Serveur minecraft

Chrome Pop up malware? – Aide à la suppression des virus, chevaux de Troie, logiciels espions et programmes malveillants – Monter un serveur MineCraft

Le 5 avril 2020 - 121 minutes de lecture

Voici les journaux merci pour l'aide:

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020

Animé par Ewen (administrateur) sur DESKTOP-UHT0G8L (Gigabyte Technology Co., Ltd. Z270X-DESIGNARE) (31-03-2020 08:55:33)

Exécution à partir de C: Users Claude Desktop

Profils chargés: Ewen (Profils disponibles: defaultuser0 & Ewen)

Plateforme: Windows 10 Home Version 1903 18362.720 (X64) Langue: anglais (États-Unis)

Navigateur par défaut: Chrome

Mode de démarrage: Normal

==================== Processus (sur liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

() [File not signed] C: Program Files (x86) Gigabyte AppCenter AdjustService.exe

(Adobe Inc. -> Adobe Systems) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent DiscoverySrv.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent ProductAgentService.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free bdagent.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free bdredline.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free updatesrv.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free vsserv.exe

(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free vsservppl.exe

(Corsair Components, Inc. -> Corsair Components, Inc.) C: Program Files (x86) Corsair Corsair Utility Engine CUE.exe

(Discord Inc. -> Discord Inc.) C: Users Claude AppData Local Discord app-0.0.306 Discord.exe

(Discord Inc. -> Discord Inc.) C: Users Claude AppData Local Discord app-0.0.306 Discord.exe

(Discord Inc. -> Discord Inc.) C: Users Claude AppData Local Discord app-0.0.306 Discord.exe

(Discord Inc. -> Discord Inc.) C: Users Claude AppData Local Discord app-0.0.306 Discord.exe

(Discord Inc. -> Discord Inc.) C: Users Claude AppData Local Discord app-0.0.306 Discord.exe

(Discord Inc. -> Discord Inc.) C: Users Claude AppData Local Discord app-0.0.306 Discord.exe

(GIGA-BYTE TECHNOLOGY CO., LTD. ->) C: Program Files (x86) Gigabyte AppCenter ApCent.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler64.exe

(Groupe des sous-systèmes et blocs IP intégrés Intel® -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe

(Groupe des sous-systèmes intégrés Intel et des blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe

(Intel® Network Platform Group -> Intel Corporation) C: Windows System32 IPROSetMonitor.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorDataMgrSvc.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C: Program Files Intel Intel® Rapid Storage Technology IAStorIcon.exe

(Technologie de stockage rapide Intel® -> Intel Corporation) C: Windows System32 DriverStore FileRepository iastorac.inf_amd64_11139e42ea3f60f6 RstMwService.exe

(Kristjan Skutta ->) C: Program Files (x86) Steam steamapps common wallpaper_engine wallpaper32.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbam.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Fichiers communs Microsoft shared ClickToRun OfficeClickToRun.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe Microsoft.Photos.exe

(Microsoft Corporation) C: Program Files WindowsApps microsoft.windowscommunicationsapps_16005.12624.20296.0_x64__8wekyb3d8bbwe HxOutlook.exe

(Microsoft Corporation) C: Program Files WindowsApps microsoft.windowscommunicationsapps_16005.12624.20296.0_x64__8wekyb3d8bbwe HxTsr.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe YourPhoneServer YourPhoneServer.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe Video.UI.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows ImmersiveControlPanel SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 InputMethod CHS ChsIME.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows SysWOW64 wbem WmiPrvSE.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2003.8-0 MsMpEng.exe

(MICRO-STAR INTERNATIONAL CO., LTD. ->) C: Program Files (x86) MSI Afterburner MSIAfterburner.exe

(NVIDIA Corporation -> Node.js) C: Program Files (x86) NVIDIA Corporation NvNode NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA Share.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA Share.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA Share.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation ShadowPlay nvsphelper64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkNGUI64.exe

(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C: Program Files (x86) Samsung Samsung Magician SamsungMagician.exe

(Valve -> Valve Corporation) C: Program Files (x86) Common Files Steam SteamService.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam steam.exe

(Wacom Technology Corp. -> Wacom Technology) C: Program Files Tablet Wacom WacomHost.exe

(Wacom Technology Corporation -> Wacom Technology, Corp.) C: Program Files Tablet Wacom Wacom_Tablet.exe

(Wacom Technology Corporation -> Wacom Technology, Corp.) C: Program Files Tablet Wacom Wacom_TabletUser.exe

(Wacom Technology Corporation -> Wacom Technology, Corp.) C: Program Files Tablet Wacom Wacom_TouchUser.exe

(Wacom Technology Corporation -> Wacom Technology, Corp.) C: Program Files Tablet Wacom WTabletServicePro.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [9235936 2017-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM … Run: [IAStorIcon] => C: Program Files Intel Intel® Rapid Storage Technology IAStorIcon.exe [318920 2019-03-07] (Technologie de stockage rapide Intel® -> Intel Corporation)

HKLM-x32 … Exécuter: [Corsair Utility Engine] => C: Program Files (x86) Corsair Corsair Utility Engine CUE.exe [18848976 2017-08-04] (Corsair Components, Inc. -> Corsair Components, Inc.)

HKLM-x32 … Exécuter: [TeamsMachineUninstallerLocalAppData] => C: Users Claude AppData Local Microsoft Teams Update.exe [2324624 2020-01-24] (Composant d'application tiers Microsoft -> Microsoft Corporation)

HKLM-x32 … Exécuter: [TeamsMachineUninstallerProgramData] =>% ProgramData% Microsoft Teams Update.exe –uninstall –msiUninstall –source = default

HKLM-x32 … RunOnce: [PreRun] => C: Program Files (x86) Gigabyte AppCenter PreRun.exe [8192 2013-04-28] () [File not signed]

HKU S-1-5-19 … RunOnce: [WAB Migrate] => C: Program Files Windows Mail wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

HKU S-1-5-20 … RunOnce: [WAB Migrate] => C: Program Files Windows Mail wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

HKU S-1-5-21-3208311411-3576727370-3064477758-1001 … Run: [WallpaperEngine] => C: Program Files (x86) Steam steamapps common wallpaper_engine wallpaper32.exe [2578936 2020-02-15] (Kristjan Skutta ->)

HKU S-1-5-21-3208311411-3576727370-3064477758-1001 … Run: [NoxDaemon] => C: Users Claude AppData Roaming NoxSrv NoxSrv.exe [116736 2020-02-16] () [File not signed]

HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 80.0.3987.149 Installer chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 05F2ED74-C51B-47BD-93AD-8B74CFBFDCD4 – System32 Tasks Microsoft Office OfficeBackgroundTaskHandlerRegistration => C: Program Files Microsoft Office root Office16 officebackgroundtaskhandler.exe [2167920 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 0768CEFA-7E51-45CF-954E-09A2A6510745 – System32 Tasks NvBatteryBoostCheckOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvContainer nvcontainer n [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 0A2BE7BB-3ED2-4706-AAE9-332A8F6B2E86 – System32 Tasks Pinyin_2345Upgrade Task => C: Program Files (x86) 2345Soft 2345Pinyin 5.6.1.7090 2345PinyinTool.exe

Tâche: 0A6C41F6-2F45-42C2-80A3-5EB74D739DAA – Microsoft Windows UNP RunCampaignManager -> Aucun fichier <==== ATTENTION

Tâche: 28490751-5E2E-4499-8093-92220BD7A7AF – System32 Tasks IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C: Program Files Intel SUR QUEENCREEK Updater bin IntelSoftwareAsset .EXE [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)

Tâche: 2A162C11-8E96-4FEE-91C1-21EB42758240 – System32 Tasks Avast Software Overseer => C: Program Files Common Files AVAST Software Overseer overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)

Tâche: 332ECAEF-CC2A-4CAD-A64F-C73CA78302F1 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cache Maintenance => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun .EXE [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Tâche: 3ADDC8FF-3F55-415B-975E-BBF92FEB7690 – System32 Tasks IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C: Program Files (x86) Intel Intel® Update Manager bin iumsvc .EXE

Tâche: 3E071E45-4ABF-4F9D-8D54-72E750003F11 – Maintenance des abonnements System32 Tasks Microsoft Office Office => C: Program Files Microsoft Office root vfs ProgramFilesCommonx64 Microsoft Shared Office16 OLicenseHeartbeat.exe [2350176 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 3EA5E0C8-AD9C-47FB-AF4A-E07B0837A862 – System32 Tasks NvNodeLauncher_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation NvNode nvjode nvjode nv [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 44BC7A56-71E0-4362-80EF-CD70ECACCD76 – System32 Tasks NvDriverUpdateCheckDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvContainer nvcontain.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 4ED97084-E67C-4990-960F-29D81980BD4E – System32 Tasks download => arrêt [Argument = /s /f /t 0]

Tâche: 5C1BAFAD-1914-49C6-BAC9-711F971953F2 – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files Microsoft Office root VFS ProgramFilesCommonX64 Microsoft Shared Office16 sdxhelper.exe [150272 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 5F7F4A74-390E-4B80-AE23-BB39455014C1 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 61452937-FACB-4C97-BF05-E238D1044D00 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cleanup => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun. EXE [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Tâche: 6CDEC90E-89A4-471E-851E-07334AE17060 – System32 Tasks Adobe Flash Player PPAPI Notifier => C: WINDOWS SysWOW64 Macromed Flash FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)

Tâche: 6D3BF74B-2731-4E2A-9FFD-104F74147014 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)

Tâche: 7420C474-654D-418F-B7FD-CB625E838D49 – System32 Tasks NvProfileUpdaterDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Core NvProfileUp64 [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 75683770-E3B9-41E4-AA61-032692DA76AD – System32 Tasks NvTmRep_CrashReport3_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvBackend NvTm.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 7A92374D-6E3A-451B-A934-574CF6D43D9C – System32 Tasks NvTmRep_CrashReport4_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvTm.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 7C77A4F2-821A-407B-BEAB-91B1FDA318B0 – Tâche de mise à jour System32 Tasks Adobe Acrobat => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

Tâche: 7FFAC542-AF07-47DE-AD50-D66267908352 – System32 Tasks MSIAfterburner => C: Program Files (x86) MSI Afterburner MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. ->)

Tâche: 8C788CD7-D36F-48D3-8715-068FD6E6FDFC – System32 Tasks SamsungMagician => C: Program Files (x86) Samsung Samsung Magician SamsungMagician.exe [1112576 2017-02-21] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)

Tâche: 8FF9D7FF-81B5-4466-B76E-60000E936E01 – System32 Tasks Adobe Flash Player Updater => C: WINDOWS SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)

Tâche: 967EDA72-58AF-427C-AA3F-0A526971B0D1 – System32 Tasks shutdown => C: Windows System32 shutdown.exe [26624 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

Tâche: A08C7E05-72FC-4DD8-A32C-7ADD55069375 – System32 Tasks Microsoft Office OfficeBackgroundTaskHandlerLogon => C: Program Files Microsoft Office root Office16 officebackgroundtaskhandler.exe [2167920 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: A44FAD11-113C-418C-9B76-27EDDEA9B048 – System32 Tasks IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C: Program Files Intel SUR QUEENCREEK Updater bin IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)

Tâche: B6B1DA74-9C6D-4EEC-BFAA-D4B14479BD5E – System32 Tasks Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C: Program Files Bitdefender Agent WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)

Tâche: BA2EC19B-2416-41C5-907B-48084B2A488C – System32 Tasks Microsoft Office OfficeTelemetryAgentLogOn2016 => C: Program Files Microsoft Office root Office16 msoia.exe [6292336 2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Tâche: BFC433BA-E1C6-452D-9A71-1D8698231E43 – System32 Tasks NvTmRep_CrashReport1_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvBackend NvBackend.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: C3376868-523B-4470-9C91-CE4CCE249E28 – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)

Tâche: C399DE69-DDEB-4B63-927A-8B479C472F9B – System32 Tasks Opera Scheduled Autoupdate 1555539851 => C: Users Claude AppData Local Programs Opera launcher.exe

Tâche: D60F8BE5-B090-4018-BB0A-99B47D3A31D4 – System32 Tasks Intel PTT EK Recertification => C: Program Files Intel iCLS Client IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel® Trust Services -> Intel® Corporation)

Tâche: D96F3E7E-C3E1-4BCB-94F2-61C2DE7F5C2A – System32 Tasks NvTmRep_CrashReport2_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvTr.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: DD69D685-99D4-42DC-977F-1576597CDCFF – Mise à jour automatique System32 Tasks Opera 1555539849 => C: Users Claude AppData Local Programs Opera launcher.exe

Tâche: DEAD8B95-FA1A-4A50-A03E-ECE7EE476807 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Verification => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun. EXE [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Tâche: E85F2493-0B4B-464D-817A-0D6EC6EEB946 – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-09-16] (Google Inc -> Google Inc.)

Tâche: EA85836C-FD61-4540-B089-0820631CCA75 – System32 Tasks NVIDIA GeForce Experience SelfUpdate_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA Geforce Experience.exe [3302880 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: EFFD1C0E-1D49-46EE-A851-7232A77F1021 – System32 Tasks Microsoft Office OfficeTelemetryAgentFallBack2016 => C: Program Files Microsoft Office root Office16 msoia.exe [6292336 2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Tâche: F72154CE-A944-4A87-B1AA-D8123DB93CF3 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Scheduled Scan => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun .EXE [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Tâche: F825C879-B629-41BE-9298-AB64660023E0 – Connexion aux mises à jour des fonctionnalités System32 Tasks Microsoft Office Office => C: Program Files Microsoft Office root VFS ProgramFilesCommonX64 Microsoft Shared Office16 sdxhelper. EXE [150272 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)

Tâche: FFDFEDD9-2DF7-4A70-96C9-11E8982CFA23 – System32 Tasks NvProfileUpdaterOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Core NvProfileUpdater.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Tcpip Paramètres: [DhcpNameServer] 192.168.2.1

Tcpip .. Interfaces bde06d61-a80c-4e3b-aed5-ba18a12cc709: [DhcpNameServer] 192.168.2.1

Internet Explorer:

==================

HKLM Software Microsoft Internet Explorer Main, Start Page = about: vide

HKLM Software Wow6432Node Microsoft Internet Explorer Main, Start Page = about: vide

HKLM Software Microsoft Internet Explorer Main, Default_Page_URL =

HKLM Software Wow6432Node Microsoft Internet Explorer Main, Default_Page_URL =

HKLM Software Microsoft Internet Explorer Main, Default_Search_URL =

HKLM Software Wow6432Node Microsoft Internet Explorer Main, Default_Search_URL =

BHO: Skype Entreprise Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C: Program Files Microsoft Office root Office16 OCHelper.dll [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Assistant de navigateur Skype Entreprise -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 OCHelper.dll [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Gestionnaire: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C: Program Files Microsoft Office root Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Gestionnaire: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files Microsoft Office root Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Gestionnaire: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files Microsoft Office root Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Gestionnaire: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C: Program Files Microsoft Office root Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

========

Plugin FF: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root Office16 NPSPWRAP.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF: wacom.com/WacomTabletPlugin -> C: Program Files TabletPlugins npWacomTabletPlugin.dll [No File]

FF Plugin-x32: @ microsoft.com / Lync, version = 15.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Mozilla Firefox plugins npmeetingjoinpluginoc.dll [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ Microsoft.com / NpCtrl, version = 1.0 -> C: Program Files (x86) Microsoft Silverlight 5.0.61118.0 npctrl.dll [2011-11-18] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 NPSPWRAP.DLL [2020-01-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ pptv.com / plugin -> C: Program Files (x86) Internet Explorer PPLite plugin 4.1.3.0030 nppluginEx.dll [No File]

FF Plugin-x32: @ qq.com / QQPhotoDrawEx -> C: Program Files (x86) Tencent Qzone npQQPhotoDrawEx.dll [2013-08-13] (Tencent Technology (Shenzhen) Company Limited ->)

FF Plugin-x32: @ qq.com / QzoneMusic -> C: Program Files (x86) Tencent QQMusic QzoneMusic npQzoneMusic.dll [No File]

FF Plugin-x32: @ qq.com / TXSSO -> C: Program Files (x86) Common Files Tencent TXSSO 1.2.5.29 Bin npSSOAxCtrlForPTLogin.dll [2018-02-02] (Tencent Technology (Shenzhen) Company Limited -> Tencent)

FF Plugin-x32: @ qq.com / WeSingBS -> C: Program Files (x86) Tencent WeSingBS WeSingBS1150.2.14.22 npWeSingBS.dll [2016-08-03] (Tencent Technology (Shenzhen) Company Limited -> Tencent)

FF Plugin-x32: @ tencent.com / npQQMailWebKit, version = 1.0.0.1 -> C: Program Files (x86) QQMailPlugin npQQMailWebKit.dll [2013-04-25] (Tencent Technology (Shenzhen) Company Limited -> Tencent)

FF Plugin-x32: @ tencent.com / nptxftnWebKit, version = 1.0.0.1 -> C: Program Files (x86) QQMailPlugin nptxftnWebKit.dll [2013-04-08] (Tencent Technology (Shenzhen) Company Limited) [File not signed]

FF Plugin-x32: Adobe Reader -> C: Program Files (x86) Adobe Acrobat Reader DC Reader AIR nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: wacom.com/WacomTabletPlugin -> C: Program Files (x86) TabletPlugins npWacomTabletPlugin.dll [No File]

Plugin FF HKU S-1-5-21-3208311411-3576727370-3064477758-1001: @ 1.qq.com / npqqwebgame -> C: Users Claude AppData Roaming Tencent WebGamePlugin 1.0.4.3 npqqwebgame .dll [2015-10-19] (Tencent Technology (Shenzhen) Company Limited ->)

Plugin FF HKU S-1-5-21-3208311411-3576727370-3064477758-1001: @ zoom.us / ZoomVideoPlugin -> C: Users Claude AppData Roaming Zoom bin npzoomplugin.dll [2019-11-04] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:

=======

Profil CHR: C: Users Claude AppData Local Google Chrome User Data Default [2020-03-31]

CHR DownloadDir: C: Users Claude Downloads

Notifications CHR: Par défaut -> hxxps: //mail.google.com; hxxps: //www.youtube.com

Extension CHR: (The Flash Video Dоwnl®ader) – C: Users Claude AppData Local Google Chrome User Data Default Extensions amjcoehkcacocffpmhnefgoeanepjfkf [2019-05-18]

Extension CHR: (Docs) – C: Users Claude AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2017-12-10]

Extension CHR: (Google Drive) – C: Users Claude AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2017-12-10]

Extension CHR: (YouTube) – C: Users Claude AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-10]

Extension CHR: (Adblock Plus – bloqueur de publicités gratuit) – C: Users Claude AppData Local Google Chrome User Data Default Extensions cfhdojbkjhnklbpkdaibdccddilifddb [2020-03-31]

Extension CHR: (uBlock Origin) – C: Users Claude AppData Local Google Chrome User Data Default Extensions cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-24]

Extension CHR: (Adobe Acrobat) – C: Users Claude AppData Local Google Chrome User Data Default Extensions efaidnbmnnnibpcajpcglclefindmkaj [2020-03-03]

Extension CHR: (Persona 5 Dark Mode v3) – C: Users Claude AppData Local Google Chrome User Data Default Extensions gdbpkedpnijknkbddfjacfhbnhdoipdd [2019-05-26]

Extension CHR: (Google Docs hors ligne) – C: Users Claude AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]

Extension CHR: (Grammaire pour Chrome) – C: Users Claude AppData Local Google Chrome User Data Default Extensions kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-03-26]

Extension CHR: (Paiements Chrome Web Store) – C: Users Claude AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]

Extension CHR: (Gmail) – C: Users Claude AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]

Extension CHR: (Chrome Media Router) – C: Users Claude AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-19]

CHR HKLM-x32 … Chrome Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R2 bdredline; C: Program Files Bitdefender Antivirus Free bdredline.exe [2500144 2019-05-28] (Bitdefender SRL -> Bitdefender)

S3 BEService; C: Program Files (x86) Common Files BattlEye BEService.exe [8567960 2020-03-24] (BattlEye Innovations e.K. ->)

R2 ClickToRunSvc; C: Program Files Fichiers communs Microsoft Shared ClickToRun OfficeClickToRun.exe [11600672 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)

S2 DSAService; C: Program Files (x86) Intel Driver and Support Assistant DSAService.exe [26984 2019-07-25] (Clé de signature IDSA Production -> Intel)

S3 DSAUpdateService; C: Program Files (x86) Intel Driver and Support Assistant DSAUpdateService.exe [80744 2019-07-25] (Clé de signature IDSA Production -> Intel)

S3 EasyAntiCheat; C: Program Files (x86) EasyAntiCheat EasyAntiCheat.exe [803440 2019-11-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

R2 gadjservice; C: Program Files (x86) Gigabyte AppCenter AdjustService.exe [16896 2015-04-13] () [File not signed]

S4 HfcDisableService; C: WINDOWS System32 DriverStore FileRepository iastorac.inf_amd64_11139e42ea3f60f6 HfcDisableService.exe [1709936 2019-03-07] (Technologie de stockage rapide Intel® -> Intel Corporation)

S3 HwmRecordService; C: Program Files (x86) GIGABYTE SIV HwmRecordService.exe [62760 2015-11-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

S3 iaStorAfsService; C: WINDOWS System32 iaStorAfsService.exe [2832240 2019-03-07] (Technologie de stockage rapide Intel® -> Intel Corporation)

S3 Intel® Capability Licensing Service TCP IP Interface; C: Program Files Intel iCLS Client SocketHeciServer.exe [732448 2017-02-24] (Intel® Trust Services -> Intel® Corporation)

S3 Intel® SUR QC SAM; C: Program Files Intel SUR QUEENCREEK Updater bin IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)

S2 Intel® TPM Provisioning Service; C: Program Files Intel iCLS Client TPMProvisioningService.exe [548648 2017-02-24] (Intel® Trust Services -> Intel® Corporation)

R2 jhi_service; C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe [196712 2017-04-23] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [6933272 2020-03-30] (Malwarebytes Inc -> Malwarebytes)

S3 NGS; C: WINDOWS NGService.exe [2994248 2018-10-16] (NEXON Korea Corporation. -> NEXON Korea Corporation)

R2 NvContainerLocalSystem; C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvContainerNetworkService; C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)

R2 ProductAgentService; C: Program Files Bitdefender Agent ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)

R2 RstMwService; C: WINDOWS System32 DriverStore FileRepository iastorac.inf_amd64_11139e42ea3f60f6 RstMwService.exe [1968496 2019-03-07] (Technologie de stockage rapide Intel® -> Intel Corporation)

R2 updatesrv; C: Program Files Bitdefender Antivirus Free updatesrv.exe [242024 2020-02-05] (Bitdefender SRL -> Bitdefender)

R2 vsserv; C: Program Files Bitdefender Antivirus Free vsserv.exe [308064 2020-02-05] (Bitdefender SRL -> Bitdefender)

R2 vsservppl; C: Program Files Bitdefender Antivirus Free vsservppl.exe [242024 2020-02-05] (Bitdefender SRL -> Bitdefender)

S3 WdNisSvc; C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2003.8-0MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WTabletServicePro; C:Program FilesTabletWacomWTabletServicePro.exe [2169800 2018-06-19] (Wacom Technology Corporation -> Wacom Technology, Corp.)

R2 NVDisplay.ContainerLocalSystem; "C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log" -l 3 -d "C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 atc; C:WINDOWSSystem32DRIVERSatc.sys [1972328 2020-02-20] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)

R2 BdDci; C:WINDOWSsystem32DRIVERSbddci.sys [757240 2020-03-04] (Bitdefender SRL -> Bitdefender)

S0 bdelam; C:WINDOWSSystem32driversbdelam.sys [22960 2019-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)

R3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [45528 2017-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [21968 2017-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

R3 e1dexpress; C:WINDOWSSystem32DriverStoreFileRepositorye1d68x64.inf_amd64_b44028fc7fdf4fcae1d68x64.sys [599920 2019-09-13] (Intel® INTELND1820 -> Intel Corporation)

R3 edrsensor; C:WINDOWSSystem32DRIVERSedrsensor.sys [309120 2020-02-20] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [153312 2020-03-30] (Malwarebytes Corporation -> Malwarebytes)

R3 gdrv; C:WINDOWSgdrv.sys [26192 2020-03-30] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)

R1 Gemma; C:WINDOWSSystem32DRIVERSGemma.sys [453552 2020-02-28] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)

R0 gzflt; C:WINDOWSSystem32driversgzflt.sys [188384 2019-04-26] (Bitdefender SRL -> BitDefender LLC)

R0 iaStorAC; C:WINDOWSSystem32driversiaStorAC.sys [1094000 2019-03-07] (Intel® Rapid Storage Technology -> Intel Corporation)

S3 iaStorAfs; C:WINDOWSSystem32driversiaStorAfs.sys [72560 2019-03-07] (Intel® Rapid Storage Technology -> Intel Corporation)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [214496 2020-03-30] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [20936 2020-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [195432 2020-03-30] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [73584 2020-03-30] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248968 2020-03-30] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [119960 2020-03-30] (Malwarebytes Inc -> Malwarebytes)

R3 MEIx64; C:WINDOWSSystem32DriverStoreFileRepositoryheci.inf_amd64_85021432489d6a1cx64TeeDriverW8x64.sys [266128 2019-04-17] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)

R3 nvlddmkm; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_5ef913e2bcf39373nvlddmkm.sys [23287696 2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvhci; C:WINDOWSSystem32driversnvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation)

R3 RTCore64; C:Program Files (x86)MSI AfterburnerRTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

R3 ScpVBus; C:WINDOWSSystem32driversScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)

S3 semav6msr64; C:Windowssystem32driverssemav6msr64.sys [21984 2016-10-18] (Intel® Code Signing External -> )

R2 trufos; C:WINDOWSSystem32driverstrufos.sys [638368 2020-02-20] (Bitdefender SRL -> Bitdefender)

R3 WacHidRouterPro; C:WINDOWSSystem32driverswachidrouter.sys [115672 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)

R3 wacomrouterfilter; C:WINDOWSSystem32driverswacomrouterfilter.sys [17880 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)

R1 YSDrv; C:Program Files (x86)BignoxBigNoxVMRTYSDrv.sys [310536 2019-06-22] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 08:55 – 2020-03-31 08:56 – 000039355 _____ C:UsersClaudeDesktopFRST.txt

2020-03-31 08:55 – 2020-03-31 08:55 – 000000000 ____D C:FRST

2020-03-31 08:54 – 2020-03-31 08:54 – 002280448 _____ (Farbar) C:UsersClaudeDesktopFRST64.exe

2020-03-31 08:37 – 2020-03-31 08:48 – 000000000 ____D C:UsersClaudeAppDataLocalLowIGDump

2020-03-30 18:54 – 2020-03-30 18:54 – 000067788 _____ C:UsersClaudeDownloadsYAKUZA 0 SAVES-1-V1-0-1545727443.rar

2020-03-30 15:51 – 2020-03-30 15:51 – 000505172 _____ C:UsersClaudeDownloadslinguistics assignment 2.pdf

2020-03-30 14:36 – 2020-03-30 14:36 – 000093825 _____ C:UsersClaudeDownloadsAssignment_2_-_Kevin_Vong.pdf

2020-03-30 12:43 – 2020-03-30 12:43 – 000040272 _____ C:UsersClaudeDownloadsFeedback on Optional Exercise for Week 8.html.zip

2020-03-30 10:41 – 2020-03-30 10:41 – 000195432 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2020-03-30 10:41 – 2020-03-30 10:41 – 000119960 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2020-03-30 10:41 – 2020-03-30 10:41 – 000073584 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2020-03-30 10:40 – 2020-03-30 10:40 – 000248968 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2020-03-30 10:40 – 2020-03-30 10:40 – 000214496 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2020-03-30 10:40 – 2020-03-30 10:40 – 000153312 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2020-03-30 10:40 – 2020-03-30 10:40 – 000020936 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2020-03-30 10:40 – 2020-03-30 10:40 – 000000000 ____D C:UsersClaudeAppDataLocalmbamtray

2020-03-30 10:40 – 2020-03-30 10:40 – 000000000 ____D C:UsersClaudeAppDataLocalmbam

2020-03-30 10:40 – 2020-03-30 10:40 – 000000000 ____D C:UsersClaudeAppDataLocalcache

2020-03-30 10:40 – 2020-03-30 10:40 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes

2020-03-30 10:40 – 2020-03-30 10:40 – 000000000 ____D C:ProgramDataMalwarebytes

2020-03-30 10:39 – 2020-03-30 10:39 – 000000000 ____D C:Program FilesMalwarebytes

2020-03-30 10:38 – 2020-03-30 10:39 – 001957784 _____ (Malwarebytes) C:UsersClaudeDownloadsMBSetup.exe

2020-03-29 14:47 – 2020-03-29 14:47 – 000137634 _____ C:UsersClaudeDownloadsDigimon – Butterfly.pdf

2020-03-29 12:12 – 2020-03-29 12:12 – 000031182 _____ C:UsersClaudeDownloadsHistory final intro.pdf

2020-03-26 15:20 – 2020-03-26 15:20 – 000064250 _____ C:UsersClaudeDownloadsENG ESSAY.pdf

2020-03-25 19:32 – 2020-03-25 19:54 – 1044858488 _____ C:UsersClaudeDownloadsDaVinci_Resolve_15.3.1_Windows.zip

2020-03-25 18:31 – 2020-03-25 18:32 – 000000000 ____D C:UsersClaudeAppDataRoamingMicrosoftWindowsStart MenuProgramsBlackmagic Design

2020-03-25 18:22 – 2020-03-11 03:08 – 1410614120 _____ (Blackmagic Design) C:UsersClaudeDownloadsDaVinci_Resolve_16.2_Windows.exe

2020-03-25 18:13 – 2020-03-25 18:21 – 1397017466 _____ C:UsersClaudeDownloadsDaVinci_Resolve_16.2_Windows.zip

2020-03-25 18:08 – 2020-03-25 18:18 – 000000000 ____D C:UsersClaudeAppDataRoamingHandBrake

2020-03-25 18:07 – 2020-03-25 18:07 – 013537880 _____ C:UsersClaudeDownloadsHandBrake-1.3.1-x86_64-Win_GUI.exe

2020-03-25 16:46 – 2020-03-25 16:46 – 000094952 _____ C:UsersClaudeDownloadsLiterary-present-tense.pdf

2020-03-22 20:53 – 2020-03-22 20:53 – 000003358 _____ C:WINDOWSsystem32Tasksshutdown

2020-03-21 10:27 – 2020-03-21 10:27 – 000098452 _____ C:UsersClaudeDownloadsJoJo's Bizarre Adventure Golden Wind – Uragirimono no Requiem.pdf

2020-03-21 10:21 – 2020-03-21 10:21 – 000119322 _____ C:UsersClaudeDownloadsVinland Saga – MUKANJYO (Opening).pdf

2020-03-20 10:39 – 2020-03-20 10:39 – 000348342 _____ C:UsersClaudeDownloadsRWBY – Red like Roses.pdf

2020-03-18 19:40 – 2020-03-18 19:40 – 000049555 _____ C:UsersClaudeDownloadsReflection Paper 3_18.pdf

2020-03-17 21:01 – 2020-03-17 21:01 – 000406066 _____ C:UsersClaudeDownloads5 Centimeters per Second – One More Chance, One More Time.pdf

2020-03-17 20:57 – 2020-03-17 20:57 – 000494703 _____ C:UsersClaudeDownloadsElfen Lied – Lilium.pdf

2020-03-17 20:57 – 2020-03-17 20:57 – 000223687 _____ C:UsersClaudeDownloadsKimi no Na wa – Zen Zen Zense.pdf

2020-03-17 20:18 – 2020-03-17 20:18 – 000162675 _____ C:UsersClaudeDownloadsShigatsu wa Kimi no Uso – Nanairo Symphony.pdf

2020-03-17 20:16 – 2020-03-17 20:16 – 000176391 _____ C:UsersClaudeDownloadsAttack on Titan Season 2 – Shinzou wo Sasageyo Opening (Easy Version).pdf

2020-03-17 20:16 – 2020-03-17 20:16 – 000140987 _____ C:UsersClaudeDownloadsPorter Robinson & Madeon – Shelter (Easy Version).pdf

2020-03-17 20:14 – 2020-03-17 20:14 – 000183897 _____ C:UsersClaudeDownloadsNo Game No Life – This Game (Easy Version).pdf

2020-03-17 20:12 – 2020-03-17 20:12 – 000079106 _____ C:UsersClaudeDownloadsYamada-kun to 7-nin no Majo – Kuchizuke Diamond (Opening).pdf

2020-03-17 20:07 – 2020-03-17 20:07 – 000074736 _____ C:UsersClaudeDownloadsEromanga Sensei – Hitorigoto.pdf

2020-03-17 19:55 – 2020-03-17 19:55 – 000054205 _____ C:UsersClaudeDownloadsNisemonogatari – Platinum Disco.pdf

2020-03-17 19:45 – 2020-03-17 19:45 – 000105430 _____ C:UsersClaudeDownloadsSteins Gate 0 – Fatima (Opening).pdf

2020-03-17 18:57 – 2020-03-17 18:57 – 000089309 _____ C:UsersClaudeDownloadsNisemonogatari – The King of Strangeness.pdf

2020-03-16 11:12 – 2020-03-16 11:12 – 000046701 _____ C:UsersClaudeDownloadsBrutus Letter, #4.pdf

2020-03-14 14:24 – 2020-03-14 14:24 – 025444352 _____ (Microsoft Corporation) C:WINDOWSsystem32Hydrogen.dll

2020-03-14 14:24 – 2020-03-14 14:24 – 009930552 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe

2020-03-14 14:24 – 2020-03-14 14:24 – 007604584 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll

2020-03-14 14:24 – 2020-03-14 14:24 – 006520776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll

2020-03-14 14:24 – 2020-03-14 14:24 – 004563416 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe

2020-03-14 14:24 – 2020-03-14 14:24 – 001610240 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramCompositor.dll

2020-03-14 14:24 – 2020-03-14 14:24 – 001398584 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe

2020-03-14 14:24 – 2020-03-14 14:24 – 001077048 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe

2020-03-14 14:24 – 2020-03-14 14:24 – 000772096 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrv2.sys

2020-03-14 14:24 – 2020-03-14 14:24 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll

2020-03-14 14:24 – 2020-03-14 14:24 – 000561464 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb.sys

2020-03-13 19:43 – 2020-03-13 19:43 – 000001304 _____ C:UsersClaudeAppDataRoamingMicrosoftWindowsStart MenuProgramsYakuzaKiwami.exe – Shortcut.lnk

2020-03-13 19:42 – 2020-03-13 19:42 – 003518860 _____ C:UsersClaudeDownloads4K Font v. 0.9-6-0-9-1580603152 (1).rar

2020-03-12 14:54 – 2020-03-12 14:54 – 000255219 _____ C:UsersClaudeDownloadsKodama Kotodama .pdf

2020-03-10 17:06 – 2020-03-05 14:09 – 001329360 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2020-03-10 17:06 – 2020-03-05 14:09 – 001329360 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2020-03-10 17:06 – 2020-03-05 14:08 – 011834808 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvptxJitCompiler.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 010161248 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvptxJitCompiler.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 001729448 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2020-03-10 17:06 – 2020-03-05 14:08 – 001729448 _____ C:WINDOWSsystem32vulkaninfo.exe

2020-03-10 17:06 – 2020-03-05 14:08 – 001079208 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 001079208 _____ C:WINDOWSsystem32vulkan-1.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 000937896 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 000937896 _____ C:WINDOWSSysWOW64vulkan-1.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 000441968 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2020-03-10 17:06 – 2020-03-05 14:08 – 000344688 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 017463392 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 015029176 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 005376624 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 004715616 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 002068408 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001720416 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdispco6444259.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001561712 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001483376 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdispgenco6444259.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001476536 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001364576 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvfatbinaryLoader.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001138616 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 001058912 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvfatbinaryLoader.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 000818064 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvmcumd.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 000807536 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 000677608 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 000671120 _____ C:WINDOWSsystem32nvofapi64.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 000551312 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2020-03-10 17:06 – 2020-03-05 14:07 – 000538016 _____ C:WINDOWSSysWOW64nvofapi.dll

2020-03-10 17:06 – 2020-03-05 14:06 – 040503392 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcompiler.dll

2020-03-10 17:06 – 2020-03-05 14:06 – 035372640 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcompiler.dll

2020-03-10 17:06 – 2020-03-04 14:34 – 000055872 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvhdap64.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 025900544 _____ (Microsoft Corporation) C:WINDOWSsystem32edgehtml.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 022635008 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 019850240 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgehtml.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 019812352 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramWorld.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 018027008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 011607552 _____ (Microsoft Corporation) C:WINDOWSsystem32wmp.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 009711616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wmp.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 007755776 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 007263992 _____ (Microsoft Corporation) C:WINDOWSsystem32shell32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 007259648 _____ (Microsoft Corporation) C:WINDOWSsystem32ieframe.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 006436352 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 006285312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieframe.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 006168064 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 006084344 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windows.storage.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 005911040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakra.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 005764664 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shell32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 005112832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64twinui.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 005040640 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004898144 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmpltfm.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004855808 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004580352 _____ (Microsoft Corporation) C:WINDOWSsystem32msi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004538880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wininet.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004348408 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004140544 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettingsThresholdAdminFlowUI.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004129648 _____ (Microsoft Corporation) C:WINDOWSsystem32mfcore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 004048896 _____ (Microsoft Corporation) C:WINDOWSsystem32SRH.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003971808 _____ (Microsoft Corporation) C:WINDOWSSysWOW64explorer.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 003860832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmpltfm.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003819520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003799552 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003728896 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 003552768 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003488768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003371720 _____ (Microsoft Corporation) C:WINDOWSsystem32combase.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 003243296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002986808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 002956688 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmp4srcsnk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002875904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64esent.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002800640 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 002773568 _____ (Microsoft Corporation) C:WINDOWSsystem32iertutil.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002768440 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb

2020-03-10 16:39 – 2020-03-10 16:39 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb

2020-03-10 16:39 – 2020-03-10 16:39 – 002740736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64directml.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002698040 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversntfs.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 002584008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64combase.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002561536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tquery.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002494744 _____ (Microsoft Corporation) C:WINDOWSsystem32msmpeg2vdec.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002315680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msmpeg2vdec.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002307584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WsmSvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002305536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssrch.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002259872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iertutil.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002224952 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngine.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002180408 _____ (Microsoft Corporation) C:WINDOWSsystem32workfolderssvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002087376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002072664 _____ (Microsoft Corporation) C:WINDOWSsystem32mfplat.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002031104 _____ C:WINDOWSsystem32rdpnano.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 002021888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64UIAutomationCore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001999952 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001985104 _____ (Microsoft Corporation) C:WINDOWSSysWOW64twinapi.appcore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001972536 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrefs.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 001867816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmp4srcsnk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001854976 _____ (Microsoft Corporation) C:WINDOWSsystem32urlmon.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001835128 _____ (Microsoft Corporation) C:WINDOWSsystem32mfsrcsnk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001835008 _____ (Microsoft Corporation) C:WINDOWSsystem32enterprisecsps.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001823232 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Speech.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001770552 _____ (Microsoft Corporation) C:WINDOWSsystem32winmde.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001757304 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2020-03-10 16:39 – 2020-03-10 16:39 – 001743888 _____ (Microsoft Corporation) C:WINDOWSsystem32sppobjs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001729024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallService.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001697792 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001688064 _____ (Microsoft Corporation) C:WINDOWSsystem32XpsPrint.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001684992 _____ (Microsoft Corporation) C:WINDOWSSysWOW64urlmon.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001665416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001664896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001657120 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001647072 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001609216 _____ (Microsoft Corporation) C:WINDOWSsystem32wpncore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001555904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfplat.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001540096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpcorets.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001513040 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 001490640 _____ (Microsoft Corporation) C:WINDOWSsystem32mfsvr.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001484600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WindowsCodecs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001482040 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndis.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 001480192 _____ (Microsoft Corporation) C:WINDOWSsystem32usocoreworker.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 001458688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GdiPlus.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001417976 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfsrcsnk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001413632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gdi32full.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001412096 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettings.Handlers.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001396152 _____ (Microsoft Corporation) C:WINDOWSsystem32ole32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001394168 _____ (Microsoft Corporation) C:WINDOWSsystem32WinTypes.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001366128 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2020-03-10 16:39 – 2020-03-10 16:39 – 001354080 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmpal.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001319936 _____ (Microsoft Corporation) C:WINDOWSsystem32webplatstorageserver.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001284096 _____ (Microsoft Corporation) C:WINDOWSsystem32werconcpl.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001283600 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi

2020-03-10 16:39 – 2020-03-10 16:39 – 001282944 _____ (Microsoft Corporation) C:WINDOWSsystem32mfreadwrite.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001273856 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpcore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001264128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Speech.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001260544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpsharercom.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001260480 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001218632 _____ (Microsoft Corporation) C:WINDOWSsystem32ClipUp.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 001214976 _____ (Microsoft Corporation) C:WINDOWSsystem32reseteng.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001190912 _____ (Microsoft Corporation) C:WINDOWSsystem32Microsoft.Graphics.Display.DisplayEnhancementService.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001182448 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 001153024 _____ (Microsoft Corporation) C:WINDOWSsystem32windowsperformancerecordercontrol.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001108040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfsvr.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001098720 _____ (Microsoft Corporation) C:WINDOWSsystem32DolbyDecMFT.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001097728 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Immersive.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001091936 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmcodecs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001088000 _____ (Microsoft Corporation) C:WINDOWSsystem32MCRecvSrc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001083904 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001080832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpcore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001071184 _____ (Microsoft Corporation) C:WINDOWSsystem32Taskmgr.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 001054376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msctf.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001032544 _____ (Microsoft Corporation) C:WINDOWSsystem32ortcengine.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001031680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64XpsPrint.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001012792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmpeg2srcsnk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001007672 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ole32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 001000960 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.Internal.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000988160 _____ (Microsoft Corporation) C:WINDOWSsystem32refsutil.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000983896 _____ (Microsoft Corporation) C:WINDOWSsystem32winhttp.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000980320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmpal.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000974848 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000952416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DolbyDecMFT.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000935040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Taskmgr.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000929144 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthService.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000923136 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeManager.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000921088 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Management.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000915296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmcodecs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000898048 _____ (Microsoft Corporation) C:WINDOWSsystem32MdmDiagnostics.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000895488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Immersive.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000892696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WinTypes.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000883712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MCRecvSrc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000877232 _____ (Microsoft Corporation) C:WINDOWSsystem32wer.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000868864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windowsperformancerecordercontrol.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000845312 _____ (Microsoft Corporation) C:WINDOWSsystem32winlogon.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000843776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webplatstorageserver.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000838144 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Language.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000836608 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TpmCoreProvisioning.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000835584 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkfoldersControl.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000814080 _____ (Microsoft Corporation) C:WINDOWSsystem32comdlg32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000796904 _____ (Microsoft Corporation) C:WINDOWSsystem32oleaut32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000783480 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000776488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dxgi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000769552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winhttp.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000765440 _____ (Microsoft Corporation) C:WINDOWSsystem32uReFS.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000757632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfreadwrite.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000748032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Security.Authentication.OnlineId.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000741392 _____ (Microsoft Corporation) C:WINDOWSsystem32LicensingWinRT.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000734720 _____ (Microsoft Corporation) C:WINDOWSsystem32lpksetup.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000732000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ortcengine.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000710144 _____ (Microsoft Corporation) C:WINDOWSsystem32odbc32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000705536 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript9diag.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000691712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64comdlg32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000680448 _____ (Microsoft Corporation) C:WINDOWSsystem32vpnike.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000680184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wer.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000678912 _____ (Microsoft Corporation) C:WINDOWSsystem32daxexec.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000670720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SearchIndexer.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000669496 _____ (Microsoft Corporation) C:WINDOWSsystem32computecore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000668672 _____ (Microsoft Corporation) C:WINDOWSsystem32wsecedit.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000668296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppXDeploymentClient.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000667136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EdgeManager.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000661816 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversafd.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000654336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64uReFS.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000646656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Internal.Management.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000638464 _____ (Microsoft Corporation) C:WINDOWSsystem32MBMediaManager.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000636848 _____ (Microsoft Corporation) C:WINDOWSsystem32sxs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000627216 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LicensingWinRT.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000613888 _____ (Microsoft Corporation) C:WINDOWSsystem32netprofmsvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000605896 _____ (Microsoft Corporation) C:WINDOWSsystem32sechost.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000605184 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000604160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64odbc32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000599552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ActivationManager.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000595968 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000592896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64oleaut32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000578560 _____ (Microsoft Corporation) C:WINDOWSsystem32SppExtComObj.Exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000568832 _____ (Microsoft Corporation) C:WINDOWSsystem32wpnprv.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000568832 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Speech.UXRes.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000562688 _____ (Microsoft Corporation) C:WINDOWSsystem32iprtrmgr.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000562176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript9diag.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000551824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sxs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000535552 _____ (Microsoft Corporation) C:WINDOWSsystem32usosvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000532480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000526848 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wlidprov.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000525312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsecedit.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000522384 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettingsAdminFlows.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000518656 _____ (Microsoft Corporation) C:WINDOWSsystem32ncsi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000516096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iprtrmgr.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000510768 _____ (Microsoft Corporation) C:WINDOWSsystem32systemreset.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000500224 _____ (Microsoft Corporation) C:WINDOWSsystem32mprdim.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000489984 _____ (Microsoft Corporation) C:WINDOWSsystem32profsvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000478792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sechost.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS

2020-03-10 16:39 – 2020-03-10 16:39 – 000469504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64daxexec.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000460800 _____ (Microsoft Corporation) C:WINDOWSsystem32slui.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000459688 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotifyIcon.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000457216 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverscldflt.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000457016 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000455168 _____ (Microsoft Corporation) C:WINDOWSsystem32upnphost.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000448000 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsEnvironment.Desktop.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000444416 _____ (Microsoft Corporation) C:WINDOWSsystem32MSFlacDecoder.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000443904 _____ (Microsoft Corporation) C:WINDOWSsystem32edgeIso.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000435200 _____ (Microsoft Corporation) C:WINDOWSsystem32wincorlib.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000415744 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winspool.drv

2020-03-10 16:39 – 2020-03-10 16:39 – 000403456 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mprdim.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000382976 _____ (Microsoft Corporation) C:WINDOWSsystem32nlasvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000380416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MSFlacDecoder.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000358912 _____ (Microsoft Corporation) C:WINDOWSsystem32dusmsvc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000355840 _____ (Microsoft Corporation) C:WINDOWSsystem32XpsDocumentTargetPrint.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000353960 _____ (Microsoft Corporation) C:WINDOWSsystem32sppwinob.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SearchProtocolHost.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000330240 _____ (Microsoft Corporation) C:WINDOWSsystem32omadmclient.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000329216 _____ (Microsoft Corporation) C:WINDOWSsystem32DiagnosticLogCSP.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000328192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64upnphost.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000327680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgeIso.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000320312 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthAgent.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000309248 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrvnet.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000308736 _____ (Microsoft Corporation) C:WINDOWSsystem32msIso.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000307712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wincorlib.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000307712 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcomapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000299520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssvp.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000291840 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversahcache.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000287744 _____ (Microsoft Corporation) C:WINDOWSsystem32MSFlacEncoder.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000287232 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcomapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000283136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Search.ProtocolHandler.MAPI2.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000279040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppxAllUserStore.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000277504 _____ (Microsoft Corporation) C:WINDOWSsystem32scecli.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000263168 _____ (Microsoft Corporation) C:WINDOWSsystem32wpnservice.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000260920 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb20.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000258048 _____ (Microsoft Corporation) C:WINDOWSsystem32VPNv2CSP.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000251904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msIso.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000251392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64XpsDocumentTargetPrint.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000248064 _____ (Microsoft Corporation) C:WINDOWSsystem32weretw.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000239616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MSFlacEncoder.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000235520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WsmWmiPl.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000234984 _____ (Microsoft Corporation) C:WINDOWSsystem32EditionUpgradeManagerObj.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000226816 _____ (Microsoft Corporation) C:WINDOWSsystem32netprofm.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000225792 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFoldersShell.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000221200 _____ (Microsoft Corporation) C:WINDOWSsystem32wermgr.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000214016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scecli.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000213984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EditionUpgradeManagerObj.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000211968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SearchFilterHost.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000210744 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000206336 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndiswan.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000201744 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswcifs.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000199480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wermgr.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000193592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64weretw.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000183808 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngOnline.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000181248 _____ (Microsoft Corporation) C:WINDOWSsystem32notepad.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000181248 _____ (Microsoft Corporation) C:WINDOWSnotepad.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000179712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallServiceTasks.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000179712 _____ (Microsoft Corporation) C:WINDOWSsystem32LanguageComponentsInstaller.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000179200 _____ (Microsoft Corporation) C:WINDOWSsystem32rtm.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000177152 _____ (Microsoft Corporation) C:WINDOWSsystem32EditionUpgradeHelper.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000168448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EditionUpgradeHelper.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000166400 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MicrosoftAccountTokenProvider.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000165504 _____ (Microsoft Corporation) C:WINDOWSsystem32dmcmnutils.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000164776 _____ (Microsoft Corporation) C:WINDOWSsystem32omadmapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000161792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtm.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000160768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssph.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000155136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64notepad.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000155136 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000148992 _____ (Microsoft Corporation) C:WINDOWSsystem32MDMAppInstaller.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000146432 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceUpdateAgent.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000143872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WsmAuto.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000139776 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakrathunk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000138752 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceMetadataRetrievalClient.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000137216 _____ (Microsoft Corporation) C:WINDOWSsystem32pnpclean.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000136328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64omadmapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000135168 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversNdisImPlatform.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000133944 _____ (Microsoft Corporation) C:WINDOWSsystem32ImplatSetup.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000133256 _____ (Microsoft Corporation) C:WINDOWSsystem32profapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000130112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dmcmnutils.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000127064 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000123904 _____ (Microsoft Corporation) C:WINDOWSsystem32wercplsupport.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000120560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64profext.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000120048 _____ (Microsoft Corporation) C:WINDOWSsystem32OpenWith.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000118784 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Taskbar.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000117248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000114176 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversagilevpn.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000113152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssitlb.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000112128 _____ (Microsoft Corporation) C:WINDOWSsystem32AxInstSv.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000107832 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthProxyStub.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000107520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GraphicsCapture.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000105832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64OpenWith.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000105472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakrathunk.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000105472 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFolders.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000102760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64profapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000098104 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverscrashdmp.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000097080 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpudd.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000093184 _____ (Microsoft Corporation) C:WINDOWSsystem32nlaapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000092672 _____ (Microsoft Corporation) C:WINDOWSsystem32EnterpriseDesktopAppMgmtCSP.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000089616 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceReactivation.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000089568 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000089088 _____ (Microsoft Corporation) C:WINDOWSsystem32asycfilt.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000087552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3api.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000087040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3msm.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000084480 _____ (Microsoft Corporation) C:WINDOWSsystem32enterpriseresourcemanager.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000078848 _____ (Microsoft Corporation) C:WINDOWSsystem32ProvSysprep.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000074752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64asycfilt.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000071680 _____ (Microsoft Corporation) C:WINDOWSsystem32lpremove.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000068408 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DeviceReactivation.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000068096 _____ (Microsoft Corporation) C:WINDOWSsystem32udhisapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WSManMigrationPlugin.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64enterpriseresourcemanager.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000065536 _____ (Microsoft Corporation) C:WINDOWSsystem32iemigplugin.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000063488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iemigplugin.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000063288 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthHost.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000061952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WsmRes.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000060928 _____ (Microsoft Corporation) C:WINDOWSsystem32mf3216.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000060416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mssprxy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32AxInstUI.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000058368 _____ (Microsoft Corporation) C:WINDOWSSysWOW64udhisapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000056672 _____ (Microsoft Corporation) C:WINDOWSsystem32rtmmvrortc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000055376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rtmmvrortc.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000052736 _____ (Microsoft Corporation) C:WINDOWSsystem32jsproxy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000048640 _____ (Microsoft Corporation) C:WINDOWSsystem32dusmapi.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000046080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msscntrs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000045568 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mf3216.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000045056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jsproxy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000045056 _____ (Microsoft Corporation) C:WINDOWSsystem32npmproxy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000044544 _____ (Microsoft Corporation) C:WINDOWSsystem32werdiagcontroller.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000043520 _____ (Microsoft Corporation) C:WINDOWSsystem32LaunchWinApp.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000042336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbs.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000042296 _____ (Microsoft Corporation) C:WINDOWSsystem32SysResetErr.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000040960 _____ (Microsoft Corporation) C:WINDOWSsystem32upnpcont.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000040960 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversafunix.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000038912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64werdiagcontroller.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000037888 _____ (Microsoft Corporation) C:WINDOWSsystem32dusmtask.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000037376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsmprovhost.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000036352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WSManHTTPConfig.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000036352 _____ (Microsoft Corporation) C:WINDOWSsystem32sxstrace.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000035328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64upnpcont.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000033280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LaunchWinApp.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000032056 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdpvideominiport.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sxstrace.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Driversafunix.sys

2020-03-10 16:39 – 2020-03-10 16:39 – 000029696 _____ (Microsoft Corporation) C:WINDOWSsystem32nlmproxy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WsmAgent.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimsg.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32msimsg.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000024064 _____ (Microsoft Corporation) C:WINDOWSsystem32wci.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000023040 _____ (Microsoft Corporation) C:WINDOWSsystem32msauserext.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000019768 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngine.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000018944 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msauserext.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000017408 _____ (Microsoft Corporation) C:WINDOWSsystem32nlmsprep.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000016384 _____ (Microsoft Corporation) C:WINDOWSsystem32MUILanguageCleanup.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32LangCleanupSysprepAction.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000012288 _____ (Microsoft Corporation) C:WINDOWSsystem32pacjsworker.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000011776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsmplpxy.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000011776 _____ (Microsoft Corporation) C:WINDOWSsystem32LaunchTM.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000011776 _____ (Microsoft Corporation) C:WINDOWSsystem32iprtprio.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000010752 _____ (Microsoft Corporation) C:WINDOWSsystem32DMAlertListener.ProxyStub.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000010240 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LaunchTM.exe

2020-03-10 16:39 – 2020-03-10 16:39 – 000010240 _____ (Microsoft Corporation) C:WINDOWSsystem32lpksetupproxyserv.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000009216 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iprtprio.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000008192 _____ (Microsoft Corporation) C:WINDOWSsystem32msimg32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DMAlertListener.ProxyStub.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000007168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimg32.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000003584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TpmCertResources.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32tier2punctuations.dll

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth9.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth12.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth11.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth10.bin

2020-03-10 16:39 – 2020-03-10 16:39 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin

2020-03-10 16:38 – 2020-03-10 16:38 – 007905784 _____ (Microsoft Corporation) C:WINDOWSsystem32windows.storage.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 004622280 _____ (Microsoft Corporation) C:WINDOWSexplorer.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 004471296 _____ (Microsoft Corporation) C:WINDOWSsystem32InputService.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 003708928 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 003587896 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 003263488 _____ (Microsoft Corporation) C:WINDOWSsystem32tquery.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 003260928 _____ (Microsoft Corporation) C:WINDOWSsystem32esent.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 003143168 _____ (Microsoft Corporation) C:WINDOWSsystem32directml.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002870272 _____ (Microsoft Corporation) C:WINDOWSsystem32mssrch.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002808832 _____ (Microsoft Corporation) C:WINDOWSsystem32WsmSvc.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002715648 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 002522112 _____ (Microsoft Corporation) C:WINDOWSsystem32UIAutomationCore.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002474496 _____ (Microsoft Corporation) C:WINDOWSsystem32twinapi.appcore.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002453504 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallService.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002289152 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.onecore.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 002157056 _____ (Microsoft Corporation) C:WINDOWSsystem32wlidsvc.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001885184 _____ (Microsoft Corporation) C:WINDOWSsystem32FntCache.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001764336 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowsCodecs.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001762304 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001751040 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.desktop.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001581056 _____ (Microsoft Corporation) C:WINDOWSsystem32qmgr.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001481216 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpsharercom.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001428992 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbthport.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 001180160 _____ (Microsoft Corporation) C:WINDOWSsystem32localspl.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001149712 _____ (Microsoft Corporation) C:WINDOWSsystem32ApplyTrustOffline.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 001092096 _____ (Microsoft Corporation) C:WINDOWSsystem32TpmCoreProvisioning.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001057792 _____ (Microsoft Corporation) C:WINDOWSsystem32wcmsvc.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 001027000 _____ (Microsoft Corporation) C:WINDOWSsystem32ClipSVC.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000945384 _____ (Microsoft Corporation) C:WINDOWSsystem32dxgi.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000916480 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Core.TextInput.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000914944 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.OnlineId.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000908504 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000878080 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Service.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000874296 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000863232 _____ (Microsoft Corporation) C:WINDOWSsystem32win32spl.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000851968 _____ (Microsoft Corporation) C:WINDOWSsystem32SearchIndexer.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000833616 _____ (Microsoft Corporation) C:WINDOWSsystem32pkeyhelper.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000802304 _____ (Microsoft Corporation) C:WINDOWSsystem32bisrv.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000782848 _____ (Microsoft Corporation) C:WINDOWSsystem32wifinetworkmanager.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000749568 _____ (Microsoft Corporation) C:WINDOWSsystem32ActivationManager.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000649728 _____ (Microsoft Corporation) C:WINDOWSsystem32wlidprov.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000642216 _____ (Microsoft Corporation) C:WINDOWSsystem32TextInputFramework.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000637240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorport.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000540672 _____ (Microsoft Corporation) C:WINDOWSsystem32winspool.drv

2020-03-10 16:38 – 2020-03-10 16:38 – 000531768 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversUSBXHCI.SYS

2020-03-10 16:38 – 2020-03-10 16:38 – 000441144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000433152 _____ (Microsoft Corporation) C:WINDOWSsystem32MicrosoftAccountExtension.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000429880 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolsnap.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32SearchProtocolHost.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000392192 _____ (Microsoft Corporation) C:WINDOWSsystem32Search.ProtocolHandler.MAPI2.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000379904 _____ (Microsoft Corporation) C:WINDOWSsystem32provengine.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000368128 _____ (Microsoft Corporation) C:WINDOWSsystem32mssvp.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000355000 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversintelpep.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000338432 _____ (Microsoft Corporation) C:WINDOWSsystem32AppxAllUserStore.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000337920 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversAcx01000.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000294400 _____ (Microsoft Corporation) C:WINDOWSsystem32provops.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000291328 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceDirectoryClient.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000285184 _____ (Microsoft Corporation) C:WINDOWSsystem32WsmWmiPl.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000282112 _____ (Microsoft Corporation) C:WINDOWSsystem32ngcpopkeysrv.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000273408 _____ (Microsoft Corporation) C:WINDOWSsystem32MicrosoftAccountCloudAP.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000271872 _____ (Microsoft Corporation) C:WINDOWSsystem32provhandlers.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000268288 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3svc.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000262656 _____ (Microsoft Corporation) C:WINDOWSsystem32netman.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000259584 _____ (Microsoft Corporation) C:WINDOWSsystem32wcmcsp.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000250896 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstpm.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000250880 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000240640 _____ (Microsoft Corporation) C:WINDOWSsystem32SearchFilterHost.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000239104 _____ (Microsoft Corporation) C:WINDOWSsystem32vdsbas.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000233472 _____ (Microsoft Corporation) C:WINDOWSsystem32KnobsCore.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000232960 _____ (Microsoft Corporation) C:WINDOWSsystem32provisioningcsp.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000231936 _____ (Microsoft Corporation) C:WINDOWSsystem32TetheringMgr.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000231936 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallServiceTasks.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000228864 _____ (Microsoft Corporation) C:WINDOWSsystem32MicrosoftAccountTokenProvider.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000224056 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversintelppm.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000222520 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversataport.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000208696 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversprocessr.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000204800 _____ (Microsoft Corporation) C:WINDOWSsystem32mssph.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000201728 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXApplicabilityBlob.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000201528 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversamdppm.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000199992 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversamdk8.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000183608 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversusbccgp.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000182272 _____ (Microsoft Corporation) C:WINDOWSsystem32appinfo.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000180232 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspdc.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000174592 _____ (Microsoft Corporation) C:WINDOWSsystem32WsmAuto.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000174392 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorahci.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000151568 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmbus.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000147456 _____ (Microsoft Corporation) C:WINDOWSsystem32mssprxy.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000146712 _____ (Microsoft Corporation) C:WINDOWSsystem32profext.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000144384 _____ (Microsoft Corporation) C:WINDOWSsystem32GraphicsCapture.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000141840 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstornvme.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000141824 _____ (Microsoft Corporation) C:WINDOWSsystem32provpackageapidll.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000138752 _____ (Microsoft Corporation) C:WINDOWSsystem32InputLocaleManager.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000138240 _____ (Microsoft Corporation) C:WINDOWSsystem32TelephonyInteractiveUser.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000131896 _____ (Microsoft Corporation) C:WINDOWSsystem32DTUHandler.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000128512 _____ (Microsoft Corporation) C:WINDOWSsystem32mssitlb.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000128312 _____ (Microsoft Corporation) C:WINDOWSsystem32wifitask.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000120320 _____ (Microsoft Corporation) C:WINDOWSsystem32KnobsCsp.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000114688 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershdaudbus.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000114688 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbthenum.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000108032 _____ (Microsoft Corporation) C:WINDOWSsystem32wwanprotdim.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000103936 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3msm.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000102912 _____ (Microsoft Corporation) C:WINDOWSsystem32NFCProvisioningPlugin.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000099328 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversBTHUSB.SYS

2020-03-10 16:38 – 2020-03-10 16:38 – 000097792 _____ (Microsoft Corporation) C:WINDOWSsystem32provdatastore.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000092160 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3api.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000091136 _____ (Microsoft Corporation) C:WINDOWSsystem32ProvPluginEng.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000089088 _____ (Microsoft Corporation) C:WINDOWSsystem32BarcodeProvisioningPlugin.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32EditBufferTestHook.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000084992 _____ (Microsoft Corporation) C:WINDOWSsystem32WSManMigrationPlugin.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000084480 _____ (Microsoft Corporation) C:WINDOWSsystem32provtool.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000077824 _____ (Microsoft Corporation) C:WINDOWSsystem32CustomInstallExec.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000076288 _____ (Microsoft Corporation) C:WINDOWSsystem32autopilot.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000069632 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmonitor.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000067112 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowsManagementServiceWinRt.ProxyStub.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000066560 _____ (Microsoft Corporation) C:WINDOWSsystem32RemovableMediaProvisioningPlugin.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000066336 _____ (Microsoft Corporation) C:WINDOWSsystem32wlrmdr.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000061952 _____ (Microsoft Corporation) C:WINDOWSsystem32WsmRes.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32msscntrs.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000056632 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspciidex.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000054784 _____ (Microsoft Corporation) C:WINDOWSsystem32MSAProfileNotificationHandler.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000048256 _____ (Microsoft Corporation) C:WINDOWSsystem32tbs.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000046080 _____ (Microsoft Corporation) C:WINDOWSsystem32wsmprovhost.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32cellulardatacapabilityhandler.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32WiredNetworkCSP.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000041984 _____ (Microsoft Corporation) C:WINDOWSsystem32WSManHTTPConfig.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000041472 _____ (Microsoft Corporation) C:WINDOWSsystem32WordBreakers.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversBthMini.SYS

2020-03-10 16:38 – 2020-03-10 16:38 – 000033792 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Provisioning.ProxyStub.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000032256 _____ (Microsoft Corporation) C:WINDOWSsystem32WsmAgent.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000031232 _____ (Microsoft Corporation) C:WINDOWSsystem32FaxPrinterInstaller.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000030720 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversKNetPwrDepBroker.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000030008 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversatapi.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000029712 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstbs.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000028936 _____ (Microsoft Corporation) C:WINDOWSsystem32vmbuspipe.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000025600 _____ (Microsoft Corporation) C:WINDOWSsystem32autopilotdiag.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000019984 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversintelide.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000019456 _____ (Microsoft Corporation) C:WINDOWSsystem32mpnotify.exe

2020-03-10 16:38 – 2020-03-10 16:38 – 000016912 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspciide.sys

2020-03-10 16:38 – 2020-03-10 16:38 – 000015872 _____ (Microsoft Corporation) C:WINDOWSsystem32wsmplpxy.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000003584 _____ (Microsoft Corporation) C:WINDOWSsystem32TpmCertResources.dll

2020-03-10 16:38 – 2020-03-10 16:38 – 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32TelephonyInteractiveUserRes.dll

2020-03-10 16:33 – 2020-02-10 21:48 – 000390656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe

2020-03-10 16:33 – 2020-02-10 21:37 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe

2020-03-08 15:22 – 2020-03-08 15:22 – 000487018 _____ C:UsersClaudeDownloadsK-On! – Cagayake Girls.pdf

2020-03-08 15:16 – 2020-03-08 15:16 – 000158413 _____ C:UsersClaudeDownloadsKoe no Katachi ED – Koi wo bleepa no wa.pdf

2020-03-08 14:56 – 2020-03-08 14:56 – 000358155 _____ C:UsersClaudeDownloadsEmiri Katou – Happy Bite.pdf

2020-03-05 15:57 – 2020-03-05 15:57 – 000068564 _____ C:UsersClaudeDownloads3.pdf

2020-03-04 18:44 – 2020-03-04 18:44 – 003518860 _____ C:UsersClaudeDownloads4K Font v. 0.9-6-0-9-1580603152.rar

2020-03-03 22:37 – 2020-03-03 22:37 – 000003326 _____ C:WINDOWSsystem32Tasksdownload

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 08:54 – 2018-12-06 17:12 – 000000000 ____D C:Program FilesBitdefender Antivirus Free

2020-03-31 08:52 – 2019-03-18 21:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2020-03-31 08:42 – 2017-09-30 11:36 – 000000000 ____D C:UsersClaudeAppDataRoamingdiscord

2020-03-31 08:37 – 2017-11-03 20:36 – 000000000 ____D C:ProgramDataNVIDIA

2020-03-31 08:36 – 2017-12-10 09:37 – 000000000 ____D C:UsersClaudeAppDataRoamingWTablet

2020-03-31 08:35 – 2017-09-30 10:51 – 000000000 ____D C:Program Files (x86)Steam

2020-03-30 20:47 – 2019-08-28 12:13 – 000003140 _____ C:WINDOWSsystem32TasksMSIAfterburner

2020-03-30 20:41 – 2017-12-10 09:38 – 000000000 ____D C:UsersClaudeAppDataLocalBattle.net

2020-03-30 19:56 – 2019-08-28 12:07 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2020-03-30 10:40 – 2019-03-18 21:52 – 000000000 ___HD C:WINDOWSELAMBKUP

2020-03-30 10:40 – 2019-03-18 21:37 – 000065536 _____ C:WINDOWSsystem32configELAM

2020-03-30 10:39 – 2019-08-28 12:16 – 002011652 _____ C:WINDOWSsystem32PerfStringBackup.INI

2020-03-30 10:39 – 2019-08-28 10:27 – 000489846 _____ C:WINDOWSsystem32perfh011.dat

2020-03-30 10:39 – 2019-08-28 10:27 – 000134522 _____ C:WINDOWSsystem32perfc011.dat

2020-03-30 10:39 – 2019-08-28 10:19 – 000419074 _____ C:WINDOWSsystem32prfh0804.dat

2020-03-30 10:39 – 2019-08-28 10:19 – 000134266 _____ C:WINDOWSsystem32prfc0804.dat

2020-03-30 10:39 – 2019-03-18 21:50 – 000000000 ____D C:WINDOWSINF

2020-03-30 10:34 – 2019-08-28 12:13 – 000000006 ____H C:WINDOWSTasksSA.DAT

2020-03-30 10:34 – 2019-03-18 21:37 – 000524288 _____ C:WINDOWSsystem32configBBI

2020-03-30 10:34 – 2018-09-15 18:57 – 000026192 ____N (Windows ® Server 2003 DDK provider) C:WINDOWSgdrv.sys

2020-03-30 09:48 – 2018-09-16 06:16 – 000000000 ____D C:Program Files (x86)MSI Afterburner

2020-03-29 20:42 – 2017-12-10 09:29 – 000000000 ____D C:UsersClaudeAppDataLocalCrashDumps

2020-03-28 19:48 – 2018-09-22 07:33 – 000000000 ____D C:UsersClaudeAppDataRoamingslobs-client

2020-03-28 17:54 – 2018-06-23 07:58 – 000000000 ____D C:UsersClaudeAppDataLocalUbisoft Game Launcher

2020-03-28 09:25 – 2019-03-18 21:52 – 000000000 ___HD C:Program FilesWindowsApps

2020-03-28 09:25 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSAppReadiness

2020-03-26 18:38 – 2017-09-16 15:31 – 000000000 ____D C:Program Files (x86)Overwatch

2020-03-26 15:58 – 2019-03-18 21:37 – 000000000 ____D C:WINDOWSCbsTemp

2020-03-26 15:20 – 2017-12-04 17:15 – 000000000 ____D C:UsersClaudeAppDataLocalPackages

2020-03-26 09:29 – 2017-09-16 15:26 – 000000000 ____D C:Program Files (x86)Blizzard App

2020-03-25 11:13 – 2018-02-28 13:54 – 000000000 ____D C:WINDOWSsystem32Driverswd

2020-03-24 09:23 – 2019-10-22 19:27 – 000000000 ____D C:UsersClaudeAppDataLocalxwalk

2020-03-24 09:22 – 2019-01-08 08:30 – 000000000 ____D C:UsersClaudeDocumentsWeChat Files

2020-03-23 20:43 – 2017-09-16 14:49 – 000000000 ____D C:UsersClaudeAppDataLocalNVIDIA

2020-03-21 08:20 – 2019-03-18 21:52 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2020-03-21 08:19 – 2017-10-22 12:42 – 000000000 ____D C:Program FilesMicrosoft Office

2020-03-20 14:45 – 2019-08-28 12:13 – 000003420 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2020-03-20 14:45 – 2019-08-28 12:13 – 000003296 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2020-03-19 19:29 – 2019-12-15 18:18 – 000004562 _____ C:WINDOWSsystem32TasksAdobe Acrobat Update Task

2020-03-19 19:29 – 2019-12-15 18:18 – 000002457 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

2020-03-19 14:45 – 2017-09-16 13:45 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2020-03-16 11:31 – 2020-01-24 14:18 – 000000000 ____D C:UsersClaudeAppDataRoamingSega

2020-03-16 11:31 – 2020-01-24 14:18 – 000000000 ____D C:UsersClaudeAppDataLocalSega

2020-03-15 18:45 – 2018-09-22 07:33 – 000000000 ____D C:Program FilesStreamlabs OBS

2020-03-14 20:03 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSShellExperiences

2020-03-14 20:03 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSbcastdvr

2020-03-14 18:53 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSsystem32FxsTmp

2020-03-14 14:47 – 2019-06-23 19:01 – 000000000 ____D C:UsersClaudeDocumentsFOlders

2020-03-14 13:55 – 2017-09-30 11:03 – 000000000 ____D C:UsersClaudeAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2020-03-14 13:41 – 2020-02-21 22:19 – 000000000 ____D C:UsersClaudeAppDataRoamingVortex

2020-03-11 15:57 – 2019-08-28 12:13 – 000004598 _____ C:WINDOWSsystem32TasksAdobe Flash Player PPAPI Notifier

2020-03-11 15:57 – 2019-08-28 12:13 – 000004422 _____ C:WINDOWSsystem32TasksAdobe Flash Player Updater

2020-03-11 15:57 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSSysWOW64Macromed

2020-03-11 15:57 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSsystem32Macromed

2020-03-11 11:43 – 2019-08-28 12:07 – 000509952 _____ C:WINDOWSsystem32FNTCACHE.DAT

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSSysWOW64setup

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSSysWOW64Dism

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSSystemResources

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSsystem32setup

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSsystem32oobe

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:WINDOWSsystem32Dism

2020-03-10 20:13 – 2019-03-18 21:52 – 000000000 ____D C:Program FilesWindows Defender

2020-03-10 20:13 – 2019-03-18 21:37 – 000000000 ____D C:WINDOWSservicing

2020-03-10 17:08 – 2017-12-29 12:39 – 000000000 ____D C:Temp

2020-03-10 16:42 – 2017-09-16 13:55 – 000000000 ____D C:WINDOWSsystem32MRT

2020-03-10 16:41 – 2017-09-16 13:55 – 121542864 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2020-03-07 21:59 – 2020-02-21 22:52 – 000000000 ____D C:UsersClaudeAppDataLocalLOOT

2020-03-05 14:07 – 2018-10-13 08:46 – 000654432 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2020-03-05 14:03 – 2018-10-13 08:46 – 004964904 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2020-03-05 14:03 – 2018-10-13 08:46 – 004233112 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2020-03-04 14:34 – 2018-10-13 19:30 – 001691632 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvhdagenco6420103.dll

2020-03-04 14:34 – 2018-10-13 19:30 – 000237392 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhda64v.sys

2020-03-04 14:34 – 2018-10-13 08:46 – 000055845 _____ C:WINDOWSsystem32nvinfo.pb

2020-03-04 12:25 – 2017-11-03 20:36 – 005571056 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2020-03-04 12:25 – 2017-11-03 20:36 – 002630968 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvsvc64.dll

2020-03-04 12:25 – 2017-11-03 20:36 – 001759032 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvsvcr.dll

2020-03-04 12:25 – 2017-11-03 20:36 – 000660792 _____ (NVIDIA Corporation) C:WINDOWSsystem32nv3dappshext.dll

2020-03-04 12:25 – 2017-11-03 20:36 – 000447464 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvmctray.dll

2020-03-04 12:25 – 2017-11-03 20:36 – 000122344 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvshext.dll

2020-03-04 12:25 – 2017-11-03 20:36 – 000074552 _____ (NVIDIA Corporation) C:WINDOWSsystem32nv3dappshextr.dll

2020-03-04 09:51 – 2018-12-06 17:15 – 000757240 _____ (Bitdefender) C:WINDOWSsystem32Driversbddci.sys

2020-03-03 22:47 – 2017-11-03 20:36 – 008978037 _____ C:WINDOWSsystem32nvcoproc.bin

==================== Files in the root of some directories ========

2019-10-22 19:27 – 2019-10-22 19:27 – 000045056 _____ () C:UsersClaudeAppDataRoamingWeb Data

2019-10-22 19:27 – 2019-10-22 19:27 – 000000000 _____ () C:UsersClaudeAppDataRoamingWeb Data-journal

2019-06-22 08:16 – 2020-02-16 13:31 – 000000069 _____ () C:UsersClaudeAppDataLocalupdate_progress.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt is in the next reply

Running from C:UsersClaudeDesktop

Windows 10 Home Version 1903 18362.720 (X64) (2019-08-28 19:13:29)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3208311411-3576727370-3064477758-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-3208311411-3576727370-3064477758-503 – Limited – Disabled)

defaultuser0 (S-1-5-21-3208311411-3576727370-3064477758-1000 – Limited – Disabled) => C:Usersdefaultuser0

Ewen (S-1-5-21-3208311411-3576727370-3064477758-1001 – Administrator – Enabled) => C:UsersClaude

Guest (S-1-5-21-3208311411-3576727370-3064477758-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-3208311411-3576727370-3064477758-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled – Up to date) EA21BCE8-A461-99C3-3A0D-4C964E75494E

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B

AS: Bitdefender Antivirus Free Antimalware (Enabled – Up to date) 51405D0C-825B-964D-00BD-77E435F203F3

AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B15.0630.1 (HKLM-x32…C9D46F25-5F9D-4E25-B24F-BC00E9EDF529) (Version: 3.00.0000 – GIGABYTE) Hidden

@BIOS B15.0630.1 (HKLM-x32…InstallShield_C9D46F25-5F9D-4E25-B24F-BC00E9EDF529) (Version: 3.00.0000 – GIGABYTE)

Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 20.006.20042 – Adobe Systems Incorporated)

Adobe Flash Player 32 PPAPI (HKLM-x32…Adobe Flash Player PPAPI) (Version: 32.0.0.344 – Adobe)

APP Center (HKLM-x32…F3D47276-0E35-42CF-A677-B45118470E21) (Version: 1.17.0801 – Gigabyte) Hidden

APP Center (HKLM-x32…InstallShield_F3D47276-0E35-42CF-A677-B45118470E21) (Version: 1.17.0801 – Gigabyte)

Asmedia USB Host Controller Driver (HKLM-x32…E4FB0B39-C991-4EE7-95DD-1A1A7857D33D) (Version: 1.16.38.1 – Asmedia Technology)

Audacity 2.3.0 (HKLM-x32…Audacity_is1) (Version: 2.3.0 – Audacity Team)

Bitdefender Agent (HKLM…Bitdefender Agent) (Version: 1.0.1 – Bitdefender)

Bitdefender Antivirus Free (HKLM…1FCCF41D-5F00-4FE2-9653-162D0486C8B4) (Version: 1.0.14.74 – Bitdefender)

Blizzard App (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Borderless Gaming (HKLM-x32…Borderless Gaming_is1) (Version: 9.5.6 – Andrew Sampson)

Clownfish Voice Changer (HKLM…ClownfishVoiceChanger) (Version:  – )

Corsair Utility Engine (HKLM-x32…5A1E247D-38F6-4398-991F-87619AC282A5) (Version: 2.16.87 – Corsair)

DaVinci Resolve (HKLM…74302397-BD1E-4917-B728-A1233CDEB39A) (Version: 16.2.0055 – Blackmagic Design)

DaVinci Resolve Panels (HKLM…332552D0-B8EE-49BF-B904-E038A72BD2B2) (Version: 1.1.2.0 – Blackmagic Design)

Discord (HKUS-1-5-21-3208311411-3576727370-3064477758-1001…Discord) (Version: 0.0.306 – Discord Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Fender FUSE (HKUS-1-5-21-3208311411-3576727370-3064477758-1001…3984504247.fuse.fender.com) (Version:  – fuse.fender.com)

Fender FUSE 2.7.1.48 (HKLM-x32…Fender FUSE) (Version:  – )

FINAL FANTASY XIV ONLINE (HKLM-x32…2B41E132-07DF-4925-A3D3-F2D1765CCDFE) (Version: 1.0.0000 – SQUARE ENIX CO., LTD.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 80.0.3987.149 – Google LLC)

Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden

Intel Driver && Support Assistant (HKLM-x32…C478EAE-B49D-46A9-8B7F-9634A74602ED) (Version: 19.6.26.3 – Intel) Hidden

Intel® Chipset Device Software (HKLM-x32…bb0592a7-5772-4736-9d55-2402740085db) (Version: 10.1.1.38 – Intel® Corporation) Hidden

Intel® Computing Improvement Program (HKLM…D40D4164-EEDB-4F0F-85C6-2058A9E34CC7) (Version: 2.4.04370 – Intel Corporation)

Intel® Management Engine Components (HKLM…1CEAC85D-2590-4760-800F-8DE5E91F3700) (Version: 11.7.0.1017 – Intel Corporation)

Intel® Network Connections 21.1.29.0 (HKLM…PROSetDX) (Version: 21.1.29.0 – Intel)

Intel® Rapid Storage Technology (HKLM…409CB30E-E457-4008-9B1A-ED1B9EA21140) (Version: 16.8.2.1002 – Intel Corporation)

Intel® Driver & Support Assistant (HKLM-x32…dbe96554-7594-4bba-b7c5-fc6c72dbaa39) (Version: 19.6.26.3 – Intel)

Intel® Optane™ Pinning Explorer Extensions (HKLM…40D9BA0-B5C7-4382-9412-5A0197927A65) (Version: 16.8.2.1002 – Intel Corporation)

Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

LOOT version 0.15.1 (HKLM-x32…BF634210-A0D4-443F-A657-0DCE38040374_is1) (Version: 0.15.1 – LOOT Team)

Malwarebytes version 4.1.0.56 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.1.0.56 – Malwarebytes)

Microsoft Office 365 ProPlus – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.11929.20648 – Microsoft Corporation)

Microsoft Silverlight (HKLM-x32…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.0.61118.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4) (Version: 9.0.21022 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.10.25008 (HKLM-x32…f1e7e313-06df-4c56-96a9-99fdfd149c51) (Version: 14.10.25008.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) – 14.15.26706 (HKLM-x32…7e9fae12-5bbf-47fb-b944-09c49e75c061) (Version: 14.15.26706.0 – Microsoft Corporation)

Minecraft (HKLM-x32…1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872) (Version: 1.0.3.0 – Mojang)

MSI Afterburner 4.6.1 (HKLM-x32…Afterburner) (Version: 4.6.1 – MSI Co., LTD)

Nox APP Player (HKLM-x32…Nox) (Version: 6.6.0.1 – Duodian Technology Co. Ltd.)

NVAPI Monitor plugin for NvContainer (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_NvContainer.NvapiMonitor) (Version: 1.19 – NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 3.20.2.34 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.20.2.34 – NVIDIA Corporation)

NVIDIA Graphics Driver 442.59 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 442.59 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.21 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_HDAudio.Driver) (Version: 1.3.38.21 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.11929.20648 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.11929.20648 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.11929.20648 – Microsoft Corporation) Hidden

Open Broadcaster Software (HKLM-x32…Open Broadcaster Software) (Version:  – )

osu! (HKLM-x32…2468d2de-4c83-48e6-b7f4-a549a124370a) (Version: latest – ppy Pty Ltd)

Overwatch (HKLM-x32…Overwatch) (Version:  – Blizzard Entertainment)

PaintTool SAI Ver.1 (HKLM-x32…PaintToolSAI) (Version:  – )

Plagiarism Checker X (HKLM-x32…ABE5C823-C595-4B46-83AB-4AFB3E1D63A7) (Version: 6.0.9 – Plagiarism Checker X, LLC) Hidden

Plagiarism Checker X (HKLM-x32…Plagiarism Checker X 6.0.9) (Version: 6.0.9 – Plagiarism Checker X, LLC)

PPSSPP version 1.5.4 (HKLM-x32…PPSSPP_is1) (Version: 1.5.4 – )

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.8302 – Realtek Semiconductor Corp.)

Samsung Magician (HKLM-x32…29AE3F9F-7158-4ca7-B1ED-28A73ECDB215_is1) (Version: 5.0.0.790 – Samsung Electronics)

SIV (HKLM-x32…AAA057C3-10DC-4EB9-A3D6-8208C1BB7411) (Version: 1.15.1112 – GIGABYTE) Hidden

SIV (HKLM-x32…InstallShield_AAA057C3-10DC-4EB9-A3D6-8208C1BB7411) (Version: 1.15.1112 – GIGABYTE)

Spotify (HKUS-1-5-21-3208311411-3576727370-3064477758-1001…Spotify) (Version: 1.0.96.181.gf6bc1b6b – Spotify AB)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Streamlabs OBS 0.11.8 (HKLM…29c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.8 – General Workings, Inc.)

Twitch (HKUS-1-5-21-3208311411-3576727370-3064477758-1001…DEE70742-F4E9-44CA-B2B9-EE95DCF37295) (Version: 8.0.0 – Twitch Interactive, Inc.)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…16AD6161-2E47-4BF1-AA77-0946EFE93E08) (Version: 2.61.0.0 – Microsoft Corporation)

UpdateAssistant (HKLM…52C1DD03-104E-4AC6-9DC6-21D585721ED1) (Version: 1.19.0.0 – Microsoft Corporation) Hidden

Uplay (HKLM-x32…Uplay) (Version: 27.0 – Ubisoft)

Vortex (HKLM…57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.1.14 – Black Tree Gaming Ltd.)

Wacom Tablet (HKLM…Wacom Tablet Driver) (Version: 6.3.30-6 – Wacom Technology Corp.)

WeChat (HKLM-x32…WeChat) (Version: 2.6.6.28 – 腾讯科技(深圳)有限公司)

Windows Setup Remediations (x64) (KB4023057) (HKLM…5534e02f-0f5d-40dd-ba92-bea38d22384d.sdb) (Version:  – )

WinRAR 5.60 beta 2 (64-bit) (HKLM…WinRAR archiver) (Version: 5.60.2 – win.rar GmbH)

Zoom (HKUS-1-5-21-3208311411-3576727370-3064477758-1001…ZoomUMX) (Version: 4.5 – Zoom Video Communications, Inc.)

Packages:

=========

Autodesk SketchBook -> C:Program FilesWindowsApps89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)

Instagram -> C:Program FilesWindowsAppsFacebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-02-28] (Instagram)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]

Microsoft News -> C:Program FilesWindowsAppsMicrosoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]

MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID0020420-0000-0000-C000-000000000046InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID0020421-0000-0000-C000-000000000046InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID0020422-0000-0000-C000-000000000046InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID0020423-0000-0000-C000-000000000046InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID0020424-0000-0000-C000-000000000046InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID0020425-0000-0000-C000-000000000046InprocServer32 -> C:WINDOWSsystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63EInprocServer32 -> C:UsersClaudeAppDataLocalMicrosoftOneDrive17.3.7076.1026_1amd64FileSyncShell64.dll => No File

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID233525e0-5434-46ef-b464-fd7e45e2e145localserver32 -> C:Program Files (x86)IntelDriver and Support AssistantDSATray.exe (IDSA Production signing key -> Intel)

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID7AFDFDDB-F914-11E4-8377-6C3BE50D980CInprocServer32 -> C:UsersClaudeAppDataLocalMicrosoftOneDrive17.3.7076.1026_1amd64FileSyncShell64.dll => No File

CustomCLSID: HKUS-1-5-21-3208311411-3576727370-3064477758-1001_ClassesCLSID82CA8DE3-01AD-4CEA-9D75-BE4C51810A9EInprocServer32 -> C:UsersClaudeAppDataLocalMicrosoftOneDrive17.3.7076.1026_1amd64FileSyncShell64.dll => No File

ShellIconOverlayIdentifiers: [   Report64] -> C7D0BD5D-B11A-47DB-BB14-7F930B3F7705 => C:Program Files (x86)YouKuYoukuClientcmc_pluginsX64report64.dll -> No File

ShellIconOverlayIdentifiers: [   YoukuModShlExt64] -> 314711D6-6B45-4AF7-83D8-DCD8537FD241 => C:Program Files (x86)YouKuYoukuClientcmc_pluginsX64coreplay64.dll -> No File

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9 => C:Program FilesIntelOptaneShellExtensionsOptaneShellExt.dll [2019-02-27] () [File not signed]

ShellIconOverlayIdentifiers: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File

ShellIconOverlayIdentifiers: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 =>  -> No File

ShellIconOverlayIdentifiers: [QBOverlayIcon] -> 96959DE7-C855-42BD-8382-2AAABF2A8F52 => C:UsersClaudeAppDataLocalTencentQQBrowserUser DataQBShellIconQBShellIcon23ac128.dll [2019-02-02] (Tencent Technology(Shenzhen) Company Limited -> Tencent)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2018-03-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2018-03-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-03-30] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers3: [OptaneContextMenu] -> AD7EBB13-617D-3270-8FA8-46583499C4FB => C:Program FilesIntelOptaneShellExtensionsOptaneShellExt.dll [2019-02-27] () [File not signed]

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WINDOWSsystem32nvshext.dll [2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-03-30] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2018-03-30] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2018-03-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-08-04 09:31 – 2017-08-04 09:31 – 000151040 _____ () [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineCorsairAudioDevice.dll

2016-12-01 10:28 – 2016-12-01 10:28 – 000013824 _____ () [File not signed] C:Program Files (x86)CorsairCorsair Utility EnginelibEGL.DLL

2016-12-01 10:28 – 2016-12-01 10:28 – 001983488 _____ () [File not signed] C:Program Files (x86)CorsairCorsair Utility EnginelibGLESv2.dll

2017-08-04 09:16 – 2017-08-04 09:16 – 000044544 _____ () [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineMacroRecording.dll

2017-08-04 09:18 – 2017-08-04 09:18 – 000199680 _____ () [File not signed] C:Program Files (x86)CorsairCorsair Utility Enginequazip.dll

2017-08-04 09:15 – 2017-08-04 09:15 – 000097280 _____ () [File not signed] C:Program Files (x86)CorsairCorsair Utility Enginezlib.dll

2014-01-21 21:53 – 2014-01-21 21:53 – 001607680 _____ () [File not signed] C:Program Files (x86)GigabyteAppCenterBDR_info.dll

2015-02-15 18:47 – 2015-02-15 18:47 – 000105472 _____ () [File not signed] C:Program Files (x86)GigabyteAppCenterycc.dll

2019-04-21 01:33 – 2019-04-21 01:33 – 000232448 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTCore.dll

2019-04-21 01:32 – 2019-04-21 01:32 – 000057344 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTFC.dll

2019-04-21 01:33 – 2019-04-21 01:33 – 000649216 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTHAL.dll

2019-04-21 01:32 – 2019-04-21 01:32 – 000074240 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTMUI.dll

2019-04-21 01:33 – 2019-04-21 01:33 – 000367104 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTUI.dll

2019-02-27 14:29 – 2019-02-27 14:29 – 000126976 _____ (Intel Corporation) [File not signed] C:Program FilesIntelOptaneShellExtensionsiaStorAfsServiceApi.dll

2016-08-24 13:54 – 2016-08-24 13:54 – 000352256 _____ (Intel® Corporation) [File not signed] C:Windowssystem32NCS2Setp.dll

2017-06-14 10:20 – 2017-06-14 10:20 – 001272320 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineLIBEAY32.dll

2017-06-14 10:20 – 2017-06-14 10:20 – 000278016 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program Files (x86)CorsairCorsair Utility Enginessleay32.dll

2016-12-01 14:28 – 2016-12-01 14:28 – 000040960 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqdds.dll

2016-12-01 10:43 – 2016-12-01 10:43 – 000026112 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqgif.dll

2016-12-01 14:28 – 2016-12-01 14:28 – 000033280 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqicns.dll

2016-12-01 10:43 – 2016-12-01 10:43 – 000027648 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqico.dll

2016-12-01 10:43 – 2016-12-01 10:43 – 000245760 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqjpeg.dll

2016-12-01 13:38 – 2016-12-01 13:38 – 000021504 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqsvg.dll

2016-12-01 14:29 – 2016-12-01 14:29 – 000020992 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqtga.dll

2016-12-01 14:29 – 2016-12-01 14:29 – 000316416 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqtiff.dll

2016-12-01 14:29 – 2016-12-01 14:29 – 000019968 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqwbmp.dll

2016-12-01 14:30 – 2016-12-01 14:30 – 000370688 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineimageformatsqwebp.dll

2016-12-01 10:44 – 2016-12-01 10:44 – 001066496 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility Engineplatformsqwindows.dll

2017-08-04 09:31 – 2017-08-04 09:31 – 004633088 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Core.dll

2017-04-10 18:07 – 2017-04-10 18:07 – 003618816 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Gui.dll

2016-12-01 15:45 – 2016-12-01 15:45 – 000576512 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Multimedia.dll

2016-12-01 10:31 – 2016-12-01 10:31 – 000847872 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Network.dll

2016-12-01 14:02 – 2016-12-01 14:02 – 002520064 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Qml.dll

2017-04-10 18:20 – 2017-04-10 18:20 – 002600960 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Quick.dll

2016-12-01 13:38 – 2016-12-01 13:38 – 000255488 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Svg.dll

2016-12-01 10:40 – 2016-12-01 10:40 – 004448768 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Widgets.dll

2016-12-01 16:24 – 2016-12-01 16:24 – 000236544 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5WinExtras.dll

2016-12-01 10:29 – 2016-12-01 10:29 – 000151552 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQt5Xml.dll

2016-12-01 15:43 – 2016-12-01 15:43 – 000041472 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2016-12-01 15:43 – 2016-12-01 15:43 – 000015360 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2016-12-01 14:10 – 2016-12-01 14:10 – 000015872 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQtQuick.2qtquick2plugin.dll

2016-12-01 16:17 – 2016-12-01 16:17 – 000710144 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQtQuickControlsqtquickcontrolsplugin.dll

2016-12-01 14:10 – 2016-12-01 14:10 – 000071680 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQtQuickLayoutsqquicklayoutsplugin.dll

2016-12-01 14:10 – 2016-12-01 14:10 – 000015872 _____ (The Qt Company Ltd) [File not signed] C:Program Files (x86)CorsairCorsair Utility EngineQtQuickWindow.2windowplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:UsersClaudeDownloadsBERSERK – Forces 1.5 (Remix) – Susumu Hirasawa.xwm:original-name [17]

AlternateDataStreams: C:UsersPublicAppData:CSM [189]

AlternateDataStreams: C:UsersPublicShared Files:VersionCache [458]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 04:47 – 2016-07-16 04:45 – 000000824 _____ C:WINDOWSsystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-3208311411-3576727370-3064477758-1001Control PanelDesktop\Wallpaper -> S:Mikosample-3189587161c0660dd8a10f9b4e2407ea.jpg

DNS Servers: 192.168.2.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKUS-1-5-21-3208311411-3576727370-3064477758-1001…StartupApprovedRun: => "OneDrive"

HKUS-1-5-21-3208311411-3576727370-3064477758-1001…StartupApprovedRun: => "Discord"

HKUS-1-5-21-3208311411-3576727370-3064477758-1001…StartupApprovedRun: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User2340F55A-5172-4912-982B-5DDC82DE4CE6C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query UserE0DEE3D0-D7AA-48A1-9A56-C609EBE0D478C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [6289DB2F-62CF-4D59-8009-9AD3AEEF7A72] => (Allow) E:SquareEnixFINAL FANTASY XIV – A Realm Rebornbootffxivlauncher.exe No File

FirewallRules: [2D84A7FF-C43C-4BD2-B222-A9323056A7DD] => (Allow) E:SquareEnixFINAL FANTASY XIV – A Realm Rebornbootffxivlauncher.exe No File

FirewallRules: [C3302BF4-44D2-41A3-BFA8-AAA16E2139AE] => (Allow) E:SquareEnixFINAL FANTASY XIV – A Realm Rebornbootffxivboot.exe No File

FirewallRules: [4285585F-E6C3-482D-9759-40269C7EBC87] => (Allow) E:SquareEnixFINAL FANTASY XIV – A Realm Rebornbootffxivboot.exe No File

FirewallRules: [UDP Query User69D38A2E-4C05-4570-A743-68BE941EA7AFC:program files (x86)transockstransocks.exe] => (Allow) C:program files (x86)transockstransocks.exe No File

FirewallRules: [TCP Query UserBCCB5F56-CA26-4551-A0B8-DEBE49656FF7C:program files (x86)transockstransocks.exe] => (Allow) C:program files (x86)transockstransocks.exe No File

FirewallRules: [78F236CB-364E-4762-A7E4-C30038C00DD7] => (Allow) E:SteamLibrarysteamappscommonDark Souls II Scholar of the First SinGameDarkSoulsII.exe No File

FirewallRules: [CAB012E0-C82C-4D19-A893-FE40F6CFFC09] => (Allow) E:SteamLibrarysteamappscommonDark Souls II Scholar of the First SinGameDarkSoulsII.exe No File

FirewallRules: [UDP Query User225760B6-93BD-46EB-8D05-9AC2C9CB2BFDE:mcruntimejre-x64binjavaw.exe] => (Allow) E:mcruntimejre-x64binjavaw.exe

FirewallRules: [TCP Query UserCFA8001A-26B0-4507-84EB-A6A461684929E:mcruntimejre-x64binjavaw.exe] => (Allow) E:mcruntimejre-x64binjavaw.exe

FirewallRules: [C85DFC29-4F7A-47B9-90D6-FA79D9DD39F3] => (Allow) C:UsersClaudeAppDataLocalProgramsOpera60.0.3255.27opera.exe No File

FirewallRules: [4600AAD1-E64F-4D51-82C4-0F67C9DE8FEE] => (Allow) E:SteamLibrarysteamappscommonTom Clancy's Rainbow Six SiegeRainbowSix_BE.exe No File

FirewallRules: [ABE6099D-E5B3-42E9-B168-3818DA4DD351] => (Allow) E:SteamLibrarysteamappscommonTom Clancy's Rainbow Six SiegeRainbowSix_BE.exe No File

FirewallRules: [4AB6FC10-4477-4CF0-9575-7329A4C1A8DB] => (Allow) C:Program Files (x86)SteamsteamappscommonDARK SOULS IIIGameDarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)

FirewallRules: [60796202-085D-4793-B7C2-18E355AB0014] => (Allow) C:Program Files (x86)SteamsteamappscommonDARK SOULS IIIGameDarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)

FirewallRules: [A00726A0-9457-49A3-88C0-D881538256A5] => (Allow) C:UsersClaudeAppDataRoamingyouku.ikuaccikuacc.exe No File

FirewallRules: [0398EBB3-1BEA-44B3-9C33-5AB3097A1DA5] => (Allow) C:Program Files (x86)SteamsteamappscommonFINAL FANTASY XIV Onlinebootffxivboot.exe No File

FirewallRules: [6E8AD912-77E8-4F77-8F8C-4DE1F7C71199] => (Allow) C:Program Files (x86)SteamsteamappscommonFINAL FANTASY XIV Onlinebootffxivboot.exe No File

FirewallRules: [UDP Query User22720FEC-FEE5-496D-A767-990A5C698FFAC:program files (x86)origin gamesapexr5apex.exe] => (Allow) C:program files (x86)origin gamesapexr5apex.exe No File

FirewallRules: [TCP Query UserB16D3EDD-3D12-4D95-BA48-68342DFC249CC:program files (x86)origin gamesapexr5apex.exe] => (Allow) C:program files (x86)origin gamesapexr5apex.exe No File

FirewallRules: [FED0491F-E933-4BAF-8DEE-17700238E1F5] => (Allow) C:ProgramData2345PinyintoolPinyin_2345DLAgent.exe (Shanghai 2345 Mobile Technology Co., Ltd. -> 2345移动科技)

FirewallRules: [3655F952-4034-4277-A1F6-91E001BB0D0A] => (Allow) C:Program Files (x86)Internet ExplorerPPLiteplugin4.1.3.0030PluginInstaller.exe No File

FirewallRules: [83E757C5-47D9-4620-BB66-CDA7CCD68895] => (Allow) C:Program Files (x86)Internet ExplorerPPLiteplugin4.1.3.0030PluginInstaller.exe No File

FirewallRules: [7AF5B6E0-AF4B-44BE-8AD0-0C4A406405F0] => (Allow) C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe No File

FirewallRules: [4067C123-D6E8-4B16-8120-1658937E4BC5] => (Allow) C:Program Files (x86)Common FilesPPLiveNetworkPPAP.exe No File

FirewallRules: [826C3A47-D1A8-4CCB-8F42-59419632C2CE] => (Allow) C:WindowsSystem32PPTVLauncher.exe (PPLive Corporation -> PPLive Corporation)

FirewallRules: [F4450229-6E02-45AE-9F89-F86301533412] => (Allow) C:WindowsSystem32PPTVLauncher.exe (PPLive Corporation -> PPLive Corporation)

FirewallRules: [42B38663-05BE-46F6-A76F-F5D0E1487B78] => (Allow) C:Program Files (x86)PPLivePPTV4.1.3.0030crashreporter.exe No File

FirewallRules: [3F0CFDA2-4E51-49B7-96CC-C903A482CE06] => (Allow) C:Program Files (x86)PPLivePPTV4.1.3.0030crashreporter.exe No File

FirewallRules: [02CD05D3-42B3-49F0-B76E-539E04CC0874] => (Allow) C:Program Files (x86)PPLivePPTV4.1.3.0030RepairSetup.exe No File

FirewallRules: [1A38E935-8C0B-420F-97F2-975425E66A6B] => (Allow) C:Program Files (x86)PPLivePPTV4.1.3.0030RepairSetup.exe No File

FirewallRules: [AC530E54-66A1-49A7-B1F6-DF29F70D7FBD] => (Allow) C:Program Files (x86)PPLivePPTV4.1.3.0030PPLiveU.exe No File

FirewallRules: [4195CDB1-217B-42A2-8FE0-A20AF1E3BE72] => (Allow) C:Program Files (x86)PPLivePPTV4.1.3.0030PPLiveU.exe No File

FirewallRules: [B7E7A16E-69B6-481D-B9BB-36A9CBD36C48] => (Allow) C:Program Files (x86)PPLivePPTVPPLive.exe No File

FirewallRules: [6EE03FDC-54AD-46C1-8E20-42C3B1E87430] => (Allow) C:Program Files (x86)PPLivePPTVPPLive.exe No File

FirewallRules: [E65D8A8A-29E3-4F3B-B073-3FF8F040CF4C] => (Allow) C:Program Files (x86)Internet ExplorerPPLiteplugin3.6.7.0045PluginInstaller.exe No File

FirewallRules: [DE079AAD-18F6-4149-B416-8C3093DB7C17] => (Allow) C:Program Files (x86)Internet ExplorerPPLiteplugin3.6.7.0045PluginInstaller.exe No File

FirewallRules: [7F35118E-A623-4A1F-ACF5-52C94E47771D] => (Allow) C:Program Files (x86)TencentWeChatWeChat.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [UDP Query User32736AAA-6457-496E-9EAE-ACE814AA5AD6E:dvresolve.exe] => (Block) E:dvresolve.exe No File

FirewallRules: [TCP Query User67DA6D44-C5AC-4644-8089-E3295032BABAE:dvresolve.exe] => (Block) E:dvresolve.exe No File

FirewallRules: [95007655-7BDF-4B3A-BF1B-7C521A228FD1] => (Allow) E:SteamLibrarysteamappscommonWarframeToolsRemoteCrashSender.exe No File

FirewallRules: [D61181E9-4691-428A-A785-97F74546B904] => (Allow) E:SteamLibrarysteamappscommonWarframeToolsLauncher.exe No File

FirewallRules: [5F9097D3-53ED-43C9-98D0-6ED9C1A8572C] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.x64.exe No File

FirewallRules: [F27DBFAE-FF0F-42A8-A50A-44C0C46E7449] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [2ABAF606-32AA-4BC2-8AD7-BA96116D087F] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.x64.exe No File

FirewallRules: [F170B9DD-77F5-4B5F-9C1C-CA4DDB006671] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [81FDB926-F8ED-4E82-9E52-0DB1363C6762] => (Allow) E:SteamLibrarysteamappscommonWarframeToolsRemoteCrashSender.exe No File

FirewallRules: [CD175FB7-0BA2-4A48-913D-50B64DF3927E] => (Allow) E:SteamLibrarysteamappscommonWarframeToolsLauncher.exe No File

FirewallRules: [1C4F112F-B9C5-4DD8-92A1-67095AAB3232] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.x64.exe No File

FirewallRules: [E8B76659-DC06-4F8D-8356-26C1B178B010] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [6BCAF374-F55A-45F7-B1DD-E6EE7035ED24] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.x64.exe No File

FirewallRules: [27129D1C-F4C5-4EF8-84F9-0619C038772C] => (Allow) E:SteamLibrarysteamappscommonWarframeWarframe.exe No File

FirewallRules: [UDP Query User9AEAC9D1-15B2-42B6-82C3-36E999F989B3E:steamlibrarysteamappscommonpaladinsbinarieswin64paladins.exe] => (Allow) E:steamlibrarysteamappscommonpaladinsbinarieswin64paladins.exe No File

FirewallRules: [TCP Query UserEFE1A890-132C-4A9D-8516-FF589A2E2531E:steamlibrarysteamappscommonpaladinsbinarieswin64paladins.exe] => (Allow) E:steamlibrarysteamappscommonpaladinsbinarieswin64paladins.exe No File

FirewallRules: [UDP Query UserDC2413ED-93A7-4134-BD72-E4A1E7805B74C:riot gamesleague of legendsradsprojectsleague_clientreleases.0.0.175deployleagueclient.exe] => (Allow) C:riot gamesleague of legendsradsprojectsleague_clientreleases.0.0.175deployleagueclient.exe No File

FirewallRules: [TCP Query User19C32D1C-C56D-47DD-8E05-791B27D14761C:riot gamesleague of legendsradsprojectsleague_clientreleases.0.0.175deployleagueclient.exe] => (Allow) C:riot gamesleague of legendsradsprojectsleague_clientreleases.0.0.175deployleagueclient.exe No File

FirewallRules: [3BD7CF3C-D12F-46A2-B3EC-6583A5114ACE] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [B6DDFA8E-99F6-4318-BA69-E7951D062E89] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [UDP Query User88C01B70-56F4-464F-9640-83D29E2019EBC:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Block) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe No File

FirewallRules: [TCP Query UserC3BEAF74-F98E-46F4-8EB9-33AC1BC671AFC:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Block) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe No File

FirewallRules: [UDP Query User1B4BD5CF-2460-40CA-B662-31656A2FB8CBE:mcruntimejre-x641.8.0_51binjavaw.exe] => (Allow) E:mcruntimejre-x641.8.0_51binjavaw.exe No File

FirewallRules: [TCP Query User722B2B5E-EA99-4341-A195-330216787BF3E:mcruntimejre-x641.8.0_51binjavaw.exe] => (Allow) E:mcruntimejre-x641.8.0_51binjavaw.exe No File

FirewallRules: [5D6873F4-2CEF-491B-A216-96E2193AF07D] => (Allow) E:SteamLibrarysteamappscommonMonster Hunter WorldMonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)

FirewallRules: [28FF706A-A570-4A8A-BBD3-7AEDB59CEE81] => (Allow) E:SteamLibrarysteamappscommonMonster Hunter WorldMonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)

FirewallRules: [07D5AE76-9523-4715-8AC1-188D85CA4D24] => (Allow) C:UsersClaudeAppDataRoamingIQIYI VideoLStyleQyUpdate.exe No File

FirewallRules: [6AF9CB89-AC4E-4016-88EF-48F6E9C35F24] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyFragment.exe No File

FirewallRules: [CB2C493E-2C3D-4DA9-94CF-C070B9B8289E] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyPlayer.exe No File

FirewallRules: [72A0737E-6CCA-4336-900A-59BED9B384CB] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyKernel.exe No File

FirewallRules: [1D314347-0709-42B9-9BC4-8D57644BC941] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyClient.exe No File

FirewallRules: [UDP Query User1DBF84F4-4394-49A4-917B-B3B23AABC705C:program files (x86)gigabyteappcentergbupdate.exe] => (Allow) C:program files (x86)gigabyteappcentergbupdate.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

FirewallRules: [TCP Query User6EE7BE5C-93B5-48A5-8BE7-B4D354922FEFC:program files (x86)gigabyteappcentergbupdate.exe] => (Allow) C:program files (x86)gigabyteappcentergbupdate.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

FirewallRules: [UDP Query User2E79CC43-FCD4-4C3C-AAF8-107CC43CCCCCC:program files (x86)call of duty black ops 4blackops4.exe] => (Allow) C:program files (x86)call of duty black ops 4blackops4.exe No File

FirewallRules: [TCP Query User4B3B8F4D-62CF-4229-9DDE-7EAA34837D3DC:program files (x86)call of duty black ops 4blackops4.exe] => (Allow) C:program files (x86)call of duty black ops 4blackops4.exe No File

FirewallRules: [CF5C1776-D1AD-40D6-A345-7FF491E94A4D] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [DEE8243B-BE8E-4443-98D3-11AC9E2B47A0] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [C35A368B-8509-42BA-B0F9-D4ABE678BF98] => (Allow) C:Program FilesAVAST SoftwareAvastAvEmUpdate.exe No File

FirewallRules: [337ED6F4-6A07-4C78-82FE-A5F775A7E83B] => (Allow) C:Program FilesAVAST SoftwareAvastAvEmUpdate.exe No File

FirewallRules: [EF39A5FB-653F-4D9F-949A-388961BBA042] => (Allow) C:UsersClaudeAppDataRoamingIQIYI VideoLStyleQyUpdate.exe No File

FirewallRules: [A3B76B12-7516-4FD1-AE1A-5DB66FB4D0E3] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyFragment.exe No File

FirewallRules: [54C26D22-F52B-446B-BEEF-D36DD739389C] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyPlayer.exe No File

FirewallRules: [51361A0C-A904-4058-B362-17EA00FDF6A3] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyKernel.exe No File

FirewallRules: [4FD4389B-B5B3-42E5-89A1-8DBC2940AC11] => (Allow) C:Program Files (x86)IQIYI VideoLStyle6.5.68.5801QyClient.exe No File

FirewallRules: [UDP Query UserF8FB6BCA-E869-414A-8895-8644318078A8C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe No File

FirewallRules: [TCP Query UserC007CA0B-7421-4579-B8A3-5460C88468A8C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe No File

FirewallRules: [A036EDBA-616E-4984-BD30-64A7B3E6BDCA] => (Allow) LPort=3935

FirewallRules: [TCP Query UserD33B488D-6180-4227-824B-86D03FB156BDC:program files (x86)overwatchoverwatch.exe] => (Allow) C:program files (x86)overwatchoverwatch.exe No File

FirewallRules: [UDP Query User43762ED9-C5E4-4412-A5A3-66C3B669CC9EC:program files (x86)overwatchoverwatch.exe] => (Allow) C:program files (x86)overwatchoverwatch.exe No File

FirewallRules: [TCP Query UserAEC20B1D-20DF-4647-9C50-2636C3DB48F6C:program files (x86)hi-rez studioshirezgamespaladinsbinarieswin32paladins.exe] => (Allow) C:program files (x86)hi-rez studioshirezgamespaladinsbinarieswin32paladins.exe No File

FirewallRules: [UDP Query User267CCFA8-1EAE-43D5-BE1D-B14C0314D466C:program files (x86)hi-rez studioshirezgamespaladinsbinarieswin32paladins.exe] => (Allow) C:program files (x86)hi-rez studioshirezgamespaladinsbinarieswin32paladins.exe No File

FirewallRules: [TCP Query User86295283-F32F-4502-9A5B-A76483E6F856C:program files (x86)blizzard appbattle.net.9397battle.net.exe] => (Allow) C:program files (x86)blizzard appbattle.net.9397battle.net.exe No File

FirewallRules: [UDP Query UserE66510AC-B57A-4DD5-9B23-A360F804D0A6C:program files (x86)blizzard appbattle.net.9397battle.net.exe] => (Allow) C:program files (x86)blizzard appbattle.net.9397battle.net.exe No File

FirewallRules: [61318C06-0DDD-490A-AE03-34E872FC2C54] => (Allow) C:Program Files (x86)BlueStacksHD-Player.exe No File

FirewallRules: [42094DA2-7273-441F-BB80-1CD27D68608D] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [82881D51-8BDF-4D3E-973B-69234AD66D88] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [E6D08339-9AC5-4DE7-A76D-6E561D83FB57] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File

FirewallRules: [89060AC0-2646-44BC-BDCC-DD93616B8C05] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File

FirewallRules: [094EF58A-DDD9-4533-B100-64A4B7010230] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe (Kristjan Skutta -> )

FirewallRules: [79CD3C79-8BD2-43BC-B4A1-F2DEBB7EBCA6] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe (Kristjan Skutta -> )

FirewallRules: [TCP Query User9485375F-C7EC-4645-92AC-569EB65DCA4CC:program files (x86)steamsteamappscommonpaladinsbinarieswin32paladins.exe] => (Allow) C:program files (x86)steamsteamappscommonpaladinsbinarieswin32paladins.exe No File

FirewallRules: [UDP Query User777A4A1B-9849-4D18-9E5E-AEAED408392FC:program files (x86)steamsteamappscommonpaladinsbinarieswin32paladins.exe] => (Allow) C:program files (x86)steamsteamappscommonpaladinsbinarieswin32paladins.exe No File

FirewallRules: [TCP Query UserE3B02377-C8D8-42A4-8443-9B0825F060E1C:program files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe No File

FirewallRules: [UDP Query User03824164-656E-4601-BA12-9C481A7DA3D7C:program files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin32epicgameslauncher.exe No File

FirewallRules: [TCP Query UserFF991CF5-C88A-46A8-90B5-30FF84D7583AC:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe No File

FirewallRules: [UDP Query User1FC337A9-03B3-4EA0-A77E-9F48D9F1B596C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe No File

FirewallRules: [TCP Query UserD01E8F02-31DE-4C5D-9900-153645012D2FC:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe] => (Allow) C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe No File

FirewallRules: [UDP Query User14B022E6-F747-4842-A93F-8DCFA54467DDC:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe] => (Allow) C:program filesepic gamesfortnitefortnitegamebinarieswin64fortniteclient-win64-shipping.exe No File

FirewallRules: [TCP Query UserA751C541-1BAA-4C18-92F9-867A47C38061C:usersewingappdataroamingspotifyspotify.exe] => (Allow) C:usersewingappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query UserB17F5D13-6776-4090-A173-C0E6761DF897C:usersewingappdataroamingspotifyspotify.exe] => (Allow) C:usersewingappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [45D0EE56-8D71-44AD-A3F4-2A7E44D36753] => (Allow) C:UsersClaudeAppDataRoamingTencentQQSTempSetupEx0QQSetupEx.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [29B98413-5946-4C26-B38F-16D83CD23970] => (Allow) E:qqBinQQ.exe No File

FirewallRules: [EC7A7F1B-F490-4E59-8F73-91F8774824D6] => (Allow) E:qqBinauclt.exe No File

FirewallRules: [0CD9E959-0C55-40E2-A028-AAD4A3998703] => (Allow) E:qqBintxupd.exe No File

FirewallRules: [8F28BA85-6342-4A74-9657-D3E47E2596EF] => (Allow) E:qqBinSetupExSetupEx.exe No File

FirewallRules: [51360DDD-FE25-4F06-BDBE-6C9AB0839A66] => (Allow) E:qqBinmaLauncher.exe No File

FirewallRules: [8C9B77DC-ECE5-4BC3-B74E-14D0BF0B26B8] => (Allow) E:qqBinmaUpdat.exe No File

FirewallRules: [60950D3A-2C3B-4E82-B8C2-733BC5F25DC5] => (Allow) C:program files (x86)common filestencentqqdownload135bugreport_xf.exe No File

FirewallRules: [7706976D-0E73-4239-9400-9B4011392C26] => (Allow) C:program files (x86)common filestencentqqdownload135tencentdl.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

FirewallRules: [4AD74D45-8F52-4493-BCCD-8E1465AE783C] => (Allow) C:Program Files (x86)TencentQQMusicQzoneMusicQzoneMusic.exe No File

FirewallRules: [3892E9E6-AA06-40A7-AB70-9A2EF5D179B3] => (Allow) C:Program Files (x86)TencentQQMusicQzoneMusicQzoneMusic.exe No File

FirewallRules: [AFF7013F-6324-42DA-9F4B-BC5B1A64076C] => (Allow) C:program files (x86)common filestencentqqminidl60qqminidl.exe No File

FirewallRules: [1B083725-CAD5-49B4-A669-B40B1D5A916D] => (Allow) C:program files (x86)common filestencentqqminidl60QQMiniDLUI.exe No File

FirewallRules: [6EF3FE52-D844-49B1-9DBB-086C3F9D6C89] => (Allow) C:program files (x86)common filestencentqqminidl60QQGameUpUI.exe No File

FirewallRules: [3A15FFD9-73D3-489C-B422-0227237526EE] => (Allow) C:UsersPublicDocumentsTencentQQGameMicroIEProc.exe No File

FirewallRules: [EA6E06EF-DCD0-4FE4-B6C9-764E905F2FBB] => (Allow) C:UsersPublicDocumentsTencentQQGameMicroQQGameMicro.exe (Tencent Technology(Shenzhen) Company Limited -> )

FirewallRules: [TCP Query UserF2EE3379-06C5-4CB8-AD08-296C348156C9C:usersewingappdataroamingspotifyspotify.exe] => (Block) C:usersewingappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User4CE34302-A8A1-4F4C-849B-CBA7926616A8C:usersewingappdataroamingspotifyspotify.exe] => (Block) C:usersewingappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [C0F680D6-D394-4AF2-AE22-E24503821424] => (Allow) E:SteamLibrarysteamappscommonPUBGTslGameBinariesWin64TslGame_BE.exe No File

FirewallRules: [0B12B3DA-ED92-40BD-AEA0-B3E149BFB305] => (Allow) E:SteamLibrarysteamappscommonPUBGTslGameBinariesWin64TslGame_BE.exe No File

FirewallRules: [TCP Query User792BC052-6BD0-4F5F-8B61-612DFCECB341E:steamlibrarysteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) E:steamlibrarysteamappscommonpubgtslgamebinarieswin64tslgame.exe No File

FirewallRules: [UDP Query User57CAD910-CC67-4BC8-8F92-067B87343EE6E:steamlibrarysteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) E:steamlibrarysteamappscommonpubgtslgamebinarieswin64tslgame.exe No File

FirewallRules: [TCP Query User50AC2AD2-1236-411C-B4E6-C06C65188F4FE:lolradsprojectsleague_clientreleases.0.0.129deployleagueclient.exe] => (Allow) E:lolradsprojectsleague_clientreleases.0.0.129deployleagueclient.exe No File

FirewallRules: [UDP Query User6C4DE046-282D-4875-9D5D-CEEB170C7C23E:lolradsprojectsleague_clientreleases.0.0.129deployleagueclient.exe] => (Allow) E:lolradsprojectsleague_clientreleases.0.0.129deployleagueclient.exe No File

FirewallRules: [TCP Query User4F78CEF0-A1AA-47D4-8D64-167168688090C:program files (x86)steamsteamappscommonpaladinsbinarieswin64paladins.exe] => (Allow) C:program files (x86)steamsteamappscommonpaladinsbinarieswin64paladins.exe No File

FirewallRules: [UDP Query UserD075440B-C1C3-4C86-BFE4-0DD407BBDF65C:program files (x86)steamsteamappscommonpaladinsbinarieswin64paladins.exe] => (Allow) C:program files (x86)steamsteamappscommonpaladinsbinarieswin64paladins.exe No File

FirewallRules: [TCP Query User797692DC-447C-411B-9C65-7883FB3856EAE:mcruntimejre-x641.8.0_25binjavaw.exe] => (Block) E:mcruntimejre-x641.8.0_25binjavaw.exe No File

FirewallRules: [UDP Query User22214812-916C-4BEF-8AA9-D3A1A8CA9BB6E:mcruntimejre-x641.8.0_25binjavaw.exe] => (Block) E:mcruntimejre-x641.8.0_25binjavaw.exe No File

FirewallRules: [TCP Query UserDE27D8B1-C22C-42B0-AE1B-2D4B1EDB4887E:qqbinsetupexqqsetupex.exe] => (Allow) E:qqbinsetupexqqsetupex.exe No File

FirewallRules: [UDP Query User8B4F0DDF-2821-49E6-AC5B-970709792B92E:qqbinsetupexqqsetupex.exe] => (Allow) E:qqbinsetupexqqsetupex.exe No File

FirewallRules: [TCP Query User1C91512F-EF3A-476F-9C69-0363A0FB9125E:fuscript.exe] => (Allow) E:fuscript.exe No File

FirewallRules: [UDP Query UserD49687DD-4538-4B5D-829E-B576C379A1F5E:fuscript.exe] => (Allow) E:fuscript.exe No File

FirewallRules: [TCP Query UserC7943384-860D-4CFD-96E8-A069C8D3831BE:dvfuscript.exe] => (Allow) E:dvfuscript.exe No File

FirewallRules: [UDP Query User837165EB-CD05-4770-AD8C-CF49D64EF688E:dvfuscript.exe] => (Allow) E:dvfuscript.exe No File

FirewallRules: [TCP Query UserCC8D17E0-982B-4302-A5CA-63C321A47CD6E:steamlibrarysteamappscommonrealm royalebinarieswin64realm.exe] => (Allow) E:steamlibrarysteamappscommonrealm royalebinarieswin64realm.exe No File

FirewallRules: [UDP Query UserC150E06B-7D7B-449C-87E6-6E5BDB0DDF87E:steamlibrarysteamappscommonrealm royalebinarieswin64realm.exe] => (Allow) E:steamlibrarysteamappscommonrealm royalebinarieswin64realm.exe No File

FirewallRules: [95D9197E-A0D8-425B-B3AE-B09572318AB1] => (Allow) E:SteamLibrarysteamappscommonNEKOPARA Vol. 1nekopara_vol1.exe () [File not signed]

FirewallRules: [8E2823DD-34DE-4909-8DC6-C1F969FEF1EE] => (Allow) E:SteamLibrarysteamappscommonNEKOPARA Vol. 1nekopara_vol1.exe () [File not signed]

FirewallRules: [DDE9CB62-7D46-4F38-984D-318CC0C8ED28] => (Allow) C:UsersClaudeAppDataLocalTempQMI2018090815254737c8QzoneMusicInstaller.exe No File

FirewallRules: [TCP Query UserC2400660-B322-4B01-B5CD-F370D8C2C831C:program files (x86)[email protected]] => (Allow) C:program files (x86)[email protected] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

FirewallRules: [UDP Query UserCE6F3BCA-5E10-4B00-B2C3-5529D709BF3FC:program files (x86)[email protected]] => (Allow) C:program files (x86)[email protected] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )

FirewallRules: [TCP Query UserFAFBC711-D59A-488A-AA44-333E71F7FF0CE:call of duty modern warfare betamodernwarfare.exe] => (Allow) E:call of duty modern warfare betamodernwarfare.exe No File

FirewallRules: [UDP Query UserC1B67735-A8E5-439A-8F92-71506E3D68EFE:call of duty modern warfare betamodernwarfare.exe] => (Allow) E:call of duty modern warfare betamodernwarfare.exe No File

FirewallRules: [2612823E-6D2C-4781-9A5E-44C0D5529403] => (Allow) E:SteamLibrarysteamappscommonFINAL FANTASY XIV Onlinebootffxivboot.exe No File

FirewallRules: [78FF939F-FAC2-411C-B365-DCFE982413F4] => (Allow) E:SteamLibrarysteamappscommonFINAL FANTASY XIV Onlinebootffxivboot.exe No File

FirewallRules: [02E96BE5-604B-4503-BF33-B92586FEB6AE] => (Allow) E:SteamLibrarysteamappscommonShadowCorridorShadowCorridor.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [254A7FBF-73C3-4DF6-B441-388263A7624F] => (Allow) E:SteamLibrarysteamappscommonShadowCorridorShadowCorridor.exe (Epic Games, Inc.) [File not signed]

FirewallRules: [17CDDAA1-EF5B-4C38-AA04-293E65A79BA4] => (Allow) E:SteamLibrarysteamappscommonSekirosekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)

FirewallRules: [D4ADB3D7-B902-4530-8110-89E978775635] => (Allow) E:SteamLibrarysteamappscommonSekirosekiro.exe (Activision Publishing Inc -> FromSoftware, Inc.)

FirewallRules: [91D11E20-0F82-4EA5-8636-903B7BBCCD42] => (Allow) S:SteamLibrarysteamappscommonProject WinterProjectWinter.exe () [File not signed]

FirewallRules: [EA9E638C-5182-4F65-BB8D-A61BE8B2DD98] => (Allow) S:SteamLibrarysteamappscommonProject WinterProjectWinter.exe () [File not signed]

FirewallRules: [TCP Query User627167AD-2E69-4549-A65E-C8DAFAB97AAFS:call of duty modern warfaremodernwarfare.exe] => (Allow) S:call of duty modern warfaremodernwarfare.exe No File

FirewallRules: [UDP Query User49CDB134-23CD-4BAF-A55B-12F1DABDC552S:call of duty modern warfaremodernwarfare.exe] => (Allow) S:call of duty modern warfaremodernwarfare.exe No File

FirewallRules: [TCP Query UserDBE30651-D3F8-44BA-99C0-458687DE3783S:program files (x86)origin gamesapexr5apex.exe] => (Allow) S:program files (x86)origin gamesapexr5apex.exe No File

FirewallRules: [UDP Query User684D4DE2-547F-4EE5-BF08-69F66B8413B0S:program files (x86)origin gamesapexr5apex.exe] => (Allow) S:program files (x86)origin gamesapexr5apex.exe No File

FirewallRules: [A45D254E-0C2A-4578-A022-FC2E00E7B1AE] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [9171B16B-8672-42D4-9224-D320D6C11837] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [9182CEE0-296D-41EF-AF41-12CCF07ADCD1] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [0C6E7C27-8CF5-43FE-8FB9-233BFF46B8E4] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [8BB8D3FE-BA22-4E29-9D64-659E14EA39FC] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [F2696B0E-CD4E-4919-8806-F0001FC0FBC5] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [62514B30-D785-4A2F-96FB-DE0E6AED88F4] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [BE2B2D46-7619-44B5-822C-AF4AC161CF67] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [81CA03EC-4A61-4EAA-9D45-3BDBB58203B4] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [9D4F57F9-ED09-48DA-BE19-B66DD2EAF9B6] => (Allow) S:SteamLibrarysteamappscommonYakuza 0mediaYakuza0.exe () [File not signed]

FirewallRules: [5DFCE44B-423C-4CE7-8B80-C92A76A742A6] => (Allow) S:SteamLibrarysteamappscommonYakuza 0mediaYakuza0.exe () [File not signed]

FirewallRules: [B23B48C0-9FF9-446D-9BAB-51946DB88034] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebindiagnostics32.exe (Kristjan Skutta -> )

FirewallRules: [A341D814-A9CF-4E98-8347-0322AA998075] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebindiagnostics32.exe (Kristjan Skutta -> )

FirewallRules: [9A767AF8-6E2D-4967-9652-DCD4ECE486D3] => (Allow) E:noxNoxbinNox.exe (Nox Limited -> Duodian Technology Co. Ltd.)

FirewallRules: [8A3FC963-4F75-46CC-9278-752FE56AF336] => (Allow) C:Program Files (x86)BignoxBigNoxVMRTNoxVMHandle.exe (Nox Limited -> BigNox Corporation)

FirewallRules: [D32E54C4-197F-45C1-A1CA-14D83A5EB7C1] => (Allow) S:SteamLibrarysteamappscommonSkyrimSkyrimLauncher.exe (Bethesda Softworks) [File not signed]

FirewallRules: [8F52DC63-8E15-40C9-82FC-4B6311FA6D7A] => (Allow) S:SteamLibrarysteamappscommonSkyrimSkyrimLauncher.exe (Bethesda Softworks) [File not signed]

FirewallRules: [B397A134-6367-4E18-A497-99C680230378] => (Allow) S:SteamLibrarysteamappscommonYakuza KiwamimediaYakuzaKiwami.exe No File

FirewallRules: [A9CBDD5A-4DE9-44B2-AED2-83A885A9EF65] => (Allow) S:SteamLibrarysteamappscommonYakuza KiwamimediaYakuzaKiwami.exe No File

FirewallRules: [A2C090D3-1F5C-4FCA-963F-764992D03395] => (Allow) S:SteamLibrarysteamappscommonYakuza Kiwami 2YakuzaKiwami2.exe No File

FirewallRules: [D6A1428B-492A-47B2-9E08-E572A9E0AB3B] => (Allow) S:SteamLibrarysteamappscommonYakuza Kiwami 2YakuzaKiwami2.exe No File

FirewallRules: [FB766D00-0C16-413F-BA28-4BDE49784F61] => (Allow) E:SteamLibrarysteamappscommonYakuza Kiwami 2YakuzaKiwami2.exe (SEGA) [File not signed]

FirewallRules: [A926DB49-126E-4C25-90A4-F260447D17C4] => (Allow) E:SteamLibrarysteamappscommonYakuza Kiwami 2YakuzaKiwami2.exe (SEGA) [File not signed]

FirewallRules: [116FA4B4-0546-4CB9-B046-B2F861E22DF7] => (Allow) E:SteamLibrarysteamappscommonYakuza KiwamimediaYakuzaKiwami.exe () [File not signed]

FirewallRules: [AC70DDC0-D6F3-4397-BEDA-ACD0E6DCFEEB] => (Allow) E:SteamLibrarysteamappscommonYakuza KiwamimediaYakuzaKiwami.exe () [File not signed]

FirewallRules: [B31F6DCB-AEA2-4CA4-9894-1956F362046E] => (Allow) S:SteamLibrarysteamappscommonTom Clancy's Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [1F3B506F-E4CB-42DA-B3AE-D84C237E525E] => (Allow) S:SteamLibrarysteamappscommonTom Clancy's Rainbow Six SiegeRainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [A06E3436-8CE2-4DEA-9B38-08DD9EF5AC06] => (Allow) S:SteamLibrarysteamappscommonTom Clancy's Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [E36D869F-089C-47BB-86C2-72E8F69A67FA] => (Allow) S:SteamLibrarysteamappscommonTom Clancy's Rainbow Six SiegeRainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)

FirewallRules: [16070C76-C19C-41D8-A673-9692D373D799] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [D6940EB2-F6F6-4853-B48B-E332E862F353] => (Allow) E:davinciResolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)

FirewallRules: [2BE9EF55-6FDA-4C24-A183-DDC42009A155] => (Allow) E:davincibmdpaneld.exe () [File not signed]

FirewallRules: [8BBCFB3A-DBC8-4A02-9010-F76BB3C84F26] => (Allow) E:davinciDaVinciPanelDaemon.exe () [File not signed]

FirewallRules: [CB0D7A85-73F2-4673-A600-CA870621B98B] => (Allow) E:davinciJLCooperPanelDaemon.exe () [File not signed]

FirewallRules: [6C7E5514-8CF2-44CC-A079-895A11905C39] => (Allow) E:davinciEuphonixPanelDaemon.exe () [File not signed]

FirewallRules: [8083FB3C-8755-473B-9608-77019320C932] => (Allow) E:davinciTangentPanelDaemon.exe () [File not signed]

FirewallRules: [2E50AFC1-9DC0-4061-827B-176627F59803] => (Allow) E:davinciElementsPanelDaemon.exe No File

FirewallRules: [F3E36AEE-C036-46FC-B52B-B55B5CDDC993] => (Allow) E:davinciOxygenPanelDaemon.exe No File

FirewallRules: [FE6DEF4A-038A-4740-8DA7-1A19F1138CBB] => (Allow) E:davinciDPDecoder.exe (Blackmagic Design Pty Ltd -> )

FirewallRules: [205B5137-0E2B-48BC-B5B0-0B2F0D67E2DA] => (Allow) C:ProgramDataBlackmagic DesignDaVinci ResolveSupportQtDecoderQTDecoder.exe No File

FirewallRules: [TCP Query User75117544-A3CE-451F-A79A-65D0FEB38B0BE:davincifuscript.exe] => (Block) E:davincifuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]

FirewallRules: [UDP Query UserD8684839-7A2B-4586-A539-12DFD272F254E:davincifuscript.exe] => (Block) E:davincifuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]

==================== Restore Points =========================

24-03-2020 10:11:38 Scheduled Checkpoint

25-03-2020 18:20:50 Removed DaVinci Resolve

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (03/31/2020 08:44:33 AM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (3824,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (03/30/2020 08:46:14 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (13768,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (03/30/2020 08:19:38 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (15808,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (03/30/2020 08:04:41 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (9800,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (03/30/2020 07:57:56 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)

Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:WindowsSystem32perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 27296 and the required size was 36352.

Error: (03/30/2020 07:36:18 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (12964,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (03/30/2020 07:03:03 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (14572,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (03/30/2020 06:46:28 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (13636,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

System errors:

=============

Error: (03/30/2020 10:34:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The DSAService service failed to start due to the following error:

The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.

Error: (03/29/2020 09:09:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UHT0G8L)

Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.

Error: (03/28/2020 08:08:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UHT0G8L)

Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.

Error: (03/27/2020 08:20:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UHT0G8L)

Description: The server AB8902B4-09CA-4BB6-B78D-A8F59079A8D5 did not register with DCOM within the required timeout.

Error: (03/27/2020 06:30:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/27/2020 11:24:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (03/27/2020 11:24:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (03/26/2020 04:01:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The DSAService service failed to start due to the following error:

The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.

Windows Defender:

===================================

Date: 2020-03-30 13:48:15.831

La description:

Windows Defender ウイルス対策 スキャンは完了する前に停止しました。

スキャン ID: 19D4DDCA-5CB2-4A42-8A2F-4B2CBD0C890F

スキャンの種類: マルウェア対策

スキャン パラメーター: クイック スキャン

ユーザー: NT AUTHORITYSYSTEM

Date: 2020-03-27 17:25:26.818

La description:

Windows Defender ウイルス対策 スキャンは完了する前に停止しました。

スキャン ID: 53E8D0FD-2964-4BA4-B68C-E860F7FEE932

スキャンの種類: マルウェア対策

スキャン パラメーター: クイック スキャン

ユーザー: NT AUTHORITYSYSTEM

Date: 2020-03-26 11:36:26.377

La description:

Windows Defender ウイルス対策 スキャンは完了する前に停止しました。

スキャン ID: 809D0C81-021C-4CCA-A219-127B8879424B

スキャンの種類: マルウェア対策

スキャン パラメーター: クイック スキャン

ユーザー: NT AUTHORITYSYSTEM

Date: 2020-03-11 15:44:29.479

La description:

Windows Defender ウイルス対策 スキャンは完了する前に停止しました。

スキャン ID: 21C93E5B-4373-47E3-B5C2-D9DD0AC522D8

スキャンの種類: マルウェア対策

スキャン パラメーター: クイック スキャン

ユーザー: NT AUTHORITYSYSTEM

Date: 2020-03-02 09:02:32.558

La description:

Windows Defender ウイルス対策 スキャンは完了する前に停止しました。

スキャン ID: 4B5E610E-4071-4260-8C7E-5E906C595B9D

スキャンの種類: マルウェア対策

スキャン パラメーター: クイック スキャン

ユーザー: NT AUTHORITYSYSTEM

CodeIntegrity:

===================================

Date: 2020-03-31 08:35:59.343

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2020-03-31 08:35:59.334

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2020-03-31 08:35:59.324

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2020-03-31 08:35:59.318

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2020-03-31 08:35:59.298

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2020-03-30 18:34:37.904

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2003.8-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-30 18:34:37.898

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2003.8-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-30 18:34:37.892

La description:

Code Integrity determined that a process (DeviceHarddiskVolume4ProgramDataMicrosoftWindows DefenderPlatform4.18.2003.8-0MsMpEng.exe) attempted to load DeviceHarddiskVolume4Program FilesBitdefender Antivirus Freebdamsi264426525567603994antimalware_provider64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F3 04/24/2017

Motherboard: Gigabyte Technology Co., Ltd. Z270X-DESIGNARE-CF

Processor: Intel® Core™ i7-7700K CPU @ 4.20GHz

Percentage of memory in use: 46%

Total physical RAM: 16332.68 MB

Available physical RAM: 8743.63 MB

Total Virtual: 18764.68 MB

Available Virtual: 8015.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.49 GB) (Free:28.01 GB) NTFS

Drive e: (New Volume) (Fixed) (Total:232.76 GB) (Free:85.12 GB) NTFS

Drive s: (New Volume) (Fixed) (Total:465.75 GB) (Free:254.8 GB) NTFS

\?Volume8d642e17-0597-468d-b7e3-6fe7bb1eaa7d (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS

\?Volume57c71d7f-b330-4344-ab0d-c6401d98bcc2 () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS

\?Volume517af25b-49ef-4de5-a28c-c8efbf868a74 () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================

Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================

Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.