Serveur minecraft

Fell for phone tech support scan – malware possible – Resoudre les problemes d’un serveur MineCraft

Le 20 mai 2020 - 71 minutes de lecture

Un ami est tombé pour une arnaque téléphonique hier et leur a permis d'accéder à distance à son ordinateur et leur a donné 500 $. Vous voulez vérifier que rien ne se cache en arrière-plan.

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020

Ran par phyli (administrateur) sur DESKTOP-GIRJ15B (HP 750-114) (12-05-2020 20:54:26)

Exécution à partir de C: Users phyli Downloads

Profils chargés: phyli

Plateforme: Windows 10 Home Version 1903 18362.778 (X64) Langue: anglais (États-Unis)

Navigateur par défaut: Chrome

Mode de démarrage: Normal

==================== Processus (liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Apple Inc. -> Apple Inc.) C: Program Files Bonjour mDNSResponder.exe

(CyberLink Corp. ->) C: Program Files CyberLink Shared files RichVideo64.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <18>

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler64.exe

(Hewlett-Packard Company -> Hewlett-Packard Company) C: Program Files (x86) Hewlett-Packard Shared hpqwmiex.exe

(HP Inc -> HP Inc.) C: Program Files HP HP Officejet série 5740 Bin HPNetworkCommunicatorCom.exe

(HP Inc -> HP Inc.) C: Program Files HP HP Officejet série 5740 Bin ScanToPCActivationApp.exe

(HP Inc. -> HP Inc.) C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe

(HP Inc. -> HP Inc.) C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe

(Intel CASE -> Intel Corporation) C: Program Files Intel Intel® Ready Mode Technology IRMTService.exe

(Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe

(Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe

(Intel Corporation -> Intel® Corporation) C: Program Files Fichiers communs Intel WirelessCommon RegSrvc.exe

(Intel Corporation -> Intel® Corporation) C: Program Files Intel WiFi bin EvtEng.exe

(Intel Corporation -> Intel® Corporation) C: Program Files Intel WiFi bin ZeroConfigService.exe

(Société intel) [File not signed] C: Program Files (x86) Intel Intel® Security Assist isa.exe

(Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa igfxCUIService.exe

(Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa igfxEM.exe

(Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa IntelCpHDCPSvc.exe

(Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa IntelCpHeciSvc.exe

(Solutions de connectivité sans fil Intel® -> Intel Corporation) C: Windows System32 ibtsiva.exe

(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe

(Microsoft Corporation -> Microsoft Corporation) C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe MicrosoftEdge.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe WinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 browser_broker.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeCP.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeSH.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 SecurityHealthHost.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVBg64.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkAudioService64.exe

(Symantec Corporation -> Symantec Corporation) C: Program Files Norton Security Engine 22.20.2.57 NortonSecurity.exe <2>

(Symantec Corporation -> Symantec Corporation) C: Program Files Norton Security Engine 22.20.2.57 nsWscSvc.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Desktop.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer tv_w32.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer tv_x64.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [8790264 2016-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM-x32 … Exécuter: [PowerDVD14Agent] => C: Program Files (x86) CyberLink PowerDVD14 PowerDVD14Agent.exe [795336 2015-10-01] (CyberLink Corp. -> CyberLink Corp.)

HKLM-x32 … Exécuter: [HostManager] => C: Program Files (x86) Common Files AOL 1474834258 ee AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)

HKU S-1-5-21-999762305-681959455-3457413626-1001 … Run: [CCleaner Monitoring] => C: Program Files CCleaner CCleaner64.exe [19645800 2019-03-03] (Piriform Software Ltd -> Piriform Software Ltd)

HKU S-1-5-21-999762305-681959455-3457413626-1001 … Run: [HP Officejet 5740 series (NET)] => C: Program Files HP HP Officejet série 5740 Bin ScanToPCActivationApp.exe [3769248 2019-03-19] (HP Inc -> HP Inc.)

HKU S-1-5-21-999762305-681959455-3457413626-1001 … MountPoints2: 31631547-282d-11ea-9d24-08d40c8c8d7b – "H: autorun.exe"

HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 81.0.4044.138 Installer chrmstp.exe [2020-05-08] (Google LLC -> Google LLC)

Démarrage: C: Users phyli AppData Roaming Microsoft Windows Start Menu Programs Startup AOL Desktop Launcher.lnk [2020-05-11]

ShortcutTarget: AOL Desktop Launcher.lnk -> C: Users phyli AppData Local AOLDesktop AolTrayApp.exe (AOL, Inc -> AOL Inc.)

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 0338B702-2581-4FA4-91AE-848E0471747D – System32 Tasks Hewlett-Packard HP Active Health HP Active Health Scan (HPSA) => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPActiveHealth ActiveHealth.exe [25128 2017-11-20] (HP Inc. ->)

Tâche: 0BC2EE53-122D-4F08-B931-2D8EBC0B87C0 – System32 Tasks Norton 360 Norton 360 Autofix => C: Program Files Norton Security Engine 22.20.2.57 SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)

Tâche: 19444715-C7A7-4B9E-ADC9-E9EAA4A336FB – System32 Tasks Microsoft Windows RemovalTools MRT_ERROR_HB => C: WINDOWS system32 MRT.exe [121542864 2020-03-11] (Microsoft Windows -> Microsoft Corporation) [File not signed]

Tâche: 1A92604C-9785-4B3F-BABF-B9344300A525 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_DeviceScan => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: 23805DAC-C2B3-4B17-8267-1B13BCF64F3F – System32 Tasks HPCustParticipation HP Officejet série 5740 => C: Program Files HP HP Officejet série 5740 Bin HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.)

Tâche: 26862040-7E37-4842-8060-616A847935D7 – Microsoft Windows UNP RunCampaignManager -> Aucun fichier <==== ATTENTION

Tâche: 2892222B-8961-44EA-A488-4EAF68E62FF6 ​​- System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Tâche: 30798301-D556-4A67-A303-E078BAEEA94D – System32 Tasks HPCeeScheduleForphyli => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe [96568 2015-06-16] (Société Hewlett-Packard -> Hewlett-Packard)

Tâche: 3BF5FEFF-B156-442E-83A7-88538B7E0701 – System32 Tasks CCleanerSkipUAC => C: Program Files CCleaner CCleaner.exe [14679256 2019-03-03] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche: 466881AC-5DFD-4836-B0D9-F7634D65DB29 – System32 Tasks Intel Intel Telemetry 2 => C: Program Files Intel Telemetry 2.0 lrio.exe [1698000 2015-06-05] (Logiciel Intel® -> Intel Corporation)

Tâche: 4A88543E-19C3-49EC-A150-14140125BD0D – System32 Tasks CCleaner Update => C: Program Files CCleaner CCUpdate.exe [619416 2019-03-03] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche: 5359FDCE-AFC2-4D1D-A5B9-56F1617BF591 – System32 Tasks DropboxUpdateTaskMachineCore => C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

Tâche: 5E7E7438-1246-4277-9A2F-C6411DB6349C – System32 Tasks Hewlett-Packard HP Support Assistant Product Configurator => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources ProductConfig .EXE [320856 2020-04-23] (HP Inc. -> HP Inc.)

Tâche: 69EFEB71-23BC-4B1C-BE4F-7B71587FEDAB – System32 Tasks Norton 360 Norton 360 Error Processor => C: Program Files Norton Security Engine 22.20.2.57 SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)

Tâche: 6CD0BF4F-6054-4830-9806-972847917DB9 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Assistant Quick Start => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Tâche: 72D22111-0F52-45AE-8C72-7B54E7179787 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)

Tâche: 7DBD3255-B12E-48C1-99D9-7E999C324195 – System32 Tasks Hewlett-Packard HP Support Assistant Critical Update Pending => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Tâche: 8613B10A-F593-4051-B6D3-C1174FAB8609 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_TH6254X0JD => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: 990D433C-DF44-4DE9-893D-0F707834FF54 – System32 Tasks Remediation AntimalwareMigrationTask => C: Program Files Common Files AV Norton 360 Upgrade.exe [2162704 2020-03-20] (Symantec Corporation -> Symantec Corporation)

Tâche: 9A8CA25D-1EE2-4A1C-BC11-133EB4DE03F3 – System32 Tasks IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C: Program Files (x86) Intel Corporation Intel WiDi Intel® Software Asset Manager bin IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel® Software Asset Manager -> Intel Corporation)

Tâche: AEF5F555-14EA-4D89-BA5E-16BC63091F73 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.)

Tâche: B3DBA422-AB32-4861-895F-EF36381A7F1D – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.)

Tâche: BFBE589E-4AF0-44AC-90B7-FA7DB538250A – System32 Tasks DropboxOEM => C: Program Files (x86) Dropbox DropboxOEM DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc ->)

Tâche: C0665B30-D9E6-421F-9B25-37FF210D048A – System32 Tasks IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C: Program Files (x86) Intel Corporation Intel WiDi Intel® Gestionnaire d'actifs logiciels bin IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel® Software Asset Manager -> Intel Corporation)

Tâche: C09D1165-9A84-48B3-88AA-EB9B83A7142E – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Report => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)

Tâche: C0EC152F-0F52-4482-9B82-0859E05A899B – Analyseur d'erreur System32 Tasks Norton 360 Norton 360 => C: Program Files Norton Security Engine 22.20.2.57 SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)

Tâche: CA553F06-3C9D-4899-9117-B49C1C5FFF46 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: CEE140FD-BB4B-4A75-BEDF-5B0DC2E129AC – System32 Tasks Norton WSC Integration => C: Program Files Norton Security Engine 22.20.2.57 WSCStub.exe [645008 2020-03-20] (Symantec Corporation -> Symantec Corporation)

Tâche: DA0C5F76-E8A2-4899-B9E2-1DEA8509D76A – System32 Tasks IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C: Program Files (x86) Intel Intel® Update Manager bin iumsvc .EXE

Tâche: E3CADEF5-B4B0-44FC-8B66-A0A6738B95FC – System32 Tasks DropboxUpdateTaskMachineUA => C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: WINDOWS Tasks CreateExplorerShellUnelevatedTask.job => C: WINDOWS explorer.exe

Tâche: C: WINDOWS Tasks DropboxUpdateTaskMachineCore.job => C: Program Files (x86) Dropbox Update DropboxUpdate.exe

Tâche: C: WINDOWS Tasks DropboxUpdateTaskMachineUA.job => C: Program Files (x86) Dropbox Update DropboxUpdate.exe

Tâche: C: WINDOWS Tasks HPCeeScheduleForphyli.job => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Tcpip .. Interfaces 686E1526-5487-4579-9D5C-7D997F0C562C: [NameServer] 10.255.0.0

Tcpip .. Interfaces 93fb8a86-3933-4476-8281-93ec070b093c: [DhcpNameServer] 192.168.1.1

Tcpip .. Interfaces aa2d2754-dc20-488c-91bb-6e946e6395e0: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKLM SOFTWARE Policies Microsoft Internet Explorer: restriction <==== ATTENTION

HKLM Software Microsoft Internet Explorer Main, Page de démarrage = hxxp: //hp15-comm.msn.com/? Pc = HRTE

HKLM Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp15-comm.msn.com/? Pc = HRTE

HKU .DEFAULT Software Microsoft Internet Explorer Main, page de démarrage = hxxp: //hp15-comm.msn.com/? Pc = HRTE

HKU .DEFAULT Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp15-comm.msn.com/? Pc = HRTE

HKU S-1-5-21-999762305-681959455-3457413626-1001 Software Microsoft Internet Explorer Main, page de démarrage = hxxp: //hp15-comm.msn.com/? Pc = HRTE

HKU S-1-5-21-999762305-681959455-3457413626-1001 Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp15-comm.msn.com/? Pc = HRTE

SearchScopes: HKLM -> 956A3832-1434-48B4-B7D0-393563D77BB0 URL = hxxp: //www.amazon.com/s/ref=azs_osd_iea? Ie = UTF-8 & tag = hp-us1-vsb-20 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms

SearchScopes: HKLM-x32 -> 956A3832-1434-48B4-B7D0-393563D77BB0 URL = hxxp: //www.amazon.com/s/ref=azs_osd_iea? Ie = UTF-8 & tag = hp-us1-vsb-20 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms

SearchScopes: HKU S-1-5-21-999762305-681959455-3457413626-1001 -> 956A3832-1434-48B4-B7D0-393563D77BB0 URL = hxxp: //www.amazon.com/s/ref=azs_osd_iea? ie = UTF-8 & tag = hp-us1-vsb-20 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms

BHO: Norton Password Manager -> 602ADB0E-4AFF-4217-8AA1-95DAC4DFA408 -> C: Program Files Norton Security Engine 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

BHO-x32: Norton Password Manager -> 602ADB0E-4AFF-4217-8AA1-95DAC4DFA408 -> C: Program Files Norton Security Engine32 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

BHO-x32: extension Evernote -> 92EF2EAD-A7CE-4424-B0DB-499CF856608E -> C: Program Files (x86) Evernote Evernote EvernoteIE.dll [2015-07-01] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)

Barre d'outils: HKLM – Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C: Program Files Norton Security Engine 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

Barre d'outils: HKLM-x32 – Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C: Program Files Norton Security Engine32 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

Bord:

======

DownloadDir: C: Users phyli Downloads

Extension de bord: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C: Program Files WindowsApps EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-05-11]

Extension Edge: (AdGuard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C: Program Files WindowsApps Adguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-09]

FireFox:

========

FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; version = 4.0.68 -> C: Program Files (x86) Intel Intel® Management Engine Components IPT npIntelWebAPIIPT.dll [2015-08-25] (Logiciel Intel® Identity Protection Technology -> Intel Corporation)

FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI Updater -> C: Program Files (x86) Intel Intel® Management Engine Components IPT npIntelWebAPIUpdater.dll [2015-08-25] (Logiciel Intel® Identity Protection Technology -> Intel Corporation)

FF Plugin-x32: @ viewpoint.com / VMP -> C: Program Files (x86) Viewpoint Viewpoint Experience Technology npViewpoint.dll [2004-02-20] () [File not signed]

Chrome:

=======

CHR DefaultProfile: Par défaut

Profil CHR: C: Users phyli AppData Local Google Chrome User Data Default [2020-05-12]

CHR DefaultSearchURL: Par défaut -> hxxps: //s.aolcdn.com/webmail-static/webmail/180517.1559/aol/en-us/images/favicon.ico

Extension CHR: (diapositives) – C: Users phyli AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2018-01-12]

Extension CHR: (Docs) – C: Users phyli AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2018-01-12]

Extension CHR: (Google Drive) – C: Users phyli AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2018-01-12]

Extension CHR: (YouTube) – C: Users phyli AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-12]

Extension CHR: (Adblock Plus – bloqueur de publicités gratuit) – C: Users phyli AppData Local Google Chrome User Data Default Extensions cfhdojbkjhnklbpkdaibdccddilifddb [2020-05-11]

Extension CHR: (Sheets) – C: Users phyli AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2018-01-12]

Extension CHR: (Google Docs hors ligne) – C: Users phyli AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-11]

Extension CHR: (Paiements Chrome Web Store) – C: Users phyli AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2020-04-15]

Extension CHR: (Mon AOL) – C: Users phyli AppData Local Google Chrome User Data Default Extensions pigepclndadjaebpijfcjeeefpjhcdca [2018-05-22]

Extension CHR: (Gmail) – C: Users phyli AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]

Extension CHR: (Chrome Media Router) – C: Users phyli AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-11]

==================== Services (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

S2 dbupdate; C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

R2 HPSupportSolutionsFrameworkService; C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)

R2 HPTouchpointAnalyticsService; C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)

R2 ibtsiva; C: WINDOWS System32 ibtsiva.exe [536864 2020-01-06] (Solutions de connectivité sans fil Intel® -> Intel Corporation)

S3 Intel® Capability Licensing Service TCP IP Interface; C: Program Files Intel iCLS Client SocketHeciServer.exe [881152 2015-05-22] (Service Intel® Trusted Connect -> Intel® Corporation)

R3 Intel® Security Assist; C: Program Files (x86) Intel Intel® Security Assist isa.exe [335872 2015-05-19] (Société intel) [File not signed]

S3 Intel® WiDi SAM; C: Program Files (x86) Intel Corporation Intel WiDi Intel® Software Asset Manager bin IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel® Software Asset Manager -> Intel Corporation)

R2 IRMTService; c: Program Files Intel Intel® Ready Mode Technology IRMTService.exe [181520 2015-07-13] (Intel CASE -> Intel Corporation)

S2 isaHelperSvc; C: Program Files (x86) Intel Intel® Security Assist isaHelperService.exe [7680 2015-05-19] () [File not signed]

R2 jhi_service; C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe [207648 2015-10-16] (Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation)

S3 MyWiFiDHCPDNS; C: Program Files Intel WiFi bin PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation ->)

R2 NortonSecurity; C: Program Files Norton Security Engine 22.20.2.57 NortonSecurity.exe [344760 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R2 nsWscSvc; C: Program Files Norton Security Engine 22.20.2.57 nsWscSvc.exe [1055960 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R2 RichVideo64; C: Program Files CyberLink Fichiers partagés RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. ->)

R2 RtkAudioService; C: Program Files Realtek Audio HDA RtkAudioService64.exe [316152 2016-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)

R2 TeamViewer; C: Program Files (x86) TeamViewer TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 WdNisSvc; C: Program Files Windows Defender NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C: Program Files Windows Defender MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

R2 ZeroConfigService; C: Program Files Intel WiFi bin ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

S4 WRSVC; Service "C: Program Files Webroot WRSA.exe" [X]

===================== Pilotes (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R1 BHDrvx64; C: Program Files Norton Security NortonData 22.20.2.57 Definitions BASHDefs 20200511.006 BHDrvx64.sys [1952136 2020-05-11] (Symantec Corporation -> Symantec Corporation)

S3 BthA2dp; C: WINDOWS System32 drivers BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]

R1 ccSet_NGC; C: WINDOWS System32 drivers NGCx64 1614020.039 ccSetx64.sys [192376 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R1 eeCtrl; C: Program Files (x86) Common Files Symantec Shared EENGINE eeCtrl64.sys [516784 2019-10-08] (Symantec Corporation -> Symantec Corporation)

U3 EraserUtilDrv11910; C: Program Files (x86) Common Files Symantec Shared EENGINE EraserUtilDrv11910.sys [154288 2020-05-12] (Symantec Corporation -> Symantec Corporation)

R3 ibtusb; C: WINDOWS System32 DriverStore FileRepository ibtusb.inf_amd64_b45bba99c1e61776 ibtusb.sys [301560 2019-12-02] (Solutions de connectivité sans fil Intel® -> Intel Corporation)

R1 IDSVia64; C: Program Files Norton Security NortonData 22.20.2.57 Definitions IPSDefs 20200512.061 IDSvia64.sys [1451016 2020-05-12] (Symantec Corporation -> Symantec Corporation)

R3 IntelReadyModeDriver; C: WINDOWS System32 drivers IntelReadyModeDriver.sys [33512 2015-07-13] (Intel CASE -> Intel Corporation)

R0 MBAMSwissArmy; C: WINDOWS System32 Drivers mbamswissarmy.sys [253880 2018-01-12] (Malwarebytes Corporation -> Malwarebytes)

R3 Netwtw04; C: WINDOWS system32 DRIVERS Netwtw04.sys [8720384 2019-08-27] (Solutions de connectivité sans fil Intel® -> Intel Corporation)

R3 rt640x64; C: WINDOWS System32 drivers rt640x64.sys [886528 2015-06-03] (Realtek Semiconductor Corp -> Realtek)

R3 RTSUER; C: WINDOWS system32 Drivers RtsUer.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)

R3 SRTSP; C: WINDOWS System32 drivers NGCx64 1614020.039 SRTSP64.SYS [889520 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R1 SRTSPX; C: WINDOWS System32 drivers NGCx64 1614020.039 SRTSPX64.SYS [50864 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R0 SymEFASI; C: WINDOWS System32 drivers NGCx64 1614020.039 SYMEFASI64.SYS [1964552 2020-03-20] (Symantec Corporation -> Symantec Corporation)

S0 SymELAM; C: WINDOWS System32 drivers NGCx64 1614020.039 SymELAM.sys [25024 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)

R3 SymEvent; C: WINDOWS system32 Drivers SYMEVENT64x86.SYS [99848 2020-05-12] (Symantec Corporation -> Symantec Corporation)

R3 SymEvnt; C: Program Files Norton Security NortonData 22.20.2.57 SymPlatform SymEvnt.sys [712368 2020-01-06] (Symantec Corporation -> Symantec Corporation)

R1 SymIRON; C: WINDOWS System32 drivers NGCx64 1614020.039 Ironx64.SYS [316656 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R1 SymNetS; C: WINDOWS System32 drivers NGCx64 1614020.039 symnets.sys [575280 2020-03-20] (Symantec Corporation -> Symantec Corporation)

R3 wanatw; C: WINDOWS System32 drivers wanatw64.sys [24064 2006-11-29] (Éditeur de compatibilité matérielle Microsoft Windows -> America Online, Inc.)

S3 WdBoot; C: WINDOWS system32 drivers WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C: WINDOWS system32 drivers WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C: WINDOWS System32 Drivers WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

R1 wpCtrlDrv_NGC; C: WINDOWS System32 drivers NGCx64 1614020.039 wpCtrlDrv.sys [1012120 2020-03-20] (Symantec Corporation -> Symantec Corporation)

S4 WRBoot; System32 drivers WRBoot.sys [X]

R4 WRkrn; System32 drivers WRkrn.sys [X]

==================== NetSvcs (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

==================== Un mois (créé) ===================

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)

2020-05-12 20:54 – 2020-05-12 20:55 – 000027915 _____ C: Users phyli Downloads FRST.txt

2020-05-12 20:54 – 2020-05-12 20:55 – 000000000 ____D C: FRST

2020-05-12 20:53 – 2020-05-12 20:53 – 002285568 _____ (Farbar) C: Users phyli Downloads FRST64.exe

2020-05-12 20:22 – 2020-05-12 20:22 – 000000000 ____D C: WINDOWS system32 Tasks Remediation

2020-05-12 18:10 – 2020-05-12 18:14 – 000000000 ____D C: WINDOWS system32 Tasks Norton 360

2020-05-12 18:08 – 2020-05-12 18:08 – 000099848 _____ (Symantec Corporation) C: WINDOWS system32 Drivers SYMEVENT64x86.SYS

2020-05-12 18:08 – 2020-05-12 18:08 – 000008616 _____ C: WINDOWS system32 Drivers SYMEVENT64x86.CAT

2020-05-12 18:08 – 2020-05-12 18:08 – 000003376 _____ C: WINDOWS system32 Tasks Norton WSC Integration

2020-05-12 18:08 – 2020-05-12 18:08 – 000002306 _____ C: Users Public Desktop Norton Security.lnk

2020-05-12 18:08 – 2020-05-12 18:08 – 000002306 _____ C: ProgramData Desktop Norton Security.lnk

2020-05-12 18:08 – 2020-05-12 18:08 – 000000000 ____D C: Program Files Fichiers communs Symantec Shared

2020-05-12 18:07 – 2020-05-12 18:08 – 000000000 ___RD C: ProgramData Microsoft Windows Menu Démarrer Programmes Norton Security

2020-05-12 18:07 – 2020-05-12 18:07 – 000000000 ____D C: WINDOWS system32 Drivers NGCx64

2020-05-12 18:07 – 2020-05-12 18:07 – 000000000 ____D C: Program Files Norton Security

2020-05-12 18:05 – 2020-05-12 18:05 – 000000000 ____D C: ProgramData NortonInstaller

2020-05-12 18:05 – 2020-05-12 18:05 – 000000000 ____D C: Program Files (x86) NortonInstaller

2020-05-12 18:04 – 2020-05-12 18:04 – 003666744 _____ (Symantec Corporation) C: Users phyli Downloads N360Downloader.exe

2020-05-12 18:04 – 2020-05-12 18:04 – 000001379 _____ C: Users phyli Desktop Norton Installation Files.lnk

2020-05-12 18:04 – 2020-05-12 18:04 – 000000000 ____D C: Users Public Downloads Norton

2020-05-11 19:43 – 2020-05-11 19:46 – 000000000 ____D C: Users phyli AppData Local TeamViewer

2020-05-11 18:23 – 2020-05-11 18:24 – 000000000 ____D C: NPE

2020-05-11 18:23 – 2020-05-11 18:22 – 000120122 _____ C: WINDOWS ntbtlog.txt

2020-05-11 18:21 – 2020-05-11 18:22 – 009615808 _____ (NortonLifeLock Inc.) C: Users phyli Downloads NPE (2) .exe

2020-05-11 18:17 – 2020-05-11 18:24 – 000000214 _____ C: WINDOWS Tasks CreateExplorerShellUnelevatedTask.job

2020-05-11 18:11 – 2020-05-12 18:10 – 000000000 ____D C: ProgramData Norton

2020-05-11 18:11 – 2020-05-11 19:55 – 000000000 ____D C: Users phyli AppData Local NPE

2020-05-11 18:11 – 2020-05-11 18:11 – 009615808 _____ (NortonLifeLock Inc.) C: Users phyli Downloads NPE.exe

2020-05-11 18:11 – 2020-05-11 18:11 – 009615808 _____ (NortonLifeLock Inc.) C: Users phyli Downloads NPE (1) .exe

2020-05-11 17:52 – 2020-05-12 18:30 – 000000000 ____D C: Program Files (x86) TeamViewer

2020-05-11 17:52 – 2020-05-11 17:52 – 000001119 _____ C: ProgramData Microsoft Windows Start Menu Programs TeamViewer.lnk

2020-05-11 17:52 – 2020-05-11 17:52 – 000001107 _____ C: Users Public Desktop TeamViewer.lnk

2020-05-11 17:52 – 2020-05-11 17:52 – 000001107 _____ C: ProgramData Desktop TeamViewer.lnk

2020-05-11 17:52 – 2020-05-11 17:52 – 000000000 ____D C: Users phyli AppData Roaming TeamViewer

2020-05-11 17:49 – 2020-05-11 17:49 – 026709944 _____ (TeamViewer Germany GmbH) C: Users phyli Downloads TeamViewer_Setup.exe

2020-05-11 15:32 – 2020-05-11 15:32 – 000000000 ____D C: Users phyli Documents 1-888-511-8605

2020-05-11 15:28 – 2020-05-11 15:28 – 000290304 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 subinacl.exe

2020-05-11 15:28 – 2020-05-11 15:28 – 000000000 ____D C: Program Files (x86) Adware Removal Tool by TSA

2020-05-11 15:25 – 2020-05-11 15:26 – 000000000 ____D C: Users phyli AppData Local PlaceholderTileLogoFolder

2020-05-11 15:22 – 2020-05-11 15:22 – 000007601 _____ C: Users phyli AppData Local Resmon.ResmonCfg

2020-04-15 17:35 – 2020-04-15 17:35 – 025444352 _____ (Microsoft Corporation) C: WINDOWS system32 Hydrogen.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 019850240 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 edgehtml.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 019812864 _____ (Microsoft Corporation) C: WINDOWS system32 HologramWorld.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 018027520 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mshtml.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 007017472 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mstscax.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 005910016 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Chakra.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 004129624 _____ (Microsoft Corporation) C: WINDOWS system32 mfcore.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 003512320 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msi.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 002951832 _____ (Microsoft Corporation) C: WINDOWS system32 mfmp4srcsnk.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 002494744 _____ (Microsoft Corporation) C: WINDOWS system32 msmpeg2vdec.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 002180408 _____ (Microsoft Corporation) C: WINDOWS system32 workfolderssvc.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 001870408 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfmp4srcsnk.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 001610240 _____ (Microsoft Corporation) C: WINDOWS system32 HologramCompositor.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 001310720 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msjet40.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 001264640 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mstsc.exe

2020-04-15 17:35 – 2020-04-15 17:35 – 001151816 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmpeg2srcsnk.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 001013000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmpeg2srcsnk.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000983040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmkvsrcsnk.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000686080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000525312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsecedit.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000456192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appwiz.cpl

2020-04-15 17:35 – 2020-04-15 17:35 – 000444416 _____ (Microsoft Corporation) C:WINDOWSsystem32MSFlacDecoder.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000420152 _____ (Microsoft Corporation) C:WINDOWSsystem32MSAudDecMFT.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000380416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MSFlacDecoder.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000353792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msrd3x40.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000341504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msexcl40.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000321536 _____ (Microsoft Corporation) C:WINDOWSsystem32wbadmin.exe

2020-04-15 17:35 – 2020-04-15 17:35 – 000241152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msltus40.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000187392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasrad.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000179200 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.XamlHost.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000178176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumsvc.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000135168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.XamlHost.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000117248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000105472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakrathunk.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000105472 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFolders.exe

2020-04-15 17:35 – 2020-04-15 17:35 – 000070144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tsgqec.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasacct.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000050688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumapi.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000040448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iaspolcy.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimsg.dll

2020-04-15 17:35 – 2020-04-15 17:35 – 000023552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ias.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 022636544 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 017790464 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 014818816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Xaml.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 009930552 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 008013824 _____ (Microsoft Corporation) C:WINDOWSsystem32mstscax.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 007849216 _____ (Microsoft Corporation) C:WINDOWSsystem32OneCoreUAPCommonProxyStub.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 007756800 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 007604584 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 006523048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 006168064 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 005040640 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 004611584 _____ (Microsoft Corporation) C:WINDOWSsystem32msi.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 004563200 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 004538880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wininet.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 003802624 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 003753472 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_nt.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 003742544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64OneCoreUAPCommonProxyStub.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 003729408 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 003708928 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 003587384 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 003547648 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 003109376 _____ (Microsoft Corporation) C:WINDOWSsystem32wuaueng.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 002986808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 002871608 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 002800640 _____ (Microsoft Corporation) C:WINDOWSsystem32WinSAT.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 002800128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 002767928 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 002717184 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 002453504 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallService.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 002131456 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcDesktopMonSvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 002126144 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 002114560 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.CloudStore.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 002086656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001999960 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001960448 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001945600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcomp.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001942528 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001918976 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001835008 _____ (Microsoft Corporation) C:WINDOWSsystem32enterprisecsps.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001783296 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Input.Inking.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001764336 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowsCodecs.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001762816 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001757096 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2020-04-15 17:34 – 2020-04-15 17:34 – 001729024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallService.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001726264 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001719808 _____ (Microsoft Corporation) C:WINDOWSsystem32Wpc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001697792 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001665216 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001664896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001656904 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001646048 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001612800 _____ (Microsoft Corporation) C:WINDOWSsystem32wpncore.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001603584 _____ (Microsoft Corporation) C:WINDOWSsystem32dosvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001587712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadtb.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001545216 _____ (Microsoft Corporation) C:WINDOWSsystem32mstsc.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 001512832 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 001497600 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBroker.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001484384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WindowsCodecs.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001480192 _____ (Microsoft Corporation) C:WINDOWSsystem32usocoreworker.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 001477112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dcomp.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001458688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GdiPlus.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001427456 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Networking.Vpn.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001413840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gdi32full.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001413704 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001397576 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 001378528 _____ (Microsoft Corporation) C:WINDOWSsystem32webservices.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001368576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Wpc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001368576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Input.Inking.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001318912 _____ (Microsoft Corporation) C:WINDOWSsystem32wpnapps.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001300280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 001263856 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcMon.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 001261808 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001257472 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcss.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001245184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBroker.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001243648 _____ (Microsoft Corporation) C:WINDOWSsystem32TSWorkspace.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001180672 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.Web.Core.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001153024 _____ (Microsoft Corporation) C:WINDOWSsystem32windowsperformancerecordercontrol.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001136128 _____ (Microsoft Corporation) C:WINDOWSsystem32MbaeApiPublic.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001127424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcRefreshTask.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001083904 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001081856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Networking.Vpn.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001077064 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 001071616 _____ (Microsoft Corporation) C:WINDOWSsystem32BTAGService.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001055376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msctf.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001011200 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001009152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wpnapps.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 001008128 _____ (Microsoft Corporation) C:WINDOWSsystem32StorSvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000993280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TSWorkspace.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000982840 _____ (Microsoft Corporation) C:WINDOWSsystem32winhttp.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000980832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webservices.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000974336 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000924672 _____ (Microsoft Corporation) C:WINDOWSsystem32samsrv.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000923136 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Management.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000915192 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000912896 _____ (Microsoft Corporation) C:WINDOWSsystem32rasmans.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000893952 _____ (Microsoft Corporation) C:WINDOWSsystem32FlightSettings.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000892416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MbaeApiPublic.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000879616 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Service.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000874296 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000868864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windowsperformancerecordercontrol.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000865280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Security.Authentication.Web.Core.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000865280 _____ (Microsoft Corporation) C:WINDOWSsystem32netlogon.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000840704 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Language.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000836608 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000835584 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkfoldersControl.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000822208 _____ (Microsoft Corporation) C:WINDOWSsystem32fontdrvhost.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000811320 _____ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000785920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000783480 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000775696 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000772096 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrv2.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000768528 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winhttp.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000759272 _____ (Microsoft Corporation) C:WINDOWSsystem32taskschd.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000747320 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000735744 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEndpointBuilder.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000729600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64FlightSettings.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000722072 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BTAGService.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000684560 _____ (Microsoft Corporation) C:WINDOWSsystem32SHCore.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000673704 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppXDeploymentClient.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000673464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontdrvhost.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000668672 _____ (Microsoft Corporation) C:WINDOWSsystem32wsecedit.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000665088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netlogon.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000654912 _____ (Microsoft Corporation) C:WINDOWSsystem32advapi32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000647680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Internal.Management.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000638480 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000637240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorport.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000632832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WpcWebFilter.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000629760 _____ (Microsoft Corporation) C:WINDOWSsystem32ipnathlp.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000628616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000618296 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000605184 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000604984 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000595968 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000589384 _____ (Microsoft Corporation) C:WINDOWSsystem32audiodg.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000561464 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000555008 _____ (Microsoft Corporation) C:WINDOWSsystem32appwiz.cpl

2020-04-15 17:34 – 2020-04-15 17:34 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000538160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SHCore.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000532480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000530432 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000529408 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000524264 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Enumeration.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000516096 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotificationUx.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000515600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000513576 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000510792 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64win.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000507152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64taskschd.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000498688 _____ (Microsoft Corporation) C:WINDOWSsystem32ntshrui.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000497152 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhext.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000491008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcext.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000487784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64advapi32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS

2020-04-15 17:34 – 2020-04-15 17:34 – 000469504 _____ (Microsoft Corporation) C:WINDOWSsystem32cloudAP.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000465208 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000459688 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotifyIcon.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000456504 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000452096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpclip.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000441144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000437560 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000416016 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000415760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000410112 _____ (Microsoft Corporation) C:WINDOWSsystem32rascustom.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000408064 _____ (Microsoft Corporation) C:WINDOWSsystem32domgmt.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000406480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Enumeration.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32es.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000381440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntshrui.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000374784 _____ (Microsoft Corporation) C:WINDOWSsystem32ncbservice.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000355840 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicSvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000355328 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcApi.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000343552 _____ (Microsoft Corporation) C:WINDOWSsystem32wpr.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000339304 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Storage.ApplicationData.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64es.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000330240 _____ (Microsoft Corporation) C:WINDOWSsystem32omadmclient.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000324408 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000323584 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcommdlg.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000297272 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssdbus.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000285184 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicCapsule.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000278016 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcTok.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000277864 _____ (Microsoft Corporation) C:WINDOWSsystem32LsaIso.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000277504 _____ (Microsoft Corporation) C:WINDOWSsystem32scecli.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000268288 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3svc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000268008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Storage.ApplicationData.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000259776 _____ (Microsoft Corporation) C:WINDOWSsystem32logoncli.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000259072 _____ (Microsoft Corporation) C:WINDOWSsystem32VPNv2CSP.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000256000 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateDeploymentProvider.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000251704 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinesam.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000251392 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000241152 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanagerprecheck.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000234496 _____ (Microsoft Corporation) C:WINDOWSsystem32iasrad.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000231936 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallServiceTasks.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000231912 _____ (Microsoft Corporation) C:WINDOWSsystem32deviceaccess.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000225792 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFoldersShell.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32srumsvc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000214016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scecli.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000211256 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000203264 _____ (Microsoft Corporation) C:WINDOWSsystem32LanguageComponentsInstaller.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000200192 _____ (Microsoft Corporation) C:WINDOWSsystem32updatepolicy.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32Win32CompatibilityAppraiserCSP.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000193848 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdumpsd.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000190048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000185952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64deviceaccess.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000179712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallServiceTasks.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000179712 _____ (Microsoft Corporation) C:WINDOWSsystem32t2embed.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000178192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspartmgr.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000164368 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000163840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64updatepolicy.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000158720 _____ (Microsoft Corporation) C:WINDOWSsystem32umpo.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000155136 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000152408 _____ (Microsoft Corporation) C:WINDOWSsystem32KerbClientShared.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000151352 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversscmbus.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000147696 _____ (Microsoft Corporation) C:WINDOWSsystem32smss.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000142544 _____ (Microsoft Corporation) C:WINDOWSsystem32LicensingUI.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000140800 _____ (Microsoft Corporation) C:WINDOWSsystem32slc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000139776 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakrathunk.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000138752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64t2embed.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000136192 _____ (Microsoft Corporation) C:WINDOWSsystem32sppc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000130560 _____ (Microsoft Corporation) C:WINDOWSsystem32StorageUsage.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000129024 _____ (Microsoft Corporation) C:WINDOWSsystem32UtcDecoderHost.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000127280 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000125952 _____ (Microsoft Corporation) C:WINDOWSsystem32fontsub.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000123952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KerbClientShared.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000122368 _____ (Microsoft Corporation) C:WINDOWSsystem32samlib.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000118272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000115120 _____ (Microsoft Corporation) C:WINDOWSsystem32phoneactivate.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000108032 _____ (Microsoft Corporation) C:WINDOWSsystem32wwanprotdim.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000103936 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3msm.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000102216 _____ (Microsoft Corporation) C:WINDOWSsystem32changepk.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000101888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppc.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000099328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontsub.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000096768 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000093712 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000092160 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3api.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000090624 _____ (Microsoft Corporation) C:WINDOWSsystem32tsgqec.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000089912 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000089336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000089088 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicAgent.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000088352 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000087552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3api.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000087040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3msm.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32iasacct.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000084280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000076288 _____ (Microsoft Corporation) C:WINDOWSsystem32autopilot.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000071680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000071480 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32keepaliveprovider.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000066624 _____ (Microsoft Corporation) C:WINDOWSsystem32iumcrypt.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32pcadm.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32tbauth.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000063488 _____ (Microsoft Corporation) C:WINDOWSsystem32srumapi.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000060928 _____ (Microsoft Corporation) C:WINDOWSsystem32mf3216.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32CloudNotifications.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000059192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorufs.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000058880 _____ C:WINDOWSsystem32runexehelper.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32wups2.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000057344 _____ (Microsoft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000051200 _____ (Microsoft Corporation) C:WINDOWSsystem32pcalua.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000050544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CloudNotifications.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000050176 _____ (Microsoft Corporation) C:WINDOWSsystem32iaspolcy.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000049152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbauth.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000047000 _____ (Microsoft Corporation) C:WINDOWSsystem32wuauclt.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000046080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mf3216.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32cmintegrator.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.Resources.Common.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32WiredNetworkCSP.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32UpgradeResultsUI.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000039424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcProxyStubs.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBrokerCookies.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000036152 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000033792 _____ (Microsoft Corporation) C:WINDOWSsystem32sxssrv.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000033080 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershwpolicy.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32wksprtPS.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32ias.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000030720 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversKNetPwrDepBroker.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cmintegrator.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000029184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBrokerCookies.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000028672 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicPS.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000028160 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversflpydisk.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32msimsg.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.ps.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32slcext.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32sbservicetrigger.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000021520 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000019968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slcext.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000018944 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssfloppy.sys

2020-04-15 17:34 – 2020-04-15 17:34 – 000017920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wksprtPS.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000017920 _____ (Microsoft Corporation) C:WINDOWSsystem32icsunattend.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000015872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.ps.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32dciman32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000012800 _____ (Microsoft Corporation) C:WINDOWSsystem32pcaevts.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000012288 _____ (Microsoft Corporation) C:WINDOWSsystem32pacjsworker.exe

2020-04-15 17:34 – 2020-04-15 17:34 – 000011776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dciman32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000010752 _____ (Microsoft Corporation) C:WINDOWSsystem32DMAlertListener.ProxyStub.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000008192 _____ (Microsoft Corporation) C:WINDOWSsystem32msimg32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DMAlertListener.ProxyStub.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000007168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimg32.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000003072 _____ (Microsoft Corporation) C:WINDOWSsystem32lpk.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64lpk.dll

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth9.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth12.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth11.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth10.bin

2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin

2020-04-15 17:21 – 2020-04-15 17:22 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe

2020-04-15 17:21 – 2020-04-15 17:22 – 000390656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe

2020-04-15 15:45 – 2020-05-12 18:06 – 000000000 ____D C:ProgramDataWRCore

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-12 20:22 – 2016-02-17 04:13 – 000000000 ____D C:Program FilesCommon FilesAV

2020-05-12 20:16 – 2019-03-19 00:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2020-05-12 20:05 – 2018-07-16 18:15 – 000000000 ____D C:UsersphyliAppDataLocalD3DSCache

2020-05-12 18:40 – 2019-08-15 19:04 – 000003256 _____ C:WINDOWSsystem32TasksHPCeeScheduleForphyli

2020-05-12 18:40 – 2019-06-17 18:01 – 000000364 _____ C:WINDOWSTasksHPCeeScheduleForphyli.job

2020-05-12 18:09 – 2019-03-19 00:37 – 000032768 _____ C:WINDOWSsystem32configELAM

2020-05-12 18:08 – 2019-03-19 00:52 – 000000000 ___HD C:WINDOWSELAMBKUP

2020-05-12 18:07 – 2017-01-27 14:00 – 000744808 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe

2020-05-12 18:06 – 2018-01-12 13:24 – 000000000 ____D C:UsersphyliAppDataLocalLowwebroot

2020-05-12 18:06 – 2018-01-12 13:24 – 000000000 ____D C:UsersphyliAppDataLocallptmp

2020-05-12 18:01 – 2016-09-25 15:43 – 000000000 __SHD C:UsersphyliIntelGraphicsProfiles

2020-05-12 10:12 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSAppReadiness

2020-05-12 10:10 – 2019-03-19 00:52 – 000000000 ___HD C:Program FilesWindowsApps

2020-05-11 19:48 – 2019-08-15 18:57 – 000935056 _____ C:WINDOWSsystem32PerfStringBackup.INI

2020-05-11 19:48 – 2019-03-19 00:50 – 000000000 ____D C:WINDOWSINF

2020-05-11 19:42 – 2019-08-15 19:04 – 000000006 ____H C:WINDOWSTasksSA.DAT

2020-05-11 19:42 – 2019-03-19 00:37 – 000524288 _____ C:WINDOWSsystem32configBBI

2020-05-11 19:22 – 2019-08-15 18:45 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2020-05-11 18:17 – 2019-08-15 18:45 – 000276104 _____ C:WINDOWSsystem32FNTCACHE.DAT

2020-05-11 18:12 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32NDF

2020-05-11 15:26 – 2018-03-16 00:06 – 000000000 ____D C:UsersphyliAppDataLocalPackages

2020-05-11 14:53 – 2018-01-12 12:48 – 000000000 ____D C:UsersphyliAppDataLocalGoToAssist Remote Support Customer

2020-05-11 12:06 – 2017-08-28 10:13 – 000002326 _____ C:UsersphyliDesktopAOL Desktop Gold.lnk

2020-05-11 12:06 – 2017-08-28 10:13 – 000000000 ____D C:UsersphyliAppDataRoamingMicrosoftWindowsStart MenuProgramsAOL Inc

2020-05-11 12:06 – 2017-08-28 10:13 – 000000000 ____D C:UsersphyliAppDataLocalAOLDesktop

2020-05-11 12:05 – 2017-08-28 10:13 – 000000000 ____D C:UsersphyliAppDataLocalSquirrelTemp

2020-05-10 04:33 – 2019-08-15 19:04 – 000003376 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-999762305-681959455-3457413626-1001

2020-05-10 04:33 – 2019-08-15 18:51 – 000002370 _____ C:UsersphyliAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2020-05-10 04:33 – 2016-09-25 15:46 – 000000000 ___RD C:UsersphyliOneDrive

2020-05-08 04:30 – 2018-01-12 13:28 – 000002308 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2020-05-08 04:30 – 2018-01-12 13:28 – 000002267 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2020-05-08 04:30 – 2018-01-12 13:28 – 000002267 _____ C:ProgramDataDesktopGoogle Chrome.lnk

2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSSystemResources

2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation

2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32migwiz

2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSShellExperiences

2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSProvisioning

2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSbcastdvr

2020-04-15 17:38 – 2019-03-19 00:37 – 000000000 ____D C:WINDOWSCbsTemp

==================== Files in the root of some directories ========

2018-01-12 13:24 – 2018-01-12 13:24 – 018102328 _____ (Webroot Software, Inc.) C:Program Files (x86)Common Fileswruninstall.exe

2020-05-11 15:22 – 2020-05-11 15:22 – 000007601 _____ () C:UsersphyliAppDataLocalResmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================'

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2020

Ran by phyli (12-05-2020 20:56:18)

Running from C:UsersphyliDownloads

Windows 10 Home Version 1903 18362.778 (X64) (2019-08-15 23:04:54)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-999762305-681959455-3457413626-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-999762305-681959455-3457413626-503 – Limited – Disabled)

defaultuser100001 (S-1-5-21-999762305-681959455-3457413626-1003 – Limited – Enabled)

Guest (S-1-5-21-999762305-681959455-3457413626-501 – Limited – Disabled)

phyli (S-1-5-21-999762305-681959455-3457413626-1001 – Administrator – Enabled) => C:Usersphyli

WDAGUtilityAccount (S-1-5-21-999762305-681959455-3457413626-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled – Up to date) 1122B19A-E671-38EC-8EAC-87048FD4528D

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AV: Webroot SecureAnywhere (Enabled – Up to date) DF901FA1-F926-253B-C464-B01C79DCAD48

AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AS: Webroot SecureAnywhere (Enabled – Up to date) 64F1FE45-DF1C-2AB5-FED4-8B6E025BE7F5

FW: Norton 360 (Enabled) 291930BF-AC1E-39B4-A5F3-2E31710715F6

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AOL Desktop Gold (HKUS-1-5-21-999762305-681959455-3457413626-1001…AOLDesktop) (Version: 11.0.2664 – Oath Inc.)

AOL Uninstaller (Choose which Products to Remove) (HKLM-x32…AOL Uninstaller) (Version:  – AOL Inc.)

Bonjour (HKLM…6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D) (Version: 3.0.0.10 – Apple Inc.)

CCleaner (HKLM…CCleaner) (Version: 5.38 – Piriform)

CyberLink PhotoDirector (HKLM…5A454EC5-217A-42a5-8CE1-2DDEC4E70E01) (Version: 5.0.6.7006 – CyberLink Corp.) Hidden

CyberLink PhotoDirector (HKLM-x32…InstallShield_5A454EC5-217A-42a5-8CE1-2DDEC4E70E01) (Version: 5.0.6.7006 – CyberLink Corp.)

CyberLink Power Media Player 14 (HKLM-x32…32C8E300-BDB4-4398-92C2-E9B7D8A233DB) (Version: 14.0.2.5801 – CyberLink Corp.)

CyberLink PowerDirector 12 (HKLM…E1646825-D391-42A0-93AA-27FA810DA093) (Version: 12.0.5.4614 – CyberLink Corp.) Hidden

CyberLink PowerDirector 12 (HKLM-x32…InstallShield_E1646825-D391-42A0-93AA-27FA810DA093) (Version: 12.0.5.4614 – CyberLink Corp.)

Dropbox 25 GB (HKLM-x32…867A88D-764F-366E-9E21-130DA8B472C3) (Version: 3.1.18.0 – Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32…99218A5-A723-43DC-8DB5-6173656A1E94) (Version: 1.3.295.1 – Dropbox, Inc.) Hidden

Evernote v. 5.8.13 (HKLM-x32…A229420E-204B-11E5-B844-0050569584E9) (Version: 5.8.13.8152 – Evernote Corp.)

Google Chrome (HKLM-x32…Google Chrome) (Version: 81.0.4044.138 – Google LLC)

Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden

HP Documentation (HKLM…HP_Documentation) (Version: 1.0.0.1 – HP)

HP Dropbox Plugin (HKLM-x32…C54DEA1F-7A8D-410B-A675-04E0FB562CB0) (Version: 40.13.54.81239 – HP)

HP Google Drive Plugin (HKLM-x32…533B4739-13DD-4AAB-9524-070B3F0CE6ED) (Version: 40.13.54.81239 – HP)

HP Officejet 5740 series Basic Device Software (HKLM…8C417009-7889-42BC-8164-C74FFF358CE6) (Version: 40.13.1176.1978 – HP Inc.)

HP Officejet 5740 series Help (HKLM-x32…F17D53C7-DCE8-469C-9690-CF8F5903519C) (Version: 34.0.0 – Hewlett Packard)

HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.9572 – HP)

HP Registration Service (HKLM…D1E8F2D7-7794-4245-B286-87ED86C1893C) (Version: 1.2.8318.5320 – Hewlett-Packard)

HP Support Assistant (HKLM-x32…79C54A05-F146-4EA0-8A70-D4EFE6181E52) (Version: 8.8.24.33 – Hewlett-Packard Company)

HP Support Information (HKLM-x32…76272057-98E0-4DC4-AAC3-10C546C47195) (Version: 14.00.0000 – Hewlett-Packard)

HP Support Solutions Framework (HKLM-x32…55065080-504F-43BB-BE00-36B80D7D39A5) (Version: 12.15.14.3 – Hewlett-Packard Company)

HP Touchpoint Analytics Client (HKLM…E5FB98E0-0784-44F0-8CEC-95CD4690C43F) (Version: 4.0.2.1439 – HP Inc.)

HP Welcome (HKLM…HPWelcome) (Version: 1.0 – HP Inc.)

I.R.I.S. OCR (HKLM-x32…11ED31EC-7EFA-4D56-B71D-E0214C8984CC) (Version: 12.3.7.0 – HP)

Intel® Chipset Device Software (HKLM-x32…a2d9fda8-65eb-4c06-81ef-31e0a4daa335) (Version: 10.1.1.11 – Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM…1CEAC85D-2590-4760-800F-8DE5E91F3700) (Version: 11.0.0.1173 – Intel Corporation)

Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 25.20.100.6446 – Intel Corporation)

Intel® Ready Mode Technology (HKLM…9F82AA39-BB14-4BD3-98EF-D4E9E3526B7D) (Version: 1.1.70.514 – Intel Corporation)

Intel® WiDi (HKLM…5DD8D7E4-87F1-4134-AD28-4228FB1A03BA) (Version: 6.0.44.0 – Intel Corporation)

Intel® WiDi Software Asset Manager (HKLM-x32…86905E62-645F-482E-A417-82C812ABD787) (Version: 1.1.383 – Intel Corporation) Hidden

Intel® Wireless Bluetooth® (HKLM-x32…4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265) (Version: 18.1.1546.2762 – Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32…f8c930bd-0a68-425f-8c11-87723d1e2c97) (Version: 20.90.0 – Intel Corporation)

Intel® Security Assist (HKLM-x32…4B230374-6475-4A73-BA6E-41015E9C5013) (Version: 1.0.0.532 – Intel Corporation)

Microsoft Office (HKLM-x32…90150000-0138-0409-0000-0000000FF1CE) (Version: 15.0.4693.1005 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-999762305-681959455-3457413626-1001…OneDriveSetup.exe) (Version: 20.052.0311.0011 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.21005 (HKLM-x32…7f51bdb9-ee21-49ee-94d6-90afc321780e) (Version: 12.0.21005.1 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.21005 (HKLM-x32…ce085a78-074e-4823-8dc1-8a721b94b76d) (Version: 12.0.21005.1 – Microsoft Corporation)

Minecraft (HKLM-x32…1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872) (Version: 1.0.3.0 – Mojang)

Norton 360 (HKLM-x32…NGC) (Version: 22.20.2.57 – Symantec Corporation)

Product Improvement Study for HP Officejet 5740 series (HKLM…D4B37902-C484-4AAC-B3B8-70C203C4FAB3) (Version: 40.13.1176.1978 – HP Inc.)

Realtek Card Reader (HKLM-x32…5BC2B5AB-80DE-4E83-B8CF-426902051D0A) (Version: 10.0.10125.31214 – Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32…8833FFB6-5B0C-4764-81AA-06DFEED9A476) (Version: 10.1.505.2015 – Realtek)

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.7673 – Realtek Semiconductor Corp.)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.5.3 – TeamViewer)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…16AD6161-2E47-4BF1-AA77-0946EFE93E08) (Version: 2.61.0.0 – Microsoft Corporation)

UpdateAssistant (HKLM…E1D7CB46-BAE9-4D58-99C4-582332B1755A) (Version: 1.13.0.0 – Microsoft Corporation) Hidden

Viewpoint Media Player (HKLM-x32…ViewpointMediaPlayer) (Version:  – )

Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1) (Version: 1.0.54.1 – LunarG, Inc.) Hidden

Windows 10 Update Assistant (HKLM-x32…D5C69738-B486-402E-85AC-2456D98A64E4) (Version: 1.4.9200.22395 – Microsoft Corporation)

Windows Setup Remediations (x64) (KB4023057) (HKLM…5534e02f-0f5d-40dd-ba92-bea38d22384d.sdb) (Version:  – )

Packages:

=========

Adblock Plus -> C:Program FilesWindowsAppsEyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-05-11] (eyeo GmbH)

AdGuard AdBlocker -> C:Program FilesWindowsAppsAdguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-09] (Performix)

Amazon -> C:Program FilesWindowsAppsAmazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-29] (Amazon.com)

Candy Crush Soda Saga -> C:Program FilesWindowsAppsking.com.CandyCrushSodaSaga_1.167.200.0_x86__kgqvnymyfvs32 [2020-05-06] (king.com)

Hearts Deluxe -> C:Program FilesWindowsApps26720RandomSaladGamesLLC.HeartsDeluxe_6.6.26.0_x64__kx24dqmazqk8j [2020-01-25] (Random Salad Games LLC) [MS Ad]

HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-04-15] (HP Inc.)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-27] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-27] (Microsoft Corporation) [MS Ad]

Microsoft News -> C:Program FilesWindowsAppsMicrosoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]

MSN Money -> C:Program FilesWindowsAppsMicrosoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

MSN Sports -> C:Program FilesWindowsAppsMicrosoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]

Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-10] (Netflix, Inc.)

Simple Solitaire -> C:Program FilesWindowsApps26720RandomSaladGamesLLC.SimpleSolitaire_6.18.78.0_x64__kx24dqmazqk8j [2020-03-03] (Random Salad Games LLC) [MS Ad]

Snapfish -> C:Program FilesWindowsAppsAD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-05] (Snapfish)

TripAdvisor Hotels Flights Restaurants -> C:Program FilesWindowsAppsTripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)

Twitter -> C:Program FilesWindowsApps9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> 4433A54A-1AC8-432F-90FC-85F045CF383C => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ShellIconOverlayIdentifiers: [  OverlayPending] -> F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ShellIconOverlayIdentifiers: [  OverlayProtected] -> 476D0EA3-80F9-48B5-B70B-05E677C9C148 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> 4433A54A-1AC8-432F-90FC-85F045CF383C => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> 476D0EA3-80F9-48B5-B70B-05E677C9C148 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ContextMenuHandlers1: [BUContextMenu] -> F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program FilesNorton SecurityEngine22.20.2.57NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program FilesNorton SecurityEngine22.20.2.57NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:WINDOWSSystem32DriverStoreFileRepositoryki131064.inf_amd64_5d13f27a9a9843faigfxDTCM.dll [2019-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [BUContextMenu] -> F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program FilesNorton SecurityEngine22.20.2.57NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.i420] => C:WINDOWSsystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersphyliDesktopMy AOL.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) ->  –profile-directory=Default –app-id=pigepclndadjaebpijfcjeeefpjhcdca

ShortcutWithArgument: C:UsersphyliAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsMy AOL.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) ->  –profile-directory=Default –app-id=pigepclndadjaebpijfcjeeefpjhcdca

ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsPriceline.com.lnk -> C:Program Files (x86)Hewlett-PackardSharedWizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSMR521 => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSMR521.SYS => ""="Driver"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkWRBoot => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 – 2015-10-30 03:21 – 000000824 ____N C:WINDOWSsystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;%SYSTEMROOT%System32OpenSSH;C:Program FilesIntelWiFibin;C:Program FilesCommon FilesIntelWirelessCommon

HKUS-1-5-21-999762305-681959455-3457413626-1001Control PanelDesktop\Wallpaper ->

DNS Servers: 192.168.1.1 – 10.255.0.0

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Warn)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedStartupFolder: => "Install LastPass IE RunOnce.lnk"

HKLM…StartupApprovedRun: => "RTHDVCPL"

HKLM…StartupApprovedRun32: => "PowerDVD14Agent"

HKLM…StartupApprovedRun32: => "WRSVC"

HKLM…StartupApprovedRun32: => "HostManager"

HKLM…StartupApprovedRun32: => "SecurityHealth"

HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedStartupFolder: => "AOL Desktop Launcher.lnk"

HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "CCleaner Monitoring"

HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "OneDrive"

HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "Uninstall 17.3.7076.1026amd64"

HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "Uninstall 17.3.7076.1026"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [54640540-F97A-4412-900E-39472727094D] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe (Intel Corporation -> )

FirewallRules: [8DC4717E-FCAF-469D-9E12-79DB0B253EF1] => (Allow) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)

FirewallRules: [791E7CF7-C352-4609-87FE-4C2E705A6E1F] => (Allow) C:Program Files (x86)Common FilesMcafeeMMSSHostMMSSHost.exe => No File

FirewallRules: [AF62C409-25E2-4AEC-9DEC-12B069A10F79] => (Allow) C:Program Files (x86)Common FilesAOLSystem Informationsinf.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [F3B8345F-5967-46B5-BA4F-A598A14D09D3] => (Allow) C:Program Files (x86)Common FilesAOLSystem Informationsinf.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [FF87652F-D92F-4FD5-B8D2-DC22659AB369] => (Allow) C:Program Files (x86)Common FilesAOLLoaderaolload.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [29CAECA3-8459-490A-B734-D5D8B16E5BC5] => (Allow) C:Program Files (x86)Common FilesAOLLoaderaolload.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [3241FBCD-FFAC-4EE7-8F09-8A5105596348] => (Allow) C:Program Files (x86)Common FilesAOLTopSpeed3.0aoltpsd3.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [1958B452-6813-4A87-A829-95800B9FDB77] => (Allow) C:Program Files (x86)Common FilesAOLTopSpeed3.0aoltpsd3.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [E46AC436-D866-4D71-B2B9-ADE4A9339A1B] => (Allow) C:Program Files (x86)AOL Desktop 9.8.2waol.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [975C4FE9-8C93-4A39-AD4A-033BF7D371FD] => (Allow) C:Program Files (x86)AOL Desktop 9.8.2waol.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [A012B925-4D8A-4CA0-90E5-ECD661D3E083] => (Allow) C:Program Files (x86)Common FilesAOL1474834258eeaolsoftware.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [DB6A911E-74F0-457F-BFF3-291FBD427D56] => (Allow) C:Program Files (x86)Common FilesAOL1474834258eeaolsoftware.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [9F2E22A7-C276-4028-875D-E9BE1FCE1F3D] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLacsd.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [71A37010-12B4-4407-B154-0F9980309A79] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLacsd.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [C733D88A-3187-4419-87C5-1A0EB1FDCCBB] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLDial.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [9A69636F-43A5-4523-ADC5-B05E7329E939] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLDial.exe (AOL Inc. -> AOL Inc.)

FirewallRules: [B745797E-820D-45A1-9096-B8F2E7D887CA] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVD CinemaPowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [8A476C2A-9A52-41E6-8608-EA62290278ED] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [F4ECB65E-59C8-477E-BA52-2A2020C15832] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [76B1143C-70F8-452E-94C8-3CB3C4C595B6] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14KernelDMSCLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)

FirewallRules: [903790A5-47BC-4DE7-B8EF-5FFA2A23BFF3] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [70D32C90-6419-457B-8B12-37EF83F7CB75] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [9027CB07-C9CF-4D46-8607-8A1AC3201DBF] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [3770051C-48E7-46F6-85CC-DCE51562BD14] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [AB9F9C90-7C33-40D1-9DDF-CA8253003040] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [530F0275-912A-49A4-A418-E5014F38FF16] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinFaxApplications.exe (HP Inc -> HP Inc.)

FirewallRules: [4E862923-0E31-4D90-A8D4-BD42EF44D066] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinDigitalWizards.exe (HP Inc -> HP Inc.)

FirewallRules: [6ACD8E74-027D-4580-8EE3-351AABAB3602] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinSendAFax.exe (HP Inc -> HP Inc.)

FirewallRules: [61D83D5B-BCA4-4DDA-8B89-DF5986B5E587] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinFaxPrinterUtility.exe (HP Inc -> HP Inc.)

FirewallRules: [D83F6F84-CB01-4B1B-B74F-522E4ED00D68] => (Allow) C:Program FilesHPHP Officejet 5740 seriesBinDeviceSetup.exe (HP Inc -> HP Inc.)

FirewallRules: [CBB4B686-C3E0-42EA-8BA8-FD001355A894] => (Allow) LPort=5357

FirewallRules: [16643FC5-67E9-487C-B277-A99B9C0B0A91] => (Allow) C:Program FilesHPHP Officejet 5740 seriesBinHPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)

FirewallRules: [38841FC4-2F6E-48B2-A565-A7D70AD5936C] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [4D96E522-6D29-4ED1-A56E-3DCF75D7A03E] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [E7F8679D-AFED-4B1A-9DCE-40715CC682D2] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [D06019FB-2384-4BB9-A71A-4CE2590E3755] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [170F4B69-67DF-4CB1-93D6-EC86EAE15F14] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

20-04-2020 17:12:46 Windows Update

28-04-2020 15:32:48 Scheduled Checkpoint

07-05-2020 12:26:10 Scheduled Checkpoint

11-05-2020 15:24:27 tech

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (05/12/2020 08:10:51 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (832,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/12/2020 06:19:26 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (11352,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/12/2020 06:12:16 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)

Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (05/12/2020 06:12:16 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)

Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (05/12/2020 06:12:16 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)

Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (05/12/2020 06:08:14 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (6280,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/12/2020 10:17:45 AM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (6160,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/11/2020 08:06:19 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (3468,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

System errors:

=============

Error: (05/11/2020 07:41:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:

Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (05/11/2020 07:40:58 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

DD522ACC-F821-461A-A407-50B198B896DC

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:

9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:

9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:

9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:

9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:39:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

DD522ACC-F821-461A-A407-50B198B896DC

Error: (05/11/2020 07:38:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B)

Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:

DD522ACC-F821-461A-A407-50B198B896DC

CodeIntegrity:

===================================

Date: 2020-05-12 18:10:41.976

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-05-12 18:10:35.458

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMsMpEng.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:35.390

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMsMpEng.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:35.376

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMsMpEng.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:34.197

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:34.178

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:32.348

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-05-12 18:10:32.302

La description:

Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: AMI A0.13 12/21/2015

Motherboard: HP 2B47

Processor: Intel® Core™ i5-6400 CPU @ 2.70GHz

Percentage of memory in use: 39%

Total physical RAM: 12183.87 MB

Available physical RAM: 7377.78 MB

Total Virtual: 14039.87 MB

Available Virtual: 8974.65 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1849.94 GB) (Free:1785.56 GB) NTFS

Drive d: (Recovery Image) (Fixed) (Total:11.64 GB) (Free:1.51 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive e: (OS) (Fixed) (Total:581.11 GB) (Free:399.92 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:0.29 GB) NTFS

Drive h: (Apria DVD Project June 2019) (CDROM) (Total:7.95 GB) (Free:0 GB) UDF

\?Volume43b2a7e8-a447-45e8-ac50-4bc30569771a (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.52 GB) NTFS

\?Volume832b0909-50d7-4b26-88e3-66a386fdb90d (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 1863 GB) (Disk ID: 2BD6946D)

Partition: GPT.

==========================================================

Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 90000000)

Partition 1: (Not Active) – (Size=63 MB) – (Type=DE)

Partition 2: (Not Active) – (Size=15 GB) – (Type=07 NTFS)

Partition 3: (Active) – (Size=581.1 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.