApps Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]

Météo MSN -> C: Program Files WindowsApps Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) [MS Ad]

Twitter -> C: Program Files WindowsApps 9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-11-18] (Twitter Inc.)

WinZip Universal -> C: Program Files WindowsApps WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-11-18] (WinZip Computing)

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

ShellIconOverlayIdentifiers: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 => -> Aucun fichier

ShellIconOverlayIdentifiers: [00avast] -> 472083B0-C522-11CF-8763-00608CC02F24 => -> Aucun fichier

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C: Program Files WinRAR rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C: Program Files WinRAR rarext32.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C: Program Files Malwarebytes Anti-Malware mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C: WINDOWS System32 DriverStore FileRepository ki127176.inf_amd64_86c658cabfb17c9c igfxDTCM.dll [2018-03-22] (Éditeur de compatibilité matérielle Microsoft Windows -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C: WINDOWS system32 nvshext.dll [2018-03-08] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C: Program Files Malwarebytes Anti-Malware mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C: Program Files WinRAR rarext.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C: Program Files WinRAR rarext32.dll [2019-02-25] (win.rar GmbH -> Alexander Roshal)

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Drivers32: [vidc.VP60] => C: WINDOWS SysWOW64 vp6vfw.dll [447752 2008-09-05] (Arts électroniques -> On2.com)

HKLM … Drivers32: [vidc.VP61] => C: WINDOWS SysWOW64 vp6vfw.dll [447752 2008-09-05] (Arts électroniques -> On2.com)

2014-05-31 07:34 – 2014-05-31 07:34 – 000939008 _____ () [File not signed] C: WINDOWS SYSTEM32 EMSC.dll

2014-02-18 09:40 – 2014-02-18 09:40 – 000551936 _____ (Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Sound Blaster Recon3Di Sound Blaster Recon3Di Control Panel CTAudEp.dll

2015-02-05 11:56 – 2015-02-05 11:56 – 000067072 _____ (Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Sound Blaster Recon3Di Sound Blaster Recon3Di Control Panel CTGetPdt.dll

2011-09-16 15:04 – 2011-09-16 15:04 – 000238080 _____ (Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Sound Blaster Recon3Di Sound Blaster Recon3Di Control Panel CTLoadRs.dll

2012-09-05 14:45 – 2012-09-05 14:45 – 000251904 _____ (Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Sound Blaster Recon3Di Sound Blaster Recon3Di Control Panel HKDetect.dll

2010-04-03 05:12 – 2010-04-03 05:12 – 000217088 _____ (À FAIRE: ) [File not signed] C: Program Files (x86) Affichage à l'écran Alienware VistaLaterAPI.dll

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le "AlternateShell" sera restauré.)

HKLM SYSTEM CurrentControlSet Control SafeBoot Minimal MBAMService => "" = "Service"

HKLM SYSTEM CurrentControlSet Control SafeBoot Network MBAMService => "" = "Service"

2015-07-10 19:04 – 2019-01-08 18:26 – 000000889 _____ C: WINDOWS system32 drivers etc hosts

HKLM System CurrentControlSet Control Session Manager Environment \ Path -> C: Program Files (x86) Common Files Oracle Java javapath; C: ProgramData Oracle Java javapath; C: Program Fichiers (x86) Intel iCLS Client ; C: Program Files Intel iCLS Client ; C: Windows system32; C: Windows; C: Windows System32 Wbem; C: Windows System32 WindowsPowerShell v1.0 ; C: Program Files (x86) NVIDIA Corporation PhysX Common; C: WINDOWS system32; C: WINDOWS; C: WINDOWS System32 Wbem; C: WINDOWS System32 WindowsPowerShell v1.0 ; C: Program Files (x86) Intel Intel® Management Engine Components DAL; C: Program Files Intel Intel® Management Engine Components DAL; C: Program Files ( x86) Intel Intel® Management Engine Components IPT; C: Program Files Intel Intel® Management Engine Components IPT; C: Program Files (x86) Skype Phone ; C: WINDOWS System32 OpenSSH ; C: Program Files NVIDIA Corporation NVIDIA NvDLISR;% SystemRoot% system32;% SystemRoot%;% SystemRoot% System32 Wbem;% SYSTEMROOT% System32 WindowsPowerShell v1.0 ;% SYSTEM ROOT% System32 OpenSSH

HKU S-1-5-21-3185253573-1872692611-2104222873-1001 Control Panel Desktop \ Wallpaper -> C: Users Andre Castillo appdata local microsoft windows themes roamedthemefiles desktopbackground backgrounddefault .jpg

HKLM SOFTWARE Microsoft Windows CurrentVersion Policies System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM SOFTWARE Microsoft Windows CurrentVersion Explorer => (SmartScreenEnabled: RequireAdmin)

Le pare-feu Windows est activé.

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Règles de pare-feu: [457A11D7-285E-4637-983D-026235AD7BB1] => (Autoriser) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [337DD4AE-49ED-42D9-A690-9170ECDA85F4] => (Autoriser) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [38CAE446-3CD1-4AA2-ACCB-46A21055B85A] => (Autoriser) C: Program Files (x86) Steam Steam.exe (Valve -> Valve Corporation)

Règles de pare-feu: [653E76CE-3D11-4556-ACBA-85494DBEA46C] => (Autoriser) C: Program Files (x86) Steam Steam.exe (Valve -> Valve Corporation)

Règles de pare-feu: [764F334D-E146-48CD-AB66-8E82D6D367CF] => (Autoriser) C: Program Files NVIDIA Corporation NvContainer NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [0438BD36-2C70-4EC0-9C91-95342DF6EEA6] => (Autoriser) C: Program Files NVIDIA Corporation NvStreamSrv NvStreamUserAgent.exe Aucun fichier

Règles de pare-feu: [ABADF1EE-A9DB-4BE4-A010-82CD9BD5FE73] => (Autoriser) C: Program Files NVIDIA Corporation NvStreamSrv nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [344A64C3-4AA4-4820-BDFC-BB596090E7FB] => (Autoriser) C: Program Files NVIDIA Corporation NvStreamSrv nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [7FDB5E6C-93EE-4F6E-844E-6810BB24E23E] => (Autoriser) D: SteamLibrary steamapps common Besiege Besiege.exe Aucun fichier

Règles de pare-feu: [D8FCEE55-B6E0-4978-AD27-A15EEA0D801A] => (Autoriser) D: SteamLibrary steamapps common Besiege Besiege.exe Aucun fichier

Règles de pare-feu: [1D6A7C71-871D-4503-9A01-5E517236E2A2] => (Autoriser) C: Program Files (x86) Skype Phone Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

Règles de pare-feu: [625D1DA6-B84E-4172-85D3-CC836C376A26] => (Autoriser) C: Windows SysWOW64 PnkBstrA.exe (Even Balance, Inc. ->)

Règles de pare-feu: [C9D0B84A-8F07-4294-AFED-D8FB8AE0F1F8] => (Autoriser) C: Windows SysWOW64 PnkBstrA.exe (Even Balance, Inc. ->)

Règles de pare-feu: [02AAAB8F-570B-4897-A2B7-5574A1D6007B] => (Autoriser) C: Windows SysWOW64 PnkBstrB.exe (Even Balance, Inc. ->)

Règles de pare-feu: [B3FE12E2-4777-4B3A-99B4-0011A58C9277] => (Autoriser) C: Windows SysWOW64 PnkBstrB.exe (Even Balance, Inc. ->)

Règles de pare-feu: [774CDADA-82B9-4DBD-B54D-23A3731797F2] => (Autoriser) C: Program Files (x86) Battlelog Web Plugins Sonar 0.70.4 SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

Règles de pare-feu: [F68EBAFB-54D3-45CA-BF3A-10FED3A7177C] => (Autoriser) C: Program Files (x86) Battlelog Web Plugins Sonar 0.70.4 SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

Règles de pare-feu: [TCP Query UserBEFAF458-3C23-4437-AFA3-0DF3F5D7D615C:program fileslogitech gaming softwarelcore.exe] => (Autoriser) C: program files logitech gaming software lcore.exe (Logitech Inc -> Logitech Inc.)

Règles de pare-feu: [UDP Query User2BB4878E-B790-4B23-B07E-78E336D5B9BEC:program fileslogitech gaming softwarelcore.exe] => (Autoriser) C: program files logitech gaming software lcore.exe (Logitech Inc -> Logitech Inc.)

Règles de pare-feu: [20776510-EB0D-49CE-89A7-1CBC0CEE7985] => (Bloquer) C: program files logitech gaming software lcore.exe (Logitech Inc -> Logitech Inc.)

Règles de pare-feu: [55B5F932-0059-438B-8695-3AAFF16D330D] => (Bloquer) C: program files logitech gaming software lcore.exe (Logitech Inc -> Logitech Inc.)

Règles de pare-feu: [BB99557F-08F6-4AFE-815D-CF27DB7C795F] => (Autoriser) C: Program Files NVIDIA Corporation NvContainer NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [46D68EE0-DC1B-46FB-9B1E-F3180DEB1E47] => (Autoriser) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe (Valve -> Valve Corporation)

Règles de pare-feu: [96097D6E-8E4A-4C49-A730-482A0E08C03E] => (Autoriser) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe (Valve -> Valve Corporation)

Règles de pare-feu: [TCP Query User0D8EF9CA-0661-46E3-AA68-EC4551053FF8D:minecraftruntimejre-x64binjavaw.exe] => (Autoriser) D: minecraft runtime jre-x64 bin javaw.exe

Règles de pare-feu: [UDP Query UserD9041B6C-F59C-410D-9CAE-39863B7E08EBD:minecraftruntimejre-x64binjavaw.exe] => (Autoriser) D: minecraft runtime jre-x64 bin javaw.exe

Règles de pare-feu: [TCP Query User6A25779D-9F74-4688-8F23-CB6E81F38096D:minecraftruntimejre-x64binjavaw.exe] => (Bloquer) D: minecraft runtime jre-x64 bin javaw.exe

Règles de pare-feu: [UDP Query UserF379B533-EEA3-4120-A24F-B488F72E2CDBD:minecraftruntimejre-x64binjavaw.exe] => (Bloquer) D: minecraft runtime jre-x64 bin javaw.exe

Règles de pare-feu: [69ED74DE-DB7F-4E01-B7E9-2D0254E89F07] => (Autoriser) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [7700EBFE-68D8-43E9-96CC-DA09A7C94080] => (Autoriser) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [ED59A1CA-1E89-4393-B91C-5306452684B7] => (Autoriser) C: Program Files NVIDIA Corporation NvStreamSrv nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [2DE07190-D439-4AED-946D-B5F05299387D] => (Autoriser) C: Program Files NVIDIA Corporation NvStreamSrv nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

Règles de pare-feu: [D7BE4230-613D-4EB7-A2BD-8B8A57F8CCBF] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa iTunes.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [AC676B14-7C65-4B06-8C45-D57AA9F7F9A2] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa iTunes.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [E5536871-A352-4883-B5D9-300D89889603] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa iTunes.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [F92A11C5-9F74-4C1B-872F-F0CB99A6F69A] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa iTunes.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [1BD139E7-D7D3-4BDB-A145-CF10265BEACB] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa AMDS64 AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [9CEF2299-03A9-4095-86A6-DDD48114D06C] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa AMDS64 AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [4DB46891-48F9-48BD-B9BD-78EFAB420697] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa AMDS64 AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [C68BACC0-7453-4981-89EF-F9540837A31E] => (Autoriser) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa AMDS64 AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

Règles de pare-feu: [0B4E6681-9D21-4EBC-BCE9-E6BFC7273DED] => (Autoriser) C: Program Files (x86) Google Chrome Application chrome.exe (Google LLC -> Google LLC)

Description: svchost (1664, R, 98) TILEREPOSITORYS-1-5-18: Une erreur -1023 (0xfffffc01) s'est produite lors de l'ouverture du fichier journal C: WINDOWS system32 config systemprofile AppData Local TileDataLayer Database EDB.log .

Description: svchost (3872, R, 98) TILEREPOSITORYS-1-5-18: Une erreur -1023 (0xfffffc01) s'est produite lors de l'ouverture du fichier journal C: WINDOWS system32 config systemprofile AppData Local TileDataLayer Database EDB.log .

Description: svchost (8620, R, 98) TILEREPOSITORYS-1-5-18: Une erreur -1023 (0xfffffc01) s'est produite lors de l'ouverture du fichier journal C: WINDOWS system32 config systemprofile AppData Local TileDataLayer Database EDB.log .

Description: svchost (740, R, 98) TILEREPOSITORYS-1-5-18: Une erreur -1023 (0xfffffc01) s'est produite lors de l'ouverture du fichier journal C: WINDOWS system32 config systemprofile AppData Local TileDataLayer Database EDB.log .

Description: svchost (5132, R, 98) TILEREPOSITORYS-1-5-18: Une erreur -1023 (0xfffffc01) s'est produite lors de l'ouverture du fichier journal C: WINDOWS system32 config systemprofile AppData Local TileDataLayer Database EDB.log .

Description: échec de la gestion de PowerEvent. L'erreur qui s'est produite est la suivante: System.ArgumentOutOfRangeException: l'intervalle de temporisation doit être inférieur à 2 ^ 32-2.

à System.Threading.Timer..ctor (rappel TimerCallback, état de l'objet, TimeSpan dueTime, période TimeSpan)

à OTBSurvey.OTBSurveyService.OnPowerEvent (PowerBroadcastStatus powerStatus)

à System.ServiceProcess.ServiceBase.DeferredPowerEvent (Int32 eventType, IntPtr eventData).

Description: svchost (8596, R, 98) TILEREPOSITORYS-1-5-18: Une erreur -1023 (0xfffffc01) s'est produite lors de l'ouverture du fichier journal C: WINDOWS system32 config systemprofile AppData Local TileDataLayer Database EDB.log .

Description: échec de la gestion de PowerEvent. L'erreur qui s'est produite est la suivante: System.ArgumentOutOfRangeException: l'intervalle de temporisation doit être inférieur à 2 ^ 32-2.

à System.Threading.Timer..ctor (rappel TimerCallback, état de l'objet, TimeSpan dueTime, période TimeSpan)

à OTBSurvey.OTBSurveyService.OnPowerEvent (PowerBroadcastStatus powerStatus)

à System.ServiceProcess.ServiceBase.DeferredPowerEvent (Int32 eventType, IntPtr eventData).

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

Erreur: (03/10/2020 01:39:46 PM) (Source: DCOM) (EventID: 10010) (Utilisateur: DESKTOP-RRL5N62)

Description: le serveur AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 ne s'est pas enregistré auprès de DCOM dans le délai requis.

L'analyse de Windows Defender Antivirus a été arrêtée avant la fin.

L'antivirus Windows Defender a détecté des logiciels malveillants ou d'autres logiciels potentiellement indésirables.

Security Intelligence Version: AV: 1.311.845.0, AS: 1.311.845.0, NIS: 1.311.845.0

L'antivirus Windows Defender a détecté des logiciels malveillants ou d'autres logiciels potentiellement indésirables.

Security Intelligence Version: AV: 1.311.845.0, AS: 1.311.845.0, NIS: 1.311.845.0

L'antivirus Windows Defender a détecté des logiciels malveillants ou d'autres logiciels potentiellement indésirables.

Security Intelligence Version: AV: 1.311.845.0, AS: 1.311.845.0, NIS: 1.311.845.0

L'antivirus Windows Defender a détecté des logiciels malveillants ou d'autres logiciels potentiellement indésirables.

Security Intelligence Version: AV: 1.311.845.0, AS: 1.311.845.0, NIS: 1.311.845.0

Windows Defender Antivirus a rencontré une erreur lors de la mise à jour des informations de sécurité.

Description de l'erreur: un problème inattendu s'est produit lors de la vérification des mises à jour. Pour plus d'informations sur l'installation ou le dépannage des mises à jour, voir Aide et support.

Windows Defender Antivirus a rencontré une erreur lors de la mise à jour des informations de sécurité.

Description de l'erreur: un problème inattendu s'est produit lors de la vérification des mises à jour. Pour plus d'informations sur l'installation ou le dépannage des mises à jour, voir Aide et support.

Windows Defender Antivirus a rencontré une erreur lors de la mise à jour des informations de sécurité.

Windows Defender Antivirus a rencontré une erreur lors de la mise à jour des informations de sécurité.

Windows Defender Antivirus a rencontré une erreur lors de la mise à jour des informations de sécurité.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 FlightSettings.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 FlightSettings.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 FlightSettings.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 FlightSettings.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 dsreg.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 dsreg.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 aepic.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

L'intégrité du code ne peut pas vérifier l'intégrité de l'image du fichier Device HarddiskVolume3 Windows System32 aepic.dll car l'ensemble de hachages d'image par page est introuvable sur le système.

\? Volume cb975aed-ff6c-45c4-b52f-fa36e5a1ed03 () (Fixe) (Total: 0,93 Go) (Gratuit: 0,35 Go) NTFS

\? Volume 0eb483b3-af24-4873-9329-bbd6af139aa9 (Image) (Fixe) (Total: 11,61 Go) (Gratuit: 0,39 Go) NTFS

\? Volume 39cd8f65-209b-4ebc-aab7-73d85d0e745b (ESP) (Fixe) (Total: 0,48 Go) (Gratuit: 0,46 Go) FAT32

Partition: GPT.

Partition: GPT.

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020

Ran par Andre Castillo (administrateur) sur DESKTOP-RRL5N62 (Alienware Alienware 17 R3) (10-03-2020 16:26:42)

Exécution à partir de C: Users Andre Castillo Downloads

Profils chargés: Andre Castillo (Profils disponibles: Andre Castillo & DefaultAppPool)

Plateforme: Windows 10 Home Version 1903 18362.657 (X64) Langue: anglais (États-Unis)

Navigateur par défaut: Chrome

Mode de démarrage: Normal

==================== Processus (sur liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Apple Inc.) C: Program Files WindowsApps AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa AMDS64 AppleMobileDeviceProcess.exe

(Compal electronic, inc -> Compal Inc.) C: Program Files (x86) Alienware On-Screen Display AlienwareOn-ScreenDisplay.exe

(Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Shared Files CTAudSvc.exe

(Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Sound Blaster Recon3Di Sound Blaster Recon3Di Control Panel CTJckCfg.exe

(Creative Technology Ltd) [File not signed] C: Program Files (x86) Creative Sound Blaster Recon3Di Sound Blaster Recon3Di Control Panel SBRcni.exe

(Dell Inc -> Dell Inc.) C: Program Files (x86) Dell Customer Connect DCCService.exe

(Dell Inc -> Dell) C: Program Files Alienware Dell Foundation Services DFS.Common.Agent.exe

(Dell Inc -> Dell) C: Program Files Alienware Dell Foundation Services DFSSvc.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AlienFusionController.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AlienFusionService.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AlienwareAlienFXController.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AlienwareTactXMacroController.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AWCCApplicationWatcher32.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AWCCApplicationWatcher64.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Command Center AWCCServiceController.exe

(Dell Inc. -> Alienware) C: Program Files Alienware Graphics Amplifier GraphicsAmplifierWindowsService.exe

(Even Balance, Inc. ->) C: Windows System32 PnkBstrA.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.35.442GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.35.442GoogleCrashHandler64.exe

(Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe

(Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe

(Intel Corporation – pGFX -> Intel Corporation) C:WindowsSystem32IntelDPTFesif_uf.exe

(Intel Corporation -> Intel Corporation) C:WindowsTempDPTFesif_assist_64.exe

(Intel Corporation) [File not signed] C:Program Files (x86)IntelIntel® Security Assistisa.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryki127176.inf_amd64_86c658cabfb17c9cigfxCUIService.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryki127176.inf_amd64_86c658cabfb17c9cigfxEM.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryki127176.inf_amd64_86c658cabfb17c9cIntelCpHDCPSvc.exe

(Intel® pGFX -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryki127176.inf_amd64_86c658cabfb17c9cIntelCpHeciSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe

(Logitech Inc -> Logitech Inc.) C:Program FilesLogitech Gaming SoftwareDriversAPOServiceLogiRegistryService.exe

(Logitech Inc -> Logitech Inc.) C:Program FilesLogitech Gaming SoftwareLCore.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Xbox 360 AccessoriesXBoxStat.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersAndre CastilloAppDataLocalMicrosoftOneDriveOneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SecurityHealthHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SecurityHealthHost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32usocoreworker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32usocoreworker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystemAppsMicrosoft.Windows.SecHealthUI_cw5n1h2txyewySecHealthUI.exe

(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:WindowsSysWOW64CtHdaSvc.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2001.10-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2001.10-0NisSrv.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe

(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:WindowsSystem32driversQcomWlanSrvx64.exe

(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:WindowsSystem32driversAdminService.exe

(Rivet Networks LLC -> CloudBees, Inc.) C:WindowsSystem32driversRivetNetworksKillerxTendUtilityService.exe

(Rivet Networks LLC -> Rivet Networks LLC) C:WindowsSystem32driversRivetNetworksKillerxTendUtility.exe

(Rivet Networks LLC -> Rivet Networks) C:WindowsSystem32driversRivetNetworksKillerKillerNetworkService.exe

(Rivet Networks LLC) C:Program FilesWindowsAppsRivetNetworks.KillerControlCenter_2.0.2369.0_x64__rh07ty8m5nkagKillerControlCenter_v1KillerControlCenter.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [Command Center Controllers] => C:Program FilesAlienwareCommand CenterAWCCStartupOrchestrator.exe [35576 2015-07-01] (Dell Inc. -> Alienware)

HKLM…Run: [Launch LCore] => C:Program FilesLogitech Gaming SoftwareLCore.exe [15642744 2016-03-31] (Logitech Inc -> Logitech Inc.)

HKLM…Run: [XboxStat] => C:Program FilesMicrosoft Xbox 360 AccessoriesXboxStat.exe [825184 2009-10-01] (Microsoft Corporation -> Microsoft Corporation)

HKLM…Run: [IAStorIcon] => C:Program FilesIntelIntel® Rapid Storage TechnologyIAStorIcon.exe [322120 2016-04-28] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM-x32…Run: [UpdReg] => C:WINDOWSUpdReg.EXE [90112 2000-05-10] (Creative Technology Ltd.) [File not signed]

HKLM-x32…Run: [AlienwareOn-ScreenDisplay] => C:Program Files (x86)Alienware On-Screen DisplayAlienwareOn-ScreenDisplay.exe [3746560 2015-04-02] (Compal electronic ,inc -> Compal Inc.)

HKLM-x32…Run: [Sound Blaster Recon3Di SBX Control Panel] => C:Program Files (x86)CreativeSound Blaster Recon3DiSound Blaster Recon3Di Control PanelSBRcni.exe [1131008 2015-08-19] (Creative Technology Ltd) [File not signed]

HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)

HKUS-1-5-21-3185253573-1872692611-2104222873-1001…Run: [EADM] => "D:OriginOrigin.exe" -AutoStart

HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChromeApplication80.0.3987.132Installerchrmstp.exe [2020-03-04] (Google LLC -> Google LLC)

FF HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: 092CA119-CB86-4EB8-AF20-B8DCD28672CA – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2001.10-0MpCmdRun.exe [473544 2020-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: 1A9B244B-588F-4E3B-AF7D-059410EDCCCB – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [158760 2020-02-23] (Microsoft Corporation -> Microsoft Corporation)

Task: 1C07F587-6461-4063-AD9C-BB85C6DF69A5 – System32TasksMicrosoftOfficeOfficeBackgroundTaskHandlerLogon => C:Program FilesMicrosoft OfficerootOffice16officebackgroundtaskhandler.exe [2018616 2020-02-23] (Microsoft Corporation -> Microsoft Corporation)

Task: 1C564741-4C91-4133-B080-43149D4CDB63 – System32TasksNvTmRep_CrashReport1_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 425BC84F-843B-4A90-A100-3B4F7E20279F – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [158760 2020-02-23] (Microsoft Corporation -> Microsoft Corporation)

Task: 4B37484D-D22C-4986-8473-0FA885E747FA – System32TasksNvTmRep_CrashReport4_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 593BBABF-9E3B-4365-9063-724F37ADDB15 – System32TasksIntelThunderboltStart Thunderbolt application on login if service is up => c:Program Files (x86)IntelThunderbolt Software\Thunderbolt.exe [346792 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation)

Task: 72DA1BC2-CAC4-4F03-B055-82A29A592811 – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)

Task: 779F91E0-3061-4CCA-8B42-0EA56A07A4A6 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2001.10-0MpCmdRun.exe [473544 2020-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: 7BE8E5F8-086D-4B5D-902D-039C43251D60 – System32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 7C9AAE07-38E5-40F0-80F1-B20B76030DEB – System32TasksAVAST SoftwareAvast settings backup => C:Program FilesCommon FilesAVavast! Antivirusbackup.exe

Task: 84086D34-67C1-42A7-9681-E444395BDDF0 – System32TasksNvNodeLauncher_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 857E955B-CE01-4D65-A4F1-A1F993E0E2A7 – System32TasksIntelThunderboltStart Thunderbolt application when hardware is detected => c:Program Files (x86)IntelThunderbolt Software\Thunderbolt.exe [346792 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation)

Task: 889C1B18-2D6C-4E72-879F-512793B3318C – System32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 89C52290-F80E-45C8-A3C6-9E351C43FD61 – System32TasksNvTmRep_CrashReport3_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 900DFF0B-4D2E-4838-AA9E-FBDC02DFD3FA – System32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 9BAF8AF5-7E1E-4994-80AD-062DD86EDCDA – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2018-09-08] (Google Inc -> Google Inc.)

Task: 9F15D2A2-A16A-4DEA-B2EE-B24C0202A0FE – System32TasksNvProfileUpdaterOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: A3770A0E-74ED-41F8-AF12-38E1A0933BB4 – System32TasksNvTmRep_CrashReport2_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: B47C7DBB-EF4C-4371-BE21-F818F0E0279E – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2001.10-0MpCmdRun.exe [473544 2020-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: BB634146-327C-4529-9010-A277E206AA3E – System32TasksIntelThunderboltStart Thunderbolt service on boot if driver is up => c:Program Files (x86)IntelThunderbolt Software\tbtsvc.exe [1723048 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation)

Task: C39DBB8E-C5C4-4915-9822-D5FDFD79AE3C – System32TasksIntelThunderboltStart Thunderbolt service when hardware is detected => sc.exe start ThunderboltService

Task: CEFFAAEB-BC56-4998-BF20-1966DFDC1A59 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2001.10-0MpCmdRun.exe [473544 2020-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: D0E69F64-3FC5-4B79-9635-BD1701A78518 – System32TasksNvProfileUpdaterDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: EBA22348-6D2F-489C-A0F6-F7074E7F4E1F – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)

Task: ED3618BC-038E-4D8D-8627-63D54D2049C1 – System32TasksMicrosoftOfficeOfficeBackgroundTaskHandlerRegistration => C:Program FilesMicrosoft OfficerootOffice16officebackgroundtaskhandler.exe [2018616 2020-02-23] (Microsoft Corporation -> Microsoft Corporation)

Task: F32748B1-F78C-4039-92B6-47970190D567 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2018-09-08] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

TcpipParameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip..Interfaces4d9ecbe7-b9a0-4348-8f96-4560ae37f9bc: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip..Interfaces835a0bab-7042-447f-8587-be7e38784bd4: [DhcpNameServer] 192.168.0.1 192.168.2.1

Tcpip..Interfacesf4011c81-01c4-4ead-8072-d47f096e46de: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:

==================

HKUS-1-5-21-3185253573-1872692611-2104222873-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKUS-1-5-21-3185253573-1872692611-2104222873-1001SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE

HKUS-1-5-21-3185253573-1872692611-2104222873-1001SoftwareMicrosoftInternet ExplorerMain,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-au

SearchScopes: HKUS-1-5-21-3185253573-1872692611-2104222873-1001 -> DefaultScope 298CA0C3-68BB-4F30-A02D-E0A218EE1876 URL =

BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2020-01-27] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program Files (x86)Javajre1.8.0_181binssv.dll [2018-09-06] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program Files (x86)Javajre1.8.0_181binjp2ssv.dll [2018-09-06] (Oracle America, Inc. -> Oracle Corporation)

Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-02-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

========

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2020-01-27] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:Program Files (x86)Battlelog Web PluginsSonar.70.4npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:Program Files (x86)Battlelog Web Plugins2.3.0npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:Program Files (x86)Javajre1.8.0_181bindtpluginnpDeployJava1.dll [2018-09-06] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:Program Files (x86)Javajre1.8.0_181binplugin2npjp2.dll [2018-09-06] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2020-01-27] (Microsoft Corporation -> Microsoft Corporation)

Chrome:

=======

CHR Profile: C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefault [2020-03-10]

CHR Extension: (Slides) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-09-08]

CHR Extension: (Docs) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2018-09-08]

CHR Extension: (Google Drive) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2018-09-08]

CHR Extension: (YouTube) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-08]

CHR Extension: (Adblock Plus – free ad blocker) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb [2020-02-20]

CHR Extension: (Sheets) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-09-08]

CHR Extension: (Google Docs Offline) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-27]

CHR Extension: (Malwarebytes Browser Guard) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2020-03-10]

CHR Extension: (Chrome Web Store Payments) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]

CHR Extension: (Gmail) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]

CHR Extension: (Chrome Media Router) – C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-29]

CHR Profile: C:UsersAndre CastilloAppDataLocalGoogleChromeUser DataSystem Profile [2020-01-26]

CHR HKLM-x32…ChromeExtension: [daanglpcpkjjlkhcbladppjphglbigam]

CHR HKLM-x32…ChromeExtension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AlienFusionService; C:Program FilesAlienwareCommand CenterAlienFusionService.exe [37624 2015-07-01] (Dell Inc. -> Alienware)

R2 AtherosSvc; C:WINDOWSSystem32driversAdminService.exe [424288 2018-05-22] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [6076936 2018-08-23] (BattlEye Innovations e.K. -> )

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [11096648 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)

R2 CTAudSvcService; c:Program Files (x86)CreativeShared FilesCTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]

R2 CtHdaSvc; C:WINDOWSsysWow64CtHdaSvc.exe [133640 2016-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)

R2 Dell Customer Connect; C:Program Files (x86)Dell Customer ConnectDCCService.exe [130936 2016-12-21] (Dell Inc -> Dell Inc.)

R2 Dell Foundation Services; C:Program FilesAlienwareDell Foundation ServicesDFSSvc.exe [97616 2017-01-11] (Dell Inc -> Dell)

R2 esifsvc; C:WINDOWSSystem32IntelDPTFesif_uf.exe [1585784 2016-06-03] (Intel Corporation – pGFX -> Intel Corporation)

R2 GraphicsAmplifierWindowsService; C:Program FilesAlienwareGraphics AmplifierGraphicsAmplifierWindowsService.exe [36112 2015-07-24] (Dell Inc. -> Alienware)

S3 Intel® Capability Licensing Service TCP IP Interface; C:Program FilesInteliCLS ClientSocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel® Corporation)

R3 Intel® Security Assist; C:Program Files (x86)IntelIntel® Security Assistisa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]

S3 ioloEnergyBooster; C:Program FilesAlienwareCommand CenterioloEnergyBooster.exe [6145872 2012-11-02] (iolo technologies, LLC -> iolo technologies, LLC)

S2 isaHelperSvc; C:Program Files (x86)IntelIntel® Security AssistisaHelperService.exe [7680 2015-05-20] () [File not signed]

R2 jhi_service; C:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exe [207648 2015-10-16] (Intel Corporation – Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R2 Killer Network Service; C:WINDOWSSystem32driversRivetNetworksKillerKillerNetworkService.exe [2671216 2019-03-08] (Rivet Networks LLC -> Rivet Networks)

S3 KNDBWM; C:WINDOWSSystem32driversRivetNetworksKillerKNDBWMService.exe [72800 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)

R2 LogiRegistryService; C:Program FilesLogitech Gaming SoftwareDriversAPOServiceLogiRegistryService.exe [193656 2016-03-31] (Logitech Inc -> Logitech Inc.)

R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6933272 2020-03-02] (Malwarebytes Inc -> Malwarebytes)

R2 NvContainerLocalSystem; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvContainerNetworkService; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)

R2 PnkBstrA; C:Windowssystem32PnkBstrA.exe [76152 2016-01-01] (Even Balance, Inc. -> )

R2 QcomWlanSrv; C:WINDOWSSystem32driversQcomWlanSrvx64.exe [191768 2019-04-24] (Qualcomm Atheros -> Qualcomm Technologies Inc.)

R2 SynTPEnhService; C:Program FilesSynapticsSynTPSynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)

S3 ThunderboltService; c:Program Files (x86)IntelThunderbolt Softwaretbtsvc.exe [1723048 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2001.10-0NisSrv.exe [3285864 2020-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2001.10-0MsMpEng.exe [103168 2020-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 xTendSoftAPService; C:WINDOWSSystem32driversRivetNetworksKillerxTendSoftAPService.exe [72808 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)

R2 xTendUtilityService; C:WINDOWSSystem32driversRivetNetworksKillerxTendUtilityService.exe [72816 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)

R2 NVDisplay.ContainerLocalSystem; "C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log" -l 3 -d "C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem" -r -p 30000

S2 NvTelemetryContainer; "C:Program FilesNVIDIA CorporationNvTelemetryNvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:ProgramDataNVIDIANvTelemetryContainer.log" -l 3 -d "C:Program FilesNVIDIA CorporationNvTelemetryplugins" -r

S3 Origin Client Service; "D:OriginOriginClientService.exe" [X]

S2 Origin Web Helper Service; "D:OriginOriginWebHelperService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)

R3 cbfs3; C:WINDOWSSystem32driverscbfs3.sys [352144 2012-06-07] (EldoS Corporation -> EldoS Corporation)

R3 cthda; C:WINDOWSsystem32driverscthda.sys [1076008 2016-03-17] (Creative Technology Ltd -> Creative Technology Ltd)

S3 DDDriver; C:WINDOWSsystem32driversDDDriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)

S3 DellProf; C:WINDOWSsystem32driversDellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)

R3 DellRbtn; C:WINDOWSSystem32driversDellRbtn.sys [19440 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)

S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

R3 dptf_acpi; C:WINDOWSSystem32driversdptf_acpi.sys [70208 2016-05-19] (Intel Corporation -> Intel Corporation)

R3 dptf_cpu; C:WINDOWSSystem32driversdptf_cpu.sys [65088 2016-05-19] (Intel Corporation -> Intel Corporation)

R3 e2xw10x64; C:WINDOWSSystem32driverse2xw10x64.sys [164816 2018-11-26] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)

R0 EMSC; C:WINDOWSSystem32driversEMSC.SYS [36424 2015-07-14] (Microsoft Windows Hardware Compatibility Publisher -> )

R0 EMSC; C:WindowsSysWOW64driversEMSC.SYS [33864 2015-07-14] (Microsoft Windows Hardware Compatibility Publisher -> )

R3 esif_lf; C:WINDOWSSystem32driversesif_lf.sys [343608 2016-05-19] (Intel Corporation -> Intel Corporation)

R3 KfeCoSvc; C:WINDOWSSystem32driversRivetNetworksKillerKfeCo10X64.sys [151688 2019-03-08] (Rivet Networks LLC -> Rivet Networks, LLC.)

R3 kiox_ff_driver; C:WINDOWSSystem32driverskiox_ff_driver.sys [32736 2014-10-10] (Kionix Inc -> Kionix, Inc.)

R0 kxdiskprot; C:WINDOWSSystem32DRIVERSkxdiskprot.sys [30664 2014-10-10] (Kionix Inc -> Kionix, Inc.)

S3 ladfGSS; C:WINDOWSsystem32driversladfGSS.sys [45208 2016-03-05] (Logitech Inc -> Logitech Inc.)

R3 LGBusEnum; C:WINDOWSsystem32driversLGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)

R2 LGCoreTemp; C:Program FilesLogitech Gaming SoftwareDriversLgCoreTemplgcoretemp.sys [14184 2015-06-22] (Logitech -> Logitech)

R3 LGJoyXlCore; C:WINDOWSsystem32driversLGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)

S3 lgLowAudio; C:WINDOWSsystem32driverslgLowAudio.sys [26264 2015-11-21] (Logitech Inc -> Logitech Inc.)

S3 LGSHidFilt; C:WINDOWSsystem32DRIVERSLGSHidFilt.Sys [64280 2013-05-31] (Logitech -> Logitech Inc.)

R3 LGVirHid; C:WINDOWSsystem32driversLGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [214496 2020-02-12] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [20936 2020-03-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248968 2020-03-03] (Malwarebytes Inc -> Malwarebytes)

R3 nvlddmkm; C:WINDOWSSystem32DriverStoreFileRepositorynvdm.inf_amd64_e565bb9db9e93f47nvlddmkm.sys [17147136 2018-04-13] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvhci; C:WINDOWSSystem32driversnvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)

R3 Qcamain10x64; C:WINDOWSSystem32driversQcamain10x64.sys [2371864 2019-04-24] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)

R3 RTSPER; C:WINDOWSsystem32DRIVERSRtsPer.sys [761600 2015-09-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)

R3 SmbDrvI; C:WINDOWSsystem32DRIVERSSmb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)

S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [45960 2020-03-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [376544 2020-03-02] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [53984 2020-03-02] (Microsoft Windows -> Microsoft Corporation)

R3 XtuAcpiDriver; C:WINDOWSSystem32driversXtuAcpiDriver.sys [63840 2016-02-25] (Intel® Software -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-10 16:25 – 2020-03-10 16:25 – 000000000 ____D C:UsersAndre CastilloDownloadsFRST-OlderVersion

2020-03-02 18:10 – 2020-03-03 17:36 – 000248968 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2020-02-19 21:53 – 2020-02-19 21:53 – 000000000 ____D C:ProgramDatassh

2020-02-19 16:36 – 2020-02-19 16:36 – 025444352 _____ (Microsoft Corporation) C:WINDOWSsystem32Hydrogen.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 019813376 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramWorld.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 005502464 _____ (Microsoft Corporation) C:WINDOWSsystem32cdp.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 004470272 _____ (Microsoft Corporation) C:WINDOWSsystem32xpsrchvw.exe

2020-02-19 16:36 – 2020-02-19 16:36 – 004308480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cdp.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 004129416 _____ (Microsoft Corporation) C:WINDOWSsystem32mfcore.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 003525592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfcore.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 003365376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64xpsrchvw.exe

2020-02-19 16:36 – 2020-02-19 16:36 – 002493720 _____ (Microsoft Corporation) C:WINDOWSsystem32msmpeg2vdec.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 002314952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msmpeg2vdec.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 002230232 _____ (Microsoft Corporation) C:WINDOWSsystem32mfasfsrcsnk.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001835128 _____ (Microsoft Corporation) C:WINDOWSsystem32mfsrcsnk.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001610240 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramCompositor.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001541632 _____ (Microsoft Corporation) C:WINDOWSsystem32wbengine.exe

2020-02-19 16:36 – 2020-02-19 16:36 – 001489064 _____ (Microsoft Corporation) C:WINDOWSsystem32mfsvr.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001417760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfsrcsnk.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001272360 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfasfsrcsnk.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001151816 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmpeg2srcsnk.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001105776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfsvr.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 001098720 _____ (Microsoft Corporation) C:WINDOWSsystem32DolbyDecMFT.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 000952416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DolbyDecMFT.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 000890368 _____ (Microsoft Corporation) C:WINDOWSsystem32HolographicExtensions.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 000537608 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mf.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 000516544 _____ (Microsoft Corporation) C:WINDOWSsystem32mf.dll

2020-02-19 16:36 – 2020-02-19 16:36 – 000444928 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrv.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 025900032 _____ (Microsoft Corporation) C:WINDOWSsystem32edgehtml.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 022635008 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 019850240 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgehtml.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 018026496 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 017787904 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 009929016 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 008013824 _____ (Microsoft Corporation) C:WINDOWSsystem32mstscax.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 007905208 _____ (Microsoft Corporation) C:WINDOWSsystem32windows.storage.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 007754752 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 007600448 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 007263992 _____ (Microsoft Corporation) C:WINDOWSsystem32shell32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 007259648 _____ (Microsoft Corporation) C:WINDOWSsystem32ieframe.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 007017472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mstscax.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 006519752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 006435840 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 006284800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieframe.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 006231200 _____ (Microsoft Corporation) C:WINDOWSsystem32StartTileData.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 006167552 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 006083832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windows.storage.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 005912064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakra.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 005764664 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shell32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 005112320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64twinui.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 005041664 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 004856832 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 004615376 _____ (Microsoft Corporation) C:WINDOWSexplorer.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 004575232 _____ (Microsoft Corporation) C:WINDOWSsystem32msi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 004562896 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 004538880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wininet.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 004470784 _____ (Microsoft Corporation) C:WINDOWSsystem32InputService.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 004348616 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 004005888 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeContent.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003967888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64explorer.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 003820032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003792384 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003728896 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 003703296 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003590968 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 003550208 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003484672 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003372440 _____ (Microsoft Corporation) C:WINDOWSsystem32combase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003263488 _____ (Microsoft Corporation) C:WINDOWSsystem32tquery.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003243080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 003110400 _____ (Microsoft Corporation) C:WINDOWSsystem32wuaueng.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002988552 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 002870272 _____ (Microsoft Corporation) C:WINDOWSsystem32mssrch.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002861568 _____ (Microsoft Corporation) C:WINDOWSsystem32xpsservices.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002800128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 002773776 _____ (Microsoft Corporation) C:WINDOWSsystem32iertutil.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002766088 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb

2020-02-19 16:35 – 2020-02-19 16:35 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb

2020-02-19 16:35 – 2020-02-19 16:35 – 002714624 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 002703872 _____ (Microsoft Corporation) C:WINDOWSsystem32WebRuntimeManager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002584008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64combase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002561536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tquery.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002305536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssrch.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002284544 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.onecore.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002260176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iertutil.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002225160 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngine.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002125904 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002084576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002071552 _____ (Microsoft Corporation) C:WINDOWSsystem32ISM.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 002032128 _____ C:WINDOWSsystem32rdpnano.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001999960 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001942016 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001916744 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AudioEng.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001858560 _____ (Microsoft Corporation) C:WINDOWSsystem32urlmon.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001841152 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001830200 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpserverbase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001757096 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2020-02-19 16:35 – 2020-02-19 16:35 – 001748480 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.desktop.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001743680 _____ (Microsoft Corporation) C:WINDOWSsystem32sppobjs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001726480 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001693184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64urlmon.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001687040 _____ (Microsoft Corporation) C:WINDOWSsystem32XpsPrint.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001664696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001664680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001657856 _____ (Microsoft Corporation) C:WINDOWSsystem32lsasrv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001655880 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001602560 _____ (Microsoft Corporation) C:WINDOWSsystem32dosvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001562424 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpserverbase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001540096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpcorets.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001512320 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001505592 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpbase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001482040 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndis.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 001481216 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpsharercom.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001480192 _____ (Microsoft Corporation) C:WINDOWSsystem32usocoreworker.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001413912 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001412096 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettings.Handlers.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001398584 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001394168 _____ (Microsoft Corporation) C:WINDOWSsystem32WinTypes.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001372160 _____ (Microsoft Corporation) C:WINDOWSsystem32NotificationController.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001366128 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2020-02-19 16:35 – 2020-02-19 16:35 – 001319936 _____ (Microsoft Corporation) C:WINDOWSsystem32webplatstorageserver.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001300280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 001284096 _____ (Microsoft Corporation) C:WINDOWSsystem32werconcpl.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001283592 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi

2020-02-19 16:35 – 2020-02-19 16:35 – 001273856 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpcore.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001260544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpsharercom.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001218120 _____ (Microsoft Corporation) C:WINDOWSsystem32ClipUp.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001216000 _____ (Microsoft Corporation) C:WINDOWSsystem32sdclt.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001214976 _____ (Microsoft Corporation) C:WINDOWSsystem32reseteng.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001213752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpbase.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001195008 _____ (Microsoft Corporation) C:WINDOWSsystem32sdengin2.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001182232 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001170960 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcrt4.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001154448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AudioSes.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001149928 _____ (Microsoft Corporation) C:WINDOWSsystem32ApplyTrustOffline.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001097216 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Immersive.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001084216 _____ (Microsoft Corporation) C:WINDOWSsystem32ReAgent.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001083904 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001083392 _____ (Microsoft Corporation) C:WINDOWSsystem32clusapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001080832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpcore.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001077264 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 001060352 _____ (Microsoft Corporation) C:WINDOWSsystem32termsrv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001051448 _____ (Microsoft Corporation) C:WINDOWSsystem32pidgenx.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001026792 _____ (Microsoft Corporation) C:WINDOWSsystem32ClipSVC.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001009664 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 001000960 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.Internal.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000996352 _____ (Microsoft Corporation) C:WINDOWSsystem32sysmain.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000974336 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000949248 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthSSO.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000928120 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthService.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000923136 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeManager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000916480 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Core.TextInput.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000913408 _____ (Microsoft Corporation) C:WINDOWSsystem32rasmans.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000904504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ReAgent.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000895488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Immersive.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000892488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WinTypes.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000891736 _____ (Microsoft Corporation) C:WINDOWSsystem32ci.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000882688 _____ (Microsoft Corporation) C:WINDOWSsystem32CPFilters.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000875448 _____ (Microsoft Corporation) C:WINDOWSsystem32wer.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000874296 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000864256 _____ (Microsoft Corporation) C:WINDOWSsystem32netlogon.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000857088 _____ C:WINDOWSsystem32MBR2GPT.EXE

2020-02-19 16:35 – 2020-02-19 16:35 – 000852480 _____ (Microsoft Corporation) C:WINDOWSsystem32ieproxy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000851968 _____ (Microsoft Corporation) C:WINDOWSsystem32SearchIndexer.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000843776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webplatstorageserver.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000839680 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000824848 _____ (Microsoft Corporation) C:WINDOWSsystem32NetSetupEngine.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000805376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64clusapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000804872 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvhdmp.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000803840 _____ (Microsoft Corporation) C:WINDOWSsystem32bisrv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000788992 _____ (Microsoft Corporation) C:WINDOWSsystem32msfeeds.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000784384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000783480 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000782848 _____ (Microsoft Corporation) C:WINDOWSsystem32wifinetworkmanager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000774664 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000768488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rpcrt4.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000758800 _____ (Microsoft Corporation) C:WINDOWSsystem32wimgapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000750080 _____ (Microsoft Corporation) C:WINDOWSsystem32ActivationManager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000749568 _____ (Microsoft Corporation) C:WINDOWSsystem32FrameServer.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000747320 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000737280 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.System.Launcher.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000735744 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEndpointBuilder.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000732200 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_StorageSense.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000727040 _____ (Microsoft Corporation) C:WINDOWSsystem32agentactivationruntime.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000716288 _____ (Microsoft Corporation) C:WINDOWSsystem32agentactivationruntimewindows.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000705536 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9diag.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000704512 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.FileExplorer.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000685056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000679368 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wer.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000678928 _____ (Microsoft Corporation) C:WINDOWSsystem32StructuredQuery.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000673080 _____ (Microsoft Corporation) C:WINDOWSsystem32comctl32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000670720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SearchIndexer.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000667136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msfeeds.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000667136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EdgeManager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000663552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netlogon.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000661816 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversafd.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000646656 _____ (Microsoft Corporation) C:WINDOWSsystem32cdpsvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000642008 _____ (Microsoft Corporation) C:WINDOWSsystem32TextInputFramework.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000637968 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorport.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000637440 _____ (Microsoft Corporation) C:WINDOWSsystem32twinapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000629760 _____ (Microsoft Corporation) C:WINDOWSsystem32ipnathlp.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000623104 _____ (Microsoft Corporation) C:WINDOWSsystem32resutils.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000617784 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000610816 _____ (Microsoft Corporation) C:WINDOWSsystem32netprofmsvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000605184 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000599552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ActivationManager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000598528 _____ (Microsoft Corporation) C:WINDOWSsystem32webio.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000597816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wimgapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000589592 _____ (Microsoft Corporation) C:WINDOWSsystem32audiodg.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000587064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64NetSetupEngine.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000578560 _____ (Microsoft Corporation) C:WINDOWSsystem32SppExtComObj.Exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000568120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64comctl32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000562176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9diag.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000558592 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Notifications.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000545432 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.MediaControl.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000542288 _____ (Microsoft Corporation) C:WINDOWSSysWOW64StructuredQuery.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000535552 _____ (Microsoft Corporation) C:WINDOWSsystem32usosvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000530432 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000521728 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.System.Launcher.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000518456 _____ (Microsoft Corporation) C:WINDOWSsystem32WerFault.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000516648 _____ (Microsoft Corporation) C:WINDOWSsystem32wimserv.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000516096 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotificationUx.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000512000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64twinapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000510768 _____ (Microsoft Corporation) C:WINDOWSsystem32systemreset.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000500736 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl

2020-02-19 16:35 – 2020-02-19 16:35 – 000497152 _____ (Microsoft Corporation) C:WINDOWSsystem32werui.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000494080 _____ (Microsoft Corporation) C:WINDOWSsystem32defragsvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000490496 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.FileExplorer.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000490496 _____ (Microsoft Corporation) C:WINDOWSsystem32profsvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000486912 _____ (Microsoft Corporation) C:WINDOWSsystem32puiobj.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000486400 _____ (Microsoft Corporation) C:WINDOWSsystem32srcore.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS

2020-02-19 16:35 – 2020-02-19 16:35 – 000476672 _____ (Microsoft Corporation) C:WINDOWSSysWOW64resutils.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000475648 _____ (Microsoft Corporation) C:WINDOWSsystem32DscCore.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000469504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webio.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000467952 _____ (Microsoft Corporation) C:WINDOWSsystem32Faultrep.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000465208 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000464384 _____ (Microsoft Corporation) C:WINDOWSsystem32cloudAP.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000459896 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotifyIcon.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000456192 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.ApplicationModel.ConversationalAgent.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000453432 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WerFault.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000450560 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpclip.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000443904 _____ (Microsoft Corporation) C:WINDOWSsystem32edgeIso.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000441144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000441072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.MediaControl.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000437776 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000435200 _____ (Microsoft Corporation) C:WINDOWSsystem32wincorlib.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000430080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64werui.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000422912 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpencom.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000422008 _____ (Microsoft Corporation) C:WINDOWSsystem32SgrmEnclave_secure.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000421376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl

2020-02-19 16:35 – 2020-02-19 16:35 – 000416056 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversClasspnp.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000415808 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000407040 _____ (Microsoft Corporation) C:WINDOWSsystem32DispBroker.Desktop.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000405632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Faultrep.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32SearchProtocolHost.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000400696 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversclfs.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000399360 _____ (Microsoft Corporation) C:WINDOWSsystem32iedkcs32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000392192 _____ (Microsoft Corporation) C:WINDOWSsystem32Search.ProtocolHandler.MAPI2.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000384000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64puiobj.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000375504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AUDIOKSE.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000370688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieproxy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000369504 _____ (Microsoft Corporation) C:WINDOWSsystem32BCP47Langs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000368128 _____ (Microsoft Corporation) C:WINDOWSsystem32mssvp.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000366416 _____ (Microsoft Corporation) C:WINDOWSsystem32mfsensorgroup.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000355840 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicSvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000353280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpencom.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000350720 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_SpeechPrivacy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000345088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iedkcs32.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SearchProtocolHost.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000335448 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000327680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgeIso.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000324616 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000324608 _____ (Microsoft Corporation) C:WINDOWSsystem32FSClient.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000324096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpviewerax.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000311096 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthAgent.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000309248 _____ (Microsoft Corporation) C:WINDOWSsystem32tapisrv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000308736 _____ (Microsoft Corporation) C:WINDOWSsystem32msIso.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000307712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wincorlib.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000300392 _____ (Microsoft Corporation) C:WINDOWSsystem32skci.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000299520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssvp.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000296760 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssdbus.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000291328 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceDirectoryClient.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000285184 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicCapsule.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000283136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Search.ProtocolHandler.MAPI2.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000282112 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.AppDefaults.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000281088 _____ (Microsoft Corporation) C:WINDOWSsystem32msutb.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000277504 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_CapabilityAccess.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000274464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BCP47Langs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000270848 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpviewerax.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000268800 _____ (Microsoft Corporation) C:WINDOWSsystem32rstrui.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000266752 _____ (Microsoft Corporation) C:WINDOWSsystem32DAFMCP.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000259984 _____ (Microsoft Corporation) C:WINDOWSsystem32logoncli.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000256000 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateDeploymentProvider.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000252928 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tapisrv.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000251904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msIso.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000250880 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000249344 _____ (Microsoft Corporation) C:WINDOWSsystem32srrstr.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000247856 _____ (Microsoft Corporation) C:WINDOWSsystem32weretw.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000240640 _____ (Microsoft Corporation) C:WINDOWSsystem32SearchFilterHost.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000228864 _____ (Microsoft Corporation) C:WINDOWSsystem32ie4uinit.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000226816 _____ (Microsoft Corporation) C:WINDOWSsystem32netprofm.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000225792 _____ (Microsoft Corporation) C:WINDOWSsystem32wersvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000224768 _____ (Microsoft Corporation) C:WINDOWSsystem32DWWIN.EXE

2020-02-19 16:35 – 2020-02-19 16:35 – 000222208 _____ (Microsoft Corporation) C:WINDOWSsystem32Winlangdb.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000220984 _____ (Microsoft Corporation) C:WINDOWSsystem32wermgr.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000217600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msutb.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32rdsdwmdr.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000211968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SearchFilterHost.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000210744 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000209920 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhosdeployment.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000204800 _____ (Microsoft Corporation) C:WINDOWSsystem32mssph.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000203776 _____ (Microsoft Corporation) C:WINDOWSsystem32regapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000201728 _____ (Microsoft Corporation) C:WINDOWSsystem32puiapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000201728 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXApplicabilityBlob.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000199480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wermgr.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32Win32CompatibilityAppraiserCSP.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000194560 _____ (Microsoft Corporation) C:WINDOWSsystem32recdisc.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000194064 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdumpsd.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000193800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64weretw.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000190464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64regapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000190256 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000186880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DWWIN.EXE

2020-02-19 16:35 – 2020-02-19 16:35 – 000186880 _____ (Microsoft Corp.) C:WINDOWSsystem32Defrag.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000186672 _____ (Microsoft Corporation) C:WINDOWSsystem32BCP47mrm.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000184832 _____ (Microsoft Corporation) C:WINDOWSsystem32AarSvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000183808 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngOnline.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000179720 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversksecpkg.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000172032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64puiapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000165832 _____ (Microsoft Corporation) C:WINDOWSsystem32WerFaultSecure.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000160768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssph.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000158208 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Winlangdb.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000157696 _____ (Microsoft Corporation) C:WINDOWSsystem32dssvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000155648 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_AppExecutionAlias.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000155136 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000152064 _____ (Microsoft Corporation) C:WINDOWSsystem32fdWSD.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000151552 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_BackgroundApps.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000150536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WerFaultSecure.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000149504 _____ (Microsoft Corporation) C:WINDOWSsystem32sdrsvc.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000147456 _____ (Microsoft Corporation) C:WINDOWSsystem32mssprxy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000143872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SpatialAudioLicenseSrv.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000143160 _____ (Microsoft Corporation) C:WINDOWSsystem32NetSetupApi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000139776 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakrathunk.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000138752 _____ (Microsoft Corporation) C:WINDOWSsystem32InputLocaleManager.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000135168 _____ (Microsoft Corporation) C:WINDOWSsystem32musdialoghandlers.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000133464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BCP47mrm.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000132624 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinelsa.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000130560 _____ (Microsoft Corporation) C:WINDOWSsystem32globinputhost.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000128528 _____ (Microsoft Corporation) C:WINDOWSsystem32wifitask.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000128512 _____ (Microsoft Corporation) C:WINDOWSsystem32usoapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000128512 _____ (Microsoft Corporation) C:WINDOWSsystem32mssitlb.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000127280 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000126976 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fdWSD.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000125440 _____ (Microsoft Corporation) C:WINDOWSsystem32sdshext.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000123904 _____ (Microsoft Corporation) C:WINDOWSsystem32ApplicationControlCSP.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000123392 _____ (Microsoft Corporation) C:WINDOWSsystem32wercplsupport.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000119808 _____ (Microsoft Corporation) C:WINDOWSsystem32DafPrintProvider.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000119296 _____ (Microsoft Corporation) C:WINDOWSsystem32compstui.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000117264 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbindflt.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000117248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000113152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssitlb.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000112128 _____ (Microsoft Corporation) C:WINDOWSsystem32NetDriverInstall.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000108544 _____ (Microsoft Corporation) C:WINDOWSsystem32fdSSDP.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000107832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64NetSetupApi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000107008 _____ (Microsoft Corporation) C:WINDOWSsystem32DevicePairingExperienceMEM.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000106808 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthProxyStub.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000105472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakrathunk.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000105472 _____ (Microsoft Corporation) C:WINDOWSsystem32dfrgui.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000099712 _____ (Microsoft Corporation) C:WINDOWSsystem32FsIso.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000097280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64compstui.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000097080 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpudd.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000096768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64globinputhost.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000095232 _____ (Microsoft Corporation) C:WINDOWSsystem32msfeedsbs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000093496 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000092160 _____ (Microsoft Corporation) C:WINDOWSsystem32wsqmcons.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000090624 _____ (Microsoft Corporation) C:WINDOWSsystem32tsgqec.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000090624 _____ (Microsoft Corporation) C:WINDOWSsystem32keyiso.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000089912 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000089600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dfrgui.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000089328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000089088 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicAgent.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000088576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fdSSDP.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000088576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DafPrintProvider.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000088352 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32EditBufferTestHook.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000084992 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthSystray.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000084496 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000080896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64NetDriverInstall.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000079872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msfeedsbs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000077824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64usoapi.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000077824 _____ (Microsoft Corporation) C:WINDOWSsystem32CustomInstallExec.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000072816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64remoteaudioendpoint.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000071480 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000070144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tsgqec.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000069120 _____ (Microsoft Corporation) C:WINDOWSsystem32UsoClient.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000066560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64keyiso.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000066560 _____ (Microsoft Corporation) C:WINDOWSsystem32findnetprinters.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000065536 _____ (Microsoft Corporation) C:WINDOWSsystem32iemigplugin.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32printui.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000063488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iemigplugin.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000063488 _____ (Microsoft Corporation) C:WINDOWSsystem32rtutils.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000063288 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthHost.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000062464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64printui.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000060416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssprxy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32msscntrs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000059392 _____ (Microsoft Corporation) C:WINDOWSsystem32UserLanguageProfileCallback.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000059221 _____ C:WINDOWSsystem32srms.dat

2020-02-19 16:35 – 2020-02-19 16:35 – 000058880 _____ C:WINDOWSsystem32runexehelper.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32wups2.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32SrTasks.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000057344 _____ (Microsoft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000053248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64findnetprinters.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000052736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtutils.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000048640 _____ (Microsoft Corporation) C:WINDOWSsystem32mcicda.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000047208 _____ (Microsoft Corporation) C:WINDOWSsystem32wuauclt.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000046592 _____ (Microsoft Corporation) C:WINDOWSsystem32Websocket.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000046080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msscntrs.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000045056 _____ (Microsoft Corporation) C:WINDOWSsystem32npmproxy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000044544 _____ (Microsoft Corporation) C:WINDOWSsystem32werdiagcontroller.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000044032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64UserLanguageProfileCallback.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000042512 _____ (Microsoft Corporation) C:WINDOWSsystem32SysResetErr.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000041472 _____ (Microsoft Corporation) C:WINDOWSsystem32WordBreakers.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000038912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64werdiagcontroller.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000038400 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mcicda.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000037392 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswimmount.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000036864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Websocket.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000034304 _____ (Microsoft Corporation) C:WINDOWSsystem32mciwave.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000032056 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdpvideominiport.sys

2020-02-19 16:35 – 2020-02-19 16:35 – 000030208 _____ (Microsoft Corporation) C:WINDOWSsystem32mciseq.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000029696 _____ (Microsoft Corporation) C:WINDOWSsystem32nlmproxy.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000028672 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicPS.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000027648 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mciwave.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimsg.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32msimsg.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000024064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mciseq.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000021520 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000020944 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64cpu.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000019768 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngine.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000017920 _____ (Microsoft Corporation) C:WINDOWSsystem32icsunattend.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000017920 _____ (Microsoft Corporation) C:WINDOWSsystem32bindflt.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000017408 _____ (Microsoft Corporation) C:WINDOWSsystem32nlmsprep.dll

2020-02-19 16:35 – 2020-02-19 16:35 – 000015360 _____ (Microsoft Corporation) C:WINDOWSsystem32msfeedssync.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000013824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msfeedssync.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000013312 _____ (Microsoft Corporation) C:WINDOWSsystem32dstokenclean.exe

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth9.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth12.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth11.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth10.bin

2020-02-19 16:35 – 2020-02-19 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin

2020-02-19 16:30 – 2020-02-19 16:30 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe

2020-02-19 16:30 – 2020-02-19 16:30 – 000390656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe

2020-02-12 18:10 – 2020-02-12 18:10 – 000214496 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-10 16:27 – 2020-01-24 21:58 – 000036439 _____ C:UsersAndre CastilloDownloadsFRST.txt

2020-03-10 16:27 – 2018-09-06 17:25 – 000000000 ___DC C:FRST

2020-03-10 16:25 – 2020-01-24 21:57 – 002279936 ____C (Farbar) C:UsersAndre CastilloDownloadsFRST64 (1).exe

2020-03-10 16:14 – 2019-03-19 12:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2020-03-10 14:54 – 2019-09-22 13:05 – 000004186 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-88C9237E-5E62-46F8-BB64-C5315C1552DD

2020-03-10 14:52 – 2015-11-17 15:32 – 000000000 ___RD C:UsersAndre CastilloOneDrive

2020-03-10 14:37 – 2017-08-22 17:34 – 000000000 ____D C:ProgramDataNVIDIA

2020-03-10 14:35 – 2015-11-17 15:30 – 000000000 __SHD C:UsersAndre CastilloIntelGraphicsProfiles

2020-03-10 13:00 – 2019-03-19 12:50 – 000000000 ____D C:WINDOWSINF

2020-03-09 23:40 – 2019-09-22 12:49 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2020-03-09 17:49 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSAppReadiness

2020-03-05 19:39 – 2019-03-19 12:52 – 000000000 ___HD C:Program FilesWindowsApps

2020-03-04 08:59 – 2018-09-08 21:15 – 000002317 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2020-03-04 08:59 – 2018-09-08 21:15 – 000002276 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2020-03-03 17:45 – 2019-09-22 13:06 – 000974076 _____ C:WINDOWSsystem32PerfStringBackup.INI

2020-03-03 17:36 – 2019-09-22 13:05 – 000000006 ____H C:WINDOWSTasksSA.DAT

2020-03-02 20:08 – 2016-06-27 18:09 – 000000000 ____D C:UsersAndre CastilloAppDataLocalElevatedDiagnostics

2020-03-02 18:10 – 2019-07-03 21:36 – 000153312 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2020-03-02 18:10 – 2019-07-03 21:36 – 000020936 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2020-03-02 18:10 – 2019-07-03 21:36 – 000002037 _____ C:UsersPublicDesktopMalwarebytes.lnk

2020-03-02 00:07 – 2018-03-02 22:01 – 000000000 ____D C:WINDOWSsystem32Driverswd

2020-02-29 09:32 – 2016-01-24 20:39 – 000000000 ____D C:UsersAndre CastilloAppDataLocalCrashDumps

2020-02-27 20:00 – 2017-11-22 16:46 – 000000000 ____D C:UsersAndre CastilloAppDataLocalPackages

2020-02-23 22:51 – 2020-01-27 19:16 – 000000000 ____D C:Program FilesMicrosoft Office

2020-02-23 20:06 – 2016-04-30 22:23 – 000000000 ____D C:UsersAndre CastilloAppDataRoaming.minecraft

2020-02-19 22:18 – 2019-09-22 12:49 – 000297176 _____ C:WINDOWSsystem32FNTCACHE.DAT

2020-02-19 22:18 – 2017-11-22 17:25 – 000000000 ___RD C:UsersAndre Castillo3D Objects

2020-02-19 22:18 – 2015-10-01 04:34 – 000000000 __RHD C:UsersPublicAccountPictures

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ___RD C:WINDOWSPrintDialog

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSSysWOW64oobe

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSSysWOW64Dism

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSSystemResources

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32oobe

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSsystem32Dism

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSShellExperiences

2020-02-19 21:53 – 2019-03-19 12:52 – 000000000 ____D C:WINDOWSbcastdvr

2020-02-19 21:53 – 2019-03-19 12:37 – 000786432 _____ C:WINDOWSsystem32configBBI

2020-02-19 21:53 – 2019-03-19 12:37 – 000000000 ____D C:WINDOWSservicing

2020-02-19 19:57 – 2019-03-19 12:52 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2020-02-19 17:39 – 2019-09-22 13:05 – 000003398 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3185253573-1872692611-2104222873-1001

2020-02-19 17:39 – 2019-09-22 12:57 – 000002410 _____ C:UsersAndre CastilloAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2020-02-19 16:40 – 2019-03-19 12:37 – 000000000 ____D C:WINDOWSCbsTemp

2020-02-19 16:39 – 2015-12-13 14:19 – 000000000 ____D C:WINDOWSsystem32MRT

2020-02-19 16:38 – 2015-12-13 14:19 – 120407888 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2020-02-18 19:35 – 2019-06-04 16:27 – 000002209 _____ C:UsersAndre CastilloDesktopScale Model.txt

2020-02-17 20:22 – 2015-10-01 04:14 – 000000000 ____D C:Program Files (x86)Steam

2020-02-13 17:50 – 2016-10-17 09:45 – 000000000 ____D C:UsersAndre CastilloDesktopModels

2020-02-12 23:24 – 2019-09-22 12:57 – 000000000 ____D C:UsersAndre Castillo

==================== Files in the root of some directories ========

2016-04-12 10:34 – 2016-07-20 19:10 – 000000241 _____ () C:UsersAndre CastilloAppDataRoamingbluerender.ini

2016-05-21 15:31 – 2016-05-21 15:31 – 000007602 _____ () C:UsersAndre CastilloAppDataLocalResmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.