Fell for phone tech support scan – malware possible – Resoudre les problemes d’un serveur MineCraft

Un ami est tombé pour une arnaque téléphonique hier et leur a permis d'accéder à distance à son ordinateur et leur a donné 500 $. Vous voulez vérifier que rien ne se cache en arrière-plan.

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020 Ran par phyli (administrateur) sur DESKTOP-GIRJ15B (HP 750-114) (12-05-2020 20:54:26) Exécution à partir de C: Users phyli Downloads Profils chargés: phyli Plateforme: Windows 10 Home Version 1903 18362.778 (X64) Langue: anglais (États-Unis) Navigateur par défaut: Chrome Mode de démarrage: Normal

==================== Processus (liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Apple Inc. -> Apple Inc.) C: Program Files Bonjour mDNSResponder.exe (CyberLink Corp. ->) C: Program Files CyberLink Shared files RichVideo64.exe (Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe (Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler.exe (Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C: Program Files (x86) Hewlett-Packard Shared hpqwmiex.exe (HP Inc -> HP Inc.) C: Program Files HP HP Officejet série 5740 Bin HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) C: Program Files HP HP Officejet série 5740 Bin ScanToPCActivationApp.exe (HP Inc. -> HP Inc.) C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe (HP Inc. -> HP Inc.) C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe (Intel CASE -> Intel Corporation) C: Program Files Intel Intel® Ready Mode Technology IRMTService.exe (Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe (Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) C: Program Files (x86) Intel Intel® Management Engine Components LMS LMS.exe (Intel Corporation -> Intel® Corporation) C: Program Files Fichiers communs Intel WirelessCommon RegSrvc.exe (Intel Corporation -> Intel® Corporation) C: Program Files Intel WiFi bin EvtEng.exe (Intel Corporation -> Intel® Corporation) C: Program Files Intel WiFi bin ZeroConfigService.exe (Société intel) [File not signed] C: Program Files (x86) Intel Intel® Security Assist isa.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa igfxCUIService.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa igfxEM.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa IntelCpHDCPSvc.exe (Intel® pGFX -> Intel Corporation) C: Windows System32 DriverStore FileRepository ki131064.inf_amd64_5d13f27a9a9843fa IntelCpHeciSvc.exe (Solutions de connectivité sans fil Intel® -> Intel Corporation) C: Windows System32 ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C: Windows SystemApps Microsoft.MicrosoftEdge_8wekyb3d8bbwe MicrosoftEdge.exe (Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkAudioService64.exe (Symantec Corporation -> Symantec Corporation) C: Program Files Norton Security Engine 22.20.2.57 NortonSecurity.exe (Symantec Corporation -> Symantec Corporation) C: Program Files Norton Security Engine 22.20.2.57 nsWscSvc.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Desktop.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer tv_w32.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer tv_x64.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [8790264 2016-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32 … Exécuter: [PowerDVD14Agent] => C: Program Files (x86) CyberLink PowerDVD14 PowerDVD14Agent.exe [795336 2015-10-01] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32 … Exécuter: [HostManager] => C: Program Files (x86) Common Files AOL 1474834258 ee AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.) HKU S-1-5-21-999762305-681959455-3457413626-1001 … Run: [CCleaner Monitoring] => C: Program Files CCleaner CCleaner64.exe [19645800 2019-03-03] (Piriform Software Ltd -> Piriform Software Ltd) HKU S-1-5-21-999762305-681959455-3457413626-1001 … Run: [HP Officejet 5740 series (NET)] => C: Program Files HP HP Officejet série 5740 Bin ScanToPCActivationApp.exe [3769248 2019-03-19] (HP Inc -> HP Inc.) HKU S-1-5-21-999762305-681959455-3457413626-1001 … MountPoints2: 31631547-282d-11ea-9d24-08d40c8c8d7b – "H: autorun.exe" HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 81.0.4044.138 Installer chrmstp.exe [2020-05-08] (Google LLC -> Google LLC) Démarrage: C: Users phyli AppData Roaming Microsoft Windows Start Menu Programs Startup AOL Desktop Launcher.lnk [2020-05-11] ShortcutTarget: AOL Desktop Launcher.lnk -> C: Users phyli AppData Local AOLDesktop AolTrayApp.exe (AOL, Inc -> AOL Inc.)

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 0338B702-2581-4FA4-91AE-848E0471747D – System32 Tasks Hewlett-Packard HP Active Health HP Active Health Scan (HPSA) => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPActiveHealth ActiveHealth.exe [25128 2017-11-20] (HP Inc. ->) Tâche: 0BC2EE53-122D-4F08-B931-2D8EBC0B87C0 – System32 Tasks Norton 360 Norton 360 Autofix => C: Program Files Norton Security Engine 22.20.2.57 SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation) Tâche: 19444715-C7A7-4B9E-ADC9-E9EAA4A336FB – System32 Tasks Microsoft Windows RemovalTools MRT_ERROR_HB => C: WINDOWS system32 MRT.exe [121542864 2020-03-11] (Microsoft Windows -> Microsoft Corporation) [File not signed] Tâche: 1A92604C-9785-4B3F-BABF-B9344300A525 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_DeviceScan => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.) Tâche: 23805DAC-C2B3-4B17-8267-1B13BCF64F3F – System32 Tasks HPCustParticipation HP Officejet série 5740 => C: Program Files HP HP Officejet série 5740 Bin HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.) Tâche: 26862040-7E37-4842-8060-616A847935D7 – Microsoft Windows UNP RunCampaignManager -> Aucun fichier <==== ATTENTION Tâche: 2892222B-8961-44EA-A488-4EAF68E62FF6 ​​- System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1506680 2019-06-14] (HP Inc. -> HP Inc.) Tâche: 30798301-D556-4A67-A303-E078BAEEA94D – System32 Tasks HPCeeScheduleForphyli => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe [96568 2015-06-16] (Société Hewlett-Packard -> Hewlett-Packard) Tâche: 3BF5FEFF-B156-442E-83A7-88538B7E0701 – System32 Tasks CCleanerSkipUAC => C: Program Files CCleaner CCleaner.exe [14679256 2019-03-03] (Piriform Software Ltd -> Piriform Software Ltd) Tâche: 466881AC-5DFD-4836-B0D9-F7634D65DB29 – System32 Tasks Intel Intel Telemetry 2 => C: Program Files Intel Telemetry 2.0 lrio.exe [1698000 2015-06-05] (Logiciel Intel® -> Intel Corporation) Tâche: 4A88543E-19C3-49EC-A150-14140125BD0D – System32 Tasks CCleaner Update => C: Program Files CCleaner CCUpdate.exe [619416 2019-03-03] (Piriform Software Ltd -> Piriform Software Ltd) Tâche: 5359FDCE-AFC2-4D1D-A5B9-56F1617BF591 – System32 Tasks DropboxUpdateTaskMachineCore => C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.) Tâche: 5E7E7438-1246-4277-9A2F-C6411DB6349C – System32 Tasks Hewlett-Packard HP Support Assistant Product Configurator => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources ProductConfig .EXE [320856 2020-04-23] (HP Inc. -> HP Inc.) Tâche: 69EFEB71-23BC-4B1C-BE4F-7B71587FEDAB – System32 Tasks Norton 360 Norton 360 Error Processor => C: Program Files Norton Security Engine 22.20.2.57 SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation) Tâche: 6CD0BF4F-6054-4830-9806-972847917DB9 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Assistant Quick Start => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Tâche: 72D22111-0F52-45AE-8C72-7B54E7179787 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.) Tâche: 7DBD3255-B12E-48C1-99D9-7E999C324195 – System32 Tasks Hewlett-Packard HP Support Assistant Critical Update Pending => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1506680 2019-06-14] (HP Inc. -> HP Inc.) Tâche: 8613B10A-F593-4051-B6D3-C1174FAB8609 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_TH6254X0JD => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.) Tâche: 990D433C-DF44-4DE9-893D-0F707834FF54 – System32 Tasks Remediation AntimalwareMigrationTask => C: Program Files Common Files AV Norton 360 Upgrade.exe [2162704 2020-03-20] (Symantec Corporation -> Symantec Corporation) Tâche: 9A8CA25D-1EE2-4A1C-BC11-133EB4DE03F3 – System32 Tasks IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C: Program Files (x86) Intel Corporation Intel WiDi Intel® Software Asset Manager bin IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel® Software Asset Manager -> Intel Corporation) Tâche: AEF5F555-14EA-4D89-BA5E-16BC63091F73 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.) Tâche: B3DBA422-AB32-4861-895F-EF36381A7F1D – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-01-12] (Google Inc -> Google Inc.) Tâche: BFBE589E-4AF0-44AC-90B7-FA7DB538250A – System32 Tasks DropboxOEM => C: Program Files (x86) Dropbox DropboxOEM DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc ->) Tâche: C0665B30-D9E6-421F-9B25-37FF210D048A – System32 Tasks IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C: Program Files (x86) Intel Corporation Intel WiDi Intel® Gestionnaire d'actifs logiciels bin IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel® Software Asset Manager -> Intel Corporation) Tâche: C09D1165-9A84-48B3-88AA-EB9B83A7142E – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Report => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.) Tâche: C0EC152F-0F52-4482-9B82-0859E05A899B – Analyseur d'erreur System32 Tasks Norton 360 Norton 360 => C: Program Files Norton Security Engine 22.20.2.57 SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation) Tâche: CA553F06-3C9D-4899-9117-B49C1C5FFF46 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.) Tâche: CEE140FD-BB4B-4A75-BEDF-5B0DC2E129AC – System32 Tasks Norton WSC Integration => C: Program Files Norton Security Engine 22.20.2.57 WSCStub.exe [645008 2020-03-20] (Symantec Corporation -> Symantec Corporation) Tâche: DA0C5F76-E8A2-4899-B9E2-1DEA8509D76A – System32 Tasks IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C: Program Files (x86) Intel Intel® Update Manager bin iumsvc .EXE Tâche: E3CADEF5-B4B0-44FC-8B66-A0A6738B95FC – System32 Tasks DropboxUpdateTaskMachineUA => C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: WINDOWS Tasks CreateExplorerShellUnelevatedTask.job => C: WINDOWS explorer.exe Tâche: C: WINDOWS Tasks DropboxUpdateTaskMachineCore.job => C: Program Files (x86) Dropbox Update DropboxUpdate.exe Tâche: C: WINDOWS Tasks DropboxUpdateTaskMachineUA.job => C: Program Files (x86) Dropbox Update DropboxUpdate.exe Tâche: C: WINDOWS Tasks HPCeeScheduleForphyli.job => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Tcpip .. Interfaces 686E1526-5487-4579-9D5C-7D997F0C562C: [NameServer] 10.255.0.0 Tcpip .. Interfaces 93fb8a86-3933-4476-8281-93ec070b093c: [DhcpNameServer] 192.168.1.1 Tcpip .. Interfaces aa2d2754-dc20-488c-91bb-6e946e6395e0: [DhcpNameServer] 192.168.1.1

Internet Explorer: ================== HKLM SOFTWARE Policies Microsoft Internet Explorer: restriction <==== ATTENTION HKLM Software Microsoft Internet Explorer Main, Page de démarrage = hxxp: //hp15-comm.msn.com/? Pc = HRTE HKLM Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp15-comm.msn.com/? Pc = HRTE HKU .DEFAULT Software Microsoft Internet Explorer Main, page de démarrage = hxxp: //hp15-comm.msn.com/? Pc = HRTE HKU .DEFAULT Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp15-comm.msn.com/? Pc = HRTE HKU S-1-5-21-999762305-681959455-3457413626-1001 Software Microsoft Internet Explorer Main, page de démarrage = hxxp: //hp15-comm.msn.com/? Pc = HRTE HKU S-1-5-21-999762305-681959455-3457413626-1001 Software Microsoft Internet Explorer Main, Default_Page_URL = hxxp: //hp15-comm.msn.com/? Pc = HRTE SearchScopes: HKLM -> 956A3832-1434-48B4-B7D0-393563D77BB0 URL = hxxp: //www.amazon.com/s/ref=azs_osd_iea? Ie = UTF-8 & tag = hp-us1-vsb-20 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms SearchScopes: HKLM-x32 -> 956A3832-1434-48B4-B7D0-393563D77BB0 URL = hxxp: //www.amazon.com/s/ref=azs_osd_iea? Ie = UTF-8 & tag = hp-us1-vsb-20 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms SearchScopes: HKU S-1-5-21-999762305-681959455-3457413626-1001 -> 956A3832-1434-48B4-B7D0-393563D77BB0 URL = hxxp: //www.amazon.com/s/ref=azs_osd_iea? ie = UTF-8 & tag = hp-us1-vsb-20 & link% 5Fcode = qs & index = aps & field-keywords = searchTerms BHO: Norton Password Manager -> 602ADB0E-4AFF-4217-8AA1-95DAC4DFA408 -> C: Program Files Norton Security Engine 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) BHO-x32: Norton Password Manager -> 602ADB0E-4AFF-4217-8AA1-95DAC4DFA408 -> C: Program Files Norton Security Engine32 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) BHO-x32: extension Evernote -> 92EF2EAD-A7CE-4424-B0DB-499CF856608E -> C: Program Files (x86) Evernote Evernote EvernoteIE.dll [2015-07-01] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.) Barre d'outils: HKLM – Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C: Program Files Norton Security Engine 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) Barre d'outils: HKLM-x32 – Norton Toolbar – 7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA – C: Program Files Norton Security Engine32 22.20.2.57 coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

Bord: ====== DownloadDir: C: Users phyli Downloads Extension de bord: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C: Program Files WindowsApps EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-05-11] Extension Edge: (AdGuard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C: Program Files WindowsApps Adguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-09]

FireFox: ======== FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; version = 4.0.68 -> C: Program Files (x86) Intel Intel® Management Engine Components IPT npIntelWebAPIIPT.dll [2015-08-25] (Logiciel Intel® Identity Protection Technology -> Intel Corporation) FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI Updater -> C: Program Files (x86) Intel Intel® Management Engine Components IPT npIntelWebAPIUpdater.dll [2015-08-25] (Logiciel Intel® Identity Protection Technology -> Intel Corporation) FF Plugin-x32: @ viewpoint.com / VMP -> C: Program Files (x86) Viewpoint Viewpoint Experience Technology npViewpoint.dll [2004-02-20] () [File not signed]

Chrome: ======= CHR DefaultProfile: Par défaut Profil CHR: C: Users phyli AppData Local Google Chrome User Data Default [2020-05-12] CHR DefaultSearchURL: Par défaut -> hxxps: //s.aolcdn.com/webmail-static/webmail/180517.1559/aol/en-us/images/favicon.ico Extension CHR: (diapositives) – C: Users phyli AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2018-01-12] Extension CHR: (Docs) – C: Users phyli AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2018-01-12] Extension CHR: (Google Drive) – C: Users phyli AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2018-01-12] Extension CHR: (YouTube) – C: Users phyli AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-12] Extension CHR: (Adblock Plus – bloqueur de publicités gratuit) – C: Users phyli AppData Local Google Chrome User Data Default Extensions cfhdojbkjhnklbpkdaibdccddilifddb [2020-05-11] Extension CHR: (Sheets) – C: Users phyli AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2018-01-12] Extension CHR: (Google Docs hors ligne) – C: Users phyli AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-11] Extension CHR: (Paiements Chrome Web Store) – C: Users phyli AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2020-04-15] Extension CHR: (Mon AOL) – C: Users phyli AppData Local Google Chrome User Data Default Extensions pigepclndadjaebpijfcjeeefpjhcdca [2018-05-22] Extension CHR: (Gmail) – C: Users phyli AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17] Extension CHR: (Chrome Media Router) – C: Users phyli AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-11]

==================== Services (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

S2 dbupdate; C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C: Program Files (x86) Dropbox Update DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.) R2 HPSupportSolutionsFrameworkService; C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.) R2 HPTouchpointAnalyticsService; C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.) R2 ibtsiva; C: WINDOWS System32 ibtsiva.exe [536864 2020-01-06] (Solutions de connectivité sans fil Intel® -> Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C: Program Files Intel iCLS Client SocketHeciServer.exe [881152 2015-05-22] (Service Intel® Trusted Connect -> Intel® Corporation) R3 Intel® Security Assist; C: Program Files (x86) Intel Intel® Security Assist isa.exe [335872 2015-05-19] (Société intel) [File not signed] S3 Intel® WiDi SAM; C: Program Files (x86) Intel Corporation Intel WiDi Intel® Software Asset Manager bin IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel® Software Asset Manager -> Intel Corporation) R2 IRMTService; c: Program Files Intel Intel® Ready Mode Technology IRMTService.exe [181520 2015-07-13] (Intel CASE -> Intel Corporation) S2 isaHelperSvc; C: Program Files (x86) Intel Intel® Security Assist isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C: Program Files (x86) Intel Intel® Management Engine Components DAL jhi_service.exe [207648 2015-10-16] (Intel Corporation – Groupe des sous-systèmes intégrés et blocs IP -> Intel Corporation) S3 MyWiFiDHCPDNS; C: Program Files Intel WiFi bin PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation ->) R2 NortonSecurity; C: Program Files Norton Security Engine 22.20.2.57 NortonSecurity.exe [344760 2020-03-20] (Symantec Corporation -> Symantec Corporation) R2 nsWscSvc; C: Program Files Norton Security Engine 22.20.2.57 nsWscSvc.exe [1055960 2020-03-20] (Symantec Corporation -> Symantec Corporation) R2 RichVideo64; C: Program Files CyberLink Fichiers partagés RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. ->) R2 RtkAudioService; C: Program Files Realtek Audio HDA RtkAudioService64.exe [316152 2016-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) R2 TeamViewer; C: Program Files (x86) TeamViewer TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C: Program Files Windows Defender NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C: Program Files Windows Defender MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C: Program Files Intel WiFi bin ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation) S4 WRSVC; Service "C: Program Files Webroot WRSA.exe" [X]

===================== Pilotes (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R1 BHDrvx64; C: Program Files Norton Security NortonData 22.20.2.57 Definitions BASHDefs 20200511.006 BHDrvx64.sys [1952136 2020-05-11] (Symantec Corporation -> Symantec Corporation) S3 BthA2dp; C: WINDOWS System32 drivers BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed] R1 ccSet_NGC; C: WINDOWS System32 drivers NGCx64 1614020.039 ccSetx64.sys [192376 2020-03-20] (Symantec Corporation -> Symantec Corporation) R1 eeCtrl; C: Program Files (x86) Common Files Symantec Shared EENGINE eeCtrl64.sys [516784 2019-10-08] (Symantec Corporation -> Symantec Corporation) U3 EraserUtilDrv11910; C: Program Files (x86) Common Files Symantec Shared EENGINE EraserUtilDrv11910.sys [154288 2020-05-12] (Symantec Corporation -> Symantec Corporation) R3 ibtusb; C: WINDOWS System32 DriverStore FileRepository ibtusb.inf_amd64_b45bba99c1e61776 ibtusb.sys [301560 2019-12-02] (Solutions de connectivité sans fil Intel® -> Intel Corporation) R1 IDSVia64; C: Program Files Norton Security NortonData 22.20.2.57 Definitions IPSDefs 20200512.061 IDSvia64.sys [1451016 2020-05-12] (Symantec Corporation -> Symantec Corporation) R3 IntelReadyModeDriver; C: WINDOWS System32 drivers IntelReadyModeDriver.sys [33512 2015-07-13] (Intel CASE -> Intel Corporation) R0 MBAMSwissArmy; C: WINDOWS System32 Drivers mbamswissarmy.sys [253880 2018-01-12] (Malwarebytes Corporation -> Malwarebytes) R3 Netwtw04; C: WINDOWS system32 DRIVERS Netwtw04.sys [8720384 2019-08-27] (Solutions de connectivité sans fil Intel® -> Intel Corporation) R3 rt640x64; C: WINDOWS System32 drivers rt640x64.sys [886528 2015-06-03] (Realtek Semiconductor Corp -> Realtek) R3 RTSUER; C: WINDOWS system32 Drivers RtsUer.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) R3 SRTSP; C: WINDOWS System32 drivers NGCx64 1614020.039 SRTSP64.SYS [889520 2020-03-20] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C: WINDOWS System32 drivers NGCx64 1614020.039 SRTSPX64.SYS [50864 2020-03-20] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C: WINDOWS System32 drivers NGCx64 1614020.039 SYMEFASI64.SYS [1964552 2020-03-20] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C: WINDOWS System32 drivers NGCx64 1614020.039 SymELAM.sys [25024 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation) R3 SymEvent; C: WINDOWS system32 Drivers SYMEVENT64x86.SYS [99848 2020-05-12] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C: Program Files Norton Security NortonData 22.20.2.57 SymPlatform SymEvnt.sys [712368 2020-01-06] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C: WINDOWS System32 drivers NGCx64 1614020.039 Ironx64.SYS [316656 2020-03-20] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C: WINDOWS System32 drivers NGCx64 1614020.039 symnets.sys [575280 2020-03-20] (Symantec Corporation -> Symantec Corporation) R3 wanatw; C: WINDOWS System32 drivers wanatw64.sys [24064 2006-11-29] (Éditeur de compatibilité matérielle Microsoft Windows -> America Online, Inc.) S3 WdBoot; C: WINDOWS system32 drivers WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C: WINDOWS system32 drivers WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C: WINDOWS System32 Drivers WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R1 wpCtrlDrv_NGC; C: WINDOWS System32 drivers NGCx64 1614020.039 wpCtrlDrv.sys [1012120 2020-03-20] (Symantec Corporation -> Symantec Corporation) S4 WRBoot; System32 drivers WRBoot.sys [X] R4 WRkrn; System32 drivers WRkrn.sys [X]

==================== NetSvcs (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

==================== Un mois (créé) ===================

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)

2020-05-12 20:54 – 2020-05-12 20:55 – 000027915 _____ C: Users phyli Downloads FRST.txt 2020-05-12 20:54 – 2020-05-12 20:55 – 000000000 ____D C: FRST 2020-05-12 20:53 – 2020-05-12 20:53 – 002285568 _____ (Farbar) C: Users phyli Downloads FRST64.exe 2020-05-12 20:22 – 2020-05-12 20:22 – 000000000 ____D C: WINDOWS system32 Tasks Remediation 2020-05-12 18:10 – 2020-05-12 18:14 – 000000000 ____D C: WINDOWS system32 Tasks Norton 360 2020-05-12 18:08 – 2020-05-12 18:08 – 000099848 _____ (Symantec Corporation) C: WINDOWS system32 Drivers SYMEVENT64x86.SYS 2020-05-12 18:08 – 2020-05-12 18:08 – 000008616 _____ C: WINDOWS system32 Drivers SYMEVENT64x86.CAT 2020-05-12 18:08 – 2020-05-12 18:08 – 000003376 _____ C: WINDOWS system32 Tasks Norton WSC Integration 2020-05-12 18:08 – 2020-05-12 18:08 – 000002306 _____ C: Users Public Desktop Norton Security.lnk 2020-05-12 18:08 – 2020-05-12 18:08 – 000002306 _____ C: ProgramData Desktop Norton Security.lnk 2020-05-12 18:08 – 2020-05-12 18:08 – 000000000 ____D C: Program Files Fichiers communs Symantec Shared 2020-05-12 18:07 – 2020-05-12 18:08 – 000000000 ___RD C: ProgramData Microsoft Windows Menu Démarrer Programmes Norton Security 2020-05-12 18:07 – 2020-05-12 18:07 – 000000000 ____D C: WINDOWS system32 Drivers NGCx64 2020-05-12 18:07 – 2020-05-12 18:07 – 000000000 ____D C: Program Files Norton Security 2020-05-12 18:05 – 2020-05-12 18:05 – 000000000 ____D C: ProgramData NortonInstaller 2020-05-12 18:05 – 2020-05-12 18:05 – 000000000 ____D C: Program Files (x86) NortonInstaller 2020-05-12 18:04 – 2020-05-12 18:04 – 003666744 _____ (Symantec Corporation) C: Users phyli Downloads N360Downloader.exe 2020-05-12 18:04 – 2020-05-12 18:04 – 000001379 _____ C: Users phyli Desktop Norton Installation Files.lnk 2020-05-12 18:04 – 2020-05-12 18:04 – 000000000 ____D C: Users Public Downloads Norton 2020-05-11 19:43 – 2020-05-11 19:46 – 000000000 ____D C: Users phyli AppData Local TeamViewer 2020-05-11 18:23 – 2020-05-11 18:24 – 000000000 ____D C: NPE 2020-05-11 18:23 – 2020-05-11 18:22 – 000120122 _____ C: WINDOWS ntbtlog.txt 2020-05-11 18:21 – 2020-05-11 18:22 – 009615808 _____ (NortonLifeLock Inc.) C: Users phyli Downloads NPE (2) .exe 2020-05-11 18:17 – 2020-05-11 18:24 – 000000214 _____ C: WINDOWS Tasks CreateExplorerShellUnelevatedTask.job 2020-05-11 18:11 – 2020-05-12 18:10 – 000000000 ____D C: ProgramData Norton 2020-05-11 18:11 – 2020-05-11 19:55 – 000000000 ____D C: Users phyli AppData Local NPE 2020-05-11 18:11 – 2020-05-11 18:11 – 009615808 _____ (NortonLifeLock Inc.) C: Users phyli Downloads NPE.exe 2020-05-11 18:11 – 2020-05-11 18:11 – 009615808 _____ (NortonLifeLock Inc.) C: Users phyli Downloads NPE (1) .exe 2020-05-11 17:52 – 2020-05-12 18:30 – 000000000 ____D C: Program Files (x86) TeamViewer 2020-05-11 17:52 – 2020-05-11 17:52 – 000001119 _____ C: ProgramData Microsoft Windows Start Menu Programs TeamViewer.lnk 2020-05-11 17:52 – 2020-05-11 17:52 – 000001107 _____ C: Users Public Desktop TeamViewer.lnk 2020-05-11 17:52 – 2020-05-11 17:52 – 000001107 _____ C: ProgramData Desktop TeamViewer.lnk 2020-05-11 17:52 – 2020-05-11 17:52 – 000000000 ____D C: Users phyli AppData Roaming TeamViewer 2020-05-11 17:49 – 2020-05-11 17:49 – 026709944 _____ (TeamViewer Germany GmbH) C: Users phyli Downloads TeamViewer_Setup.exe 2020-05-11 15:32 – 2020-05-11 15:32 – 000000000 ____D C: Users phyli Documents 1-888-511-8605 2020-05-11 15:28 – 2020-05-11 15:28 – 000290304 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 subinacl.exe 2020-05-11 15:28 – 2020-05-11 15:28 – 000000000 ____D C: Program Files (x86) Adware Removal Tool by TSA 2020-05-11 15:25 – 2020-05-11 15:26 – 000000000 ____D C: Users phyli AppData Local PlaceholderTileLogoFolder 2020-05-11 15:22 – 2020-05-11 15:22 – 000007601 _____ C: Users phyli AppData Local Resmon.ResmonCfg 2020-04-15 17:35 – 2020-04-15 17:35 – 025444352 _____ (Microsoft Corporation) C: WINDOWS system32 Hydrogen.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 019850240 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 edgehtml.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 019812864 _____ (Microsoft Corporation) C: WINDOWS system32 HologramWorld.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 018027520 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mshtml.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 007017472 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mstscax.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 005910016 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Chakra.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 004129624 _____ (Microsoft Corporation) C: WINDOWS system32 mfcore.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 003512320 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msi.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 002951832 _____ (Microsoft Corporation) C: WINDOWS system32 mfmp4srcsnk.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 002494744 _____ (Microsoft Corporation) C: WINDOWS system32 msmpeg2vdec.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 002180408 _____ (Microsoft Corporation) C: WINDOWS system32 workfolderssvc.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 001870408 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfmp4srcsnk.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 001610240 _____ (Microsoft Corporation) C: WINDOWS system32 HologramCompositor.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 001310720 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msjet40.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 001264640 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mstsc.exe 2020-04-15 17:35 – 2020-04-15 17:35 – 001151816 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmpeg2srcsnk.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 001013000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmpeg2srcsnk.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000983040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmkvsrcsnk.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000686080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000525312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsecedit.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000456192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appwiz.cpl 2020-04-15 17:35 – 2020-04-15 17:35 – 000444416 _____ (Microsoft Corporation) C:WINDOWSsystem32MSFlacDecoder.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000420152 _____ (Microsoft Corporation) C:WINDOWSsystem32MSAudDecMFT.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000380416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MSFlacDecoder.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000353792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msrd3x40.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000341504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msexcl40.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000321536 _____ (Microsoft Corporation) C:WINDOWSsystem32wbadmin.exe 2020-04-15 17:35 – 2020-04-15 17:35 – 000241152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msltus40.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000187392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasrad.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000179200 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.XamlHost.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000178176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumsvc.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000135168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.XamlHost.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000117248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000105472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakrathunk.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000105472 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFolders.exe 2020-04-15 17:35 – 2020-04-15 17:35 – 000070144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tsgqec.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasacct.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000050688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumapi.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000040448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iaspolcy.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimsg.dll 2020-04-15 17:35 – 2020-04-15 17:35 – 000023552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ias.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 022636544 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 017790464 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 014818816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Xaml.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 009930552 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 008013824 _____ (Microsoft Corporation) C:WINDOWSsystem32mstscax.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 007849216 _____ (Microsoft Corporation) C:WINDOWSsystem32OneCoreUAPCommonProxyStub.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 007756800 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 007604584 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 006523048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 006168064 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 005040640 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 004611584 _____ (Microsoft Corporation) C:WINDOWSsystem32msi.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 004563200 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 004538880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wininet.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 003802624 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 003753472 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_nt.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 003742544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64OneCoreUAPCommonProxyStub.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 003729408 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 003708928 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 003587384 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 003547648 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 003109376 _____ (Microsoft Corporation) C:WINDOWSsystem32wuaueng.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 002986808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 002871608 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 002800640 _____ (Microsoft Corporation) C:WINDOWSsystem32WinSAT.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 002800128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 002767928 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 002717184 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 002453504 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallService.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 002131456 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcDesktopMonSvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 002126144 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 002114560 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.CloudStore.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 002086656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001999960 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001960448 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001945600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcomp.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001942528 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001918976 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001835008 _____ (Microsoft Corporation) C:WINDOWSsystem32enterprisecsps.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001783296 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Input.Inking.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001764336 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowsCodecs.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001762816 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001757096 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi 2020-04-15 17:34 – 2020-04-15 17:34 – 001729024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallService.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001726264 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001719808 _____ (Microsoft Corporation) C:WINDOWSsystem32Wpc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001697792 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001665216 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001664896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001656904 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001646048 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001612800 _____ (Microsoft Corporation) C:WINDOWSsystem32wpncore.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001603584 _____ (Microsoft Corporation) C:WINDOWSsystem32dosvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001587712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadtb.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001545216 _____ (Microsoft Corporation) C:WINDOWSsystem32mstsc.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 001512832 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 001497600 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBroker.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001484384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WindowsCodecs.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001480192 _____ (Microsoft Corporation) C:WINDOWSsystem32usocoreworker.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 001477112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dcomp.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001458688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GdiPlus.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001427456 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Networking.Vpn.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001413840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gdi32full.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001413704 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001397576 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 001378528 _____ (Microsoft Corporation) C:WINDOWSsystem32webservices.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001368576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Wpc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001368576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Input.Inking.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001318912 _____ (Microsoft Corporation) C:WINDOWSsystem32wpnapps.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001300280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 001263856 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcMon.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 001261808 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001257472 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcss.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001245184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBroker.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001243648 _____ (Microsoft Corporation) C:WINDOWSsystem32TSWorkspace.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001180672 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.Web.Core.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001153024 _____ (Microsoft Corporation) C:WINDOWSsystem32windowsperformancerecordercontrol.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001136128 _____ (Microsoft Corporation) C:WINDOWSsystem32MbaeApiPublic.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001127424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcRefreshTask.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001083904 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001081856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Networking.Vpn.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001077064 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 001071616 _____ (Microsoft Corporation) C:WINDOWSsystem32BTAGService.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001055376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msctf.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001011200 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001009152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wpnapps.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 001008128 _____ (Microsoft Corporation) C:WINDOWSsystem32StorSvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000993280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TSWorkspace.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000982840 _____ (Microsoft Corporation) C:WINDOWSsystem32winhttp.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000980832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webservices.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000974336 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000924672 _____ (Microsoft Corporation) C:WINDOWSsystem32samsrv.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000923136 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Management.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000915192 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000912896 _____ (Microsoft Corporation) C:WINDOWSsystem32rasmans.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000893952 _____ (Microsoft Corporation) C:WINDOWSsystem32FlightSettings.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000892416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MbaeApiPublic.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000879616 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Service.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000874296 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000868864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windowsperformancerecordercontrol.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000865280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Security.Authentication.Web.Core.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000865280 _____ (Microsoft Corporation) C:WINDOWSsystem32netlogon.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000840704 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Language.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000836608 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000835584 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkfoldersControl.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000822208 _____ (Microsoft Corporation) C:WINDOWSsystem32fontdrvhost.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000811320 _____ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000785920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000783480 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000775696 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000772096 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrv2.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000768528 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winhttp.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000759272 _____ (Microsoft Corporation) C:WINDOWSsystem32taskschd.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000747320 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000735744 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEndpointBuilder.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000729600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64FlightSettings.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000722072 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BTAGService.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000684560 _____ (Microsoft Corporation) C:WINDOWSsystem32SHCore.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000673704 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppXDeploymentClient.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000673464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontdrvhost.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000668672 _____ (Microsoft Corporation) C:WINDOWSsystem32wsecedit.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000665088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netlogon.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000654912 _____ (Microsoft Corporation) C:WINDOWSsystem32advapi32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000647680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Internal.Management.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000638480 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000637240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorport.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000632832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WpcWebFilter.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000629760 _____ (Microsoft Corporation) C:WINDOWSsystem32ipnathlp.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000628616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000618296 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000605184 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000604984 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000595968 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000589384 _____ (Microsoft Corporation) C:WINDOWSsystem32audiodg.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000561464 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000555008 _____ (Microsoft Corporation) C:WINDOWSsystem32appwiz.cpl 2020-04-15 17:34 – 2020-04-15 17:34 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000538160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SHCore.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000532480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000530432 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000529408 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000524264 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Enumeration.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000516096 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotificationUx.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000515600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000513576 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000510792 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64win.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000507152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64taskschd.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000498688 _____ (Microsoft Corporation) C:WINDOWSsystem32ntshrui.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000497152 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhext.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000491008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcext.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000487784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64advapi32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS 2020-04-15 17:34 – 2020-04-15 17:34 – 000469504 _____ (Microsoft Corporation) C:WINDOWSsystem32cloudAP.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000465208 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000459688 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotifyIcon.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000456504 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000452096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpclip.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000441144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000437560 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000416016 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000415760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000410112 _____ (Microsoft Corporation) C:WINDOWSsystem32rascustom.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000408064 _____ (Microsoft Corporation) C:WINDOWSsystem32domgmt.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000406480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Enumeration.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32es.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000381440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntshrui.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000374784 _____ (Microsoft Corporation) C:WINDOWSsystem32ncbservice.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000355840 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicSvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000355328 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcApi.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000343552 _____ (Microsoft Corporation) C:WINDOWSsystem32wpr.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000339304 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Storage.ApplicationData.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64es.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000330240 _____ (Microsoft Corporation) C:WINDOWSsystem32omadmclient.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000324408 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000323584 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcommdlg.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000297272 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssdbus.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000285184 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicCapsule.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000278016 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcTok.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000277864 _____ (Microsoft Corporation) C:WINDOWSsystem32LsaIso.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000277504 _____ (Microsoft Corporation) C:WINDOWSsystem32scecli.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000268288 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3svc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000268008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Storage.ApplicationData.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000259776 _____ (Microsoft Corporation) C:WINDOWSsystem32logoncli.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000259072 _____ (Microsoft Corporation) C:WINDOWSsystem32VPNv2CSP.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000256000 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateDeploymentProvider.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000251704 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinesam.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000251392 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000241152 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanagerprecheck.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000234496 _____ (Microsoft Corporation) C:WINDOWSsystem32iasrad.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000231936 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallServiceTasks.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000231912 _____ (Microsoft Corporation) C:WINDOWSsystem32deviceaccess.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000225792 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFoldersShell.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32srumsvc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000214016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scecli.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000211256 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000203264 _____ (Microsoft Corporation) C:WINDOWSsystem32LanguageComponentsInstaller.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000200192 _____ (Microsoft Corporation) C:WINDOWSsystem32updatepolicy.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32Win32CompatibilityAppraiserCSP.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000193848 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdumpsd.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000190048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000185952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64deviceaccess.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000179712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallServiceTasks.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000179712 _____ (Microsoft Corporation) C:WINDOWSsystem32t2embed.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000178192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspartmgr.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000164368 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000163840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64updatepolicy.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000158720 _____ (Microsoft Corporation) C:WINDOWSsystem32umpo.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000155136 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000152408 _____ (Microsoft Corporation) C:WINDOWSsystem32KerbClientShared.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000151352 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversscmbus.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000147696 _____ (Microsoft Corporation) C:WINDOWSsystem32smss.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000142544 _____ (Microsoft Corporation) C:WINDOWSsystem32LicensingUI.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000140800 _____ (Microsoft Corporation) C:WINDOWSsystem32slc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000139776 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakrathunk.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000138752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64t2embed.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000136192 _____ (Microsoft Corporation) C:WINDOWSsystem32sppc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000130560 _____ (Microsoft Corporation) C:WINDOWSsystem32StorageUsage.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000129024 _____ (Microsoft Corporation) C:WINDOWSsystem32UtcDecoderHost.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000127280 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000125952 _____ (Microsoft Corporation) C:WINDOWSsystem32fontsub.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000123952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KerbClientShared.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000122368 _____ (Microsoft Corporation) C:WINDOWSsystem32samlib.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000118272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000115120 _____ (Microsoft Corporation) C:WINDOWSsystem32phoneactivate.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000108032 _____ (Microsoft Corporation) C:WINDOWSsystem32wwanprotdim.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000103936 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3msm.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000102216 _____ (Microsoft Corporation) C:WINDOWSsystem32changepk.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000101888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppc.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000099328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontsub.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000096768 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000093712 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000092160 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3api.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000090624 _____ (Microsoft Corporation) C:WINDOWSsystem32tsgqec.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000089912 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000089336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000089088 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicAgent.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000088352 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000087552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3api.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000087040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3msm.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32iasacct.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000084280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000076288 _____ (Microsoft Corporation) C:WINDOWSsystem32autopilot.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000071680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000071480 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32keepaliveprovider.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000066624 _____ (Microsoft Corporation) C:WINDOWSsystem32iumcrypt.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32pcadm.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32tbauth.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000063488 _____ (Microsoft Corporation) C:WINDOWSsystem32srumapi.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000060928 _____ (Microsoft Corporation) C:WINDOWSsystem32mf3216.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32CloudNotifications.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000059192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorufs.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000058880 _____ C:WINDOWSsystem32runexehelper.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32wups2.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000057344 _____ (Microsoft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000051200 _____ (Microsoft Corporation) C:WINDOWSsystem32pcalua.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000050544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CloudNotifications.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000050176 _____ (Microsoft Corporation) C:WINDOWSsystem32iaspolcy.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000049152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbauth.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000047000 _____ (Microsoft Corporation) C:WINDOWSsystem32wuauclt.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000046080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mf3216.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32cmintegrator.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.Resources.Common.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32WiredNetworkCSP.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32UpgradeResultsUI.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000039424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcProxyStubs.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBrokerCookies.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000036152 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000033792 _____ (Microsoft Corporation) C:WINDOWSsystem32sxssrv.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000033080 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershwpolicy.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32wksprtPS.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32ias.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000030720 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversKNetPwrDepBroker.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cmintegrator.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000029184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBrokerCookies.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000028672 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicPS.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000028160 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversflpydisk.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32msimsg.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.ps.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32slcext.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32sbservicetrigger.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000021520 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000019968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slcext.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000018944 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssfloppy.sys 2020-04-15 17:34 – 2020-04-15 17:34 – 000017920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wksprtPS.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000017920 _____ (Microsoft Corporation) C:WINDOWSsystem32icsunattend.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000015872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.ps.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32dciman32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000012800 _____ (Microsoft Corporation) C:WINDOWSsystem32pcaevts.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000012288 _____ (Microsoft Corporation) C:WINDOWSsystem32pacjsworker.exe 2020-04-15 17:34 – 2020-04-15 17:34 – 000011776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dciman32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000010752 _____ (Microsoft Corporation) C:WINDOWSsystem32DMAlertListener.ProxyStub.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000008192 _____ (Microsoft Corporation) C:WINDOWSsystem32msimg32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DMAlertListener.ProxyStub.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000007168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimg32.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000003072 _____ (Microsoft Corporation) C:WINDOWSsystem32lpk.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64lpk.dll 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth9.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth12.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth11.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth10.bin 2020-04-15 17:34 – 2020-04-15 17:34 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin 2020-04-15 17:21 – 2020-04-15 17:22 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe 2020-04-15 17:21 – 2020-04-15 17:22 – 000390656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe 2020-04-15 15:45 – 2020-05-12 18:06 – 000000000 ____D C:ProgramDataWRCore

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-12 20:22 – 2016-02-17 04:13 – 000000000 ____D C:Program FilesCommon FilesAV 2020-05-12 20:16 – 2019-03-19 00:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft 2020-05-12 20:05 – 2018-07-16 18:15 – 000000000 ____D C:UsersphyliAppDataLocalD3DSCache 2020-05-12 18:40 – 2019-08-15 19:04 – 000003256 _____ C:WINDOWSsystem32TasksHPCeeScheduleForphyli 2020-05-12 18:40 – 2019-06-17 18:01 – 000000364 _____ C:WINDOWSTasksHPCeeScheduleForphyli.job 2020-05-12 18:09 – 2019-03-19 00:37 – 000032768 _____ C:WINDOWSsystem32configELAM 2020-05-12 18:08 – 2019-03-19 00:52 – 000000000 ___HD C:WINDOWSELAMBKUP 2020-05-12 18:07 – 2017-01-27 14:00 – 000744808 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe 2020-05-12 18:06 – 2018-01-12 13:24 – 000000000 ____D C:UsersphyliAppDataLocalLowwebroot 2020-05-12 18:06 – 2018-01-12 13:24 – 000000000 ____D C:UsersphyliAppDataLocallptmp 2020-05-12 18:01 – 2016-09-25 15:43 – 000000000 __SHD C:UsersphyliIntelGraphicsProfiles 2020-05-12 10:12 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSAppReadiness 2020-05-12 10:10 – 2019-03-19 00:52 – 000000000 ___HD C:Program FilesWindowsApps 2020-05-11 19:48 – 2019-08-15 18:57 – 000935056 _____ C:WINDOWSsystem32PerfStringBackup.INI 2020-05-11 19:48 – 2019-03-19 00:50 – 000000000 ____D C:WINDOWSINF 2020-05-11 19:42 – 2019-08-15 19:04 – 000000006 ____H C:WINDOWSTasksSA.DAT 2020-05-11 19:42 – 2019-03-19 00:37 – 000524288 _____ C:WINDOWSsystem32configBBI 2020-05-11 19:22 – 2019-08-15 18:45 – 000000000 ____D C:WINDOWSsystem32SleepStudy 2020-05-11 18:17 – 2019-08-15 18:45 – 000276104 _____ C:WINDOWSsystem32FNTCACHE.DAT 2020-05-11 18:12 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32NDF 2020-05-11 15:26 – 2018-03-16 00:06 – 000000000 ____D C:UsersphyliAppDataLocalPackages 2020-05-11 14:53 – 2018-01-12 12:48 – 000000000 ____D C:UsersphyliAppDataLocalGoToAssist Remote Support Customer 2020-05-11 12:06 – 2017-08-28 10:13 – 000002326 _____ C:UsersphyliDesktopAOL Desktop Gold.lnk 2020-05-11 12:06 – 2017-08-28 10:13 – 000000000 ____D C:UsersphyliAppDataRoamingMicrosoftWindowsStart MenuProgramsAOL Inc 2020-05-11 12:06 – 2017-08-28 10:13 – 000000000 ____D C:UsersphyliAppDataLocalAOLDesktop 2020-05-11 12:05 – 2017-08-28 10:13 – 000000000 ____D C:UsersphyliAppDataLocalSquirrelTemp 2020-05-10 04:33 – 2019-08-15 19:04 – 000003376 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-999762305-681959455-3457413626-1001 2020-05-10 04:33 – 2019-08-15 18:51 – 000002370 _____ C:UsersphyliAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk 2020-05-10 04:33 – 2016-09-25 15:46 – 000000000 ___RD C:UsersphyliOneDrive 2020-05-08 04:30 – 2018-01-12 13:28 – 000002308 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk 2020-05-08 04:30 – 2018-01-12 13:28 – 000002267 _____ C:UsersPublicDesktopGoogle Chrome.lnk 2020-05-08 04:30 – 2018-01-12 13:28 – 000002267 _____ C:ProgramDataDesktopGoogle Chrome.lnk 2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSSystemResources 2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation 2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32migwiz 2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSShellExperiences 2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSProvisioning 2020-04-15 23:43 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSbcastdvr 2020-04-15 17:38 – 2019-03-19 00:37 – 000000000 ____D C:WINDOWSCbsTemp

==================== Files in the root of some directories ========

2018-01-12 13:24 – 2018-01-12 13:24 – 018102328 _____ (Webroot Software, Inc.) C:Program Files (x86)Common Fileswruninstall.exe 2020-05-11 15:22 – 2020-05-11 15:22 – 000007601 _____ () C:UsersphyliAppDataLocalResmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================'

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2020 Ran by phyli (12-05-2020 20:56:18) Running from C:UsersphyliDownloads Windows 10 Home Version 1903 18362.778 (X64) (2019-08-15 23:04:54) Boot Mode: Normal ==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-999762305-681959455-3457413626-500 – Administrator – Disabled) DefaultAccount (S-1-5-21-999762305-681959455-3457413626-503 – Limited – Disabled) defaultuser100001 (S-1-5-21-999762305-681959455-3457413626-1003 – Limited – Enabled) Guest (S-1-5-21-999762305-681959455-3457413626-501 – Limited – Disabled) phyli (S-1-5-21-999762305-681959455-3457413626-1001 – Administrator – Enabled) => C:Usersphyli WDAGUtilityAccount (S-1-5-21-999762305-681959455-3457413626-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled – Up to date) 1122B19A-E671-38EC-8EAC-87048FD4528D AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46 AV: Webroot SecureAnywhere (Enabled – Up to date) DF901FA1-F926-253B-C464-B01C79DCAD48 AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46 AS: Webroot SecureAnywhere (Enabled – Up to date) 64F1FE45-DF1C-2AB5-FED4-8B6E025BE7F5 FW: Norton 360 (Enabled) 291930BF-AC1E-39B4-A5F3-2E31710715F6

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AOL Desktop Gold (HKUS-1-5-21-999762305-681959455-3457413626-1001…AOLDesktop) (Version: 11.0.2664 – Oath Inc.) AOL Uninstaller (Choose which Products to Remove) (HKLM-x32…AOL Uninstaller) (Version:  – AOL Inc.) Bonjour (HKLM…6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D) (Version: 3.0.0.10 – Apple Inc.) CCleaner (HKLM…CCleaner) (Version: 5.38 – Piriform) CyberLink PhotoDirector (HKLM…5A454EC5-217A-42a5-8CE1-2DDEC4E70E01) (Version: 5.0.6.7006 – CyberLink Corp.) Hidden CyberLink PhotoDirector (HKLM-x32…InstallShield_5A454EC5-217A-42a5-8CE1-2DDEC4E70E01) (Version: 5.0.6.7006 – CyberLink Corp.) CyberLink Power Media Player 14 (HKLM-x32…32C8E300-BDB4-4398-92C2-E9B7D8A233DB) (Version: 14.0.2.5801 – CyberLink Corp.) CyberLink PowerDirector 12 (HKLM…E1646825-D391-42A0-93AA-27FA810DA093) (Version: 12.0.5.4614 – CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32…InstallShield_E1646825-D391-42A0-93AA-27FA810DA093) (Version: 12.0.5.4614 – CyberLink Corp.) Dropbox 25 GB (HKLM-x32…867A88D-764F-366E-9E21-130DA8B472C3) (Version: 3.1.18.0 – Dropbox, Inc.) Dropbox Update Helper (HKLM-x32…99218A5-A723-43DC-8DB5-6173656A1E94) (Version: 1.3.295.1 – Dropbox, Inc.) Hidden Evernote v. 5.8.13 (HKLM-x32…A229420E-204B-11E5-B844-0050569584E9) (Version: 5.8.13.8152 – Evernote Corp.) Google Chrome (HKLM-x32…Google Chrome) (Version: 81.0.4044.138 – Google LLC) Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden HP Documentation (HKLM…HP_Documentation) (Version: 1.0.0.1 – HP) HP Dropbox Plugin (HKLM-x32…C54DEA1F-7A8D-410B-A675-04E0FB562CB0) (Version: 40.13.54.81239 – HP) HP Google Drive Plugin (HKLM-x32…533B4739-13DD-4AAB-9524-070B3F0CE6ED) (Version: 40.13.54.81239 – HP) HP Officejet 5740 series Basic Device Software (HKLM…8C417009-7889-42BC-8164-C74FFF358CE6) (Version: 40.13.1176.1978 – HP Inc.) HP Officejet 5740 series Help (HKLM-x32…F17D53C7-DCE8-469C-9690-CF8F5903519C) (Version: 34.0.0 – Hewlett Packard) HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.9572 – HP) HP Registration Service (HKLM…D1E8F2D7-7794-4245-B286-87ED86C1893C) (Version: 1.2.8318.5320 – Hewlett-Packard) HP Support Assistant (HKLM-x32…79C54A05-F146-4EA0-8A70-D4EFE6181E52) (Version: 8.8.24.33 – Hewlett-Packard Company) HP Support Information (HKLM-x32…76272057-98E0-4DC4-AAC3-10C546C47195) (Version: 14.00.0000 – Hewlett-Packard) HP Support Solutions Framework (HKLM-x32…55065080-504F-43BB-BE00-36B80D7D39A5) (Version: 12.15.14.3 – Hewlett-Packard Company) HP Touchpoint Analytics Client (HKLM…E5FB98E0-0784-44F0-8CEC-95CD4690C43F) (Version: 4.0.2.1439 – HP Inc.) HP Welcome (HKLM…HPWelcome) (Version: 1.0 – HP Inc.) I.R.I.S. OCR (HKLM-x32…11ED31EC-7EFA-4D56-B71D-E0214C8984CC) (Version: 12.3.7.0 – HP) Intel® Chipset Device Software (HKLM-x32…a2d9fda8-65eb-4c06-81ef-31e0a4daa335) (Version: 10.1.1.11 – Intel® Corporation) Hidden Intel® Management Engine Components (HKLM…1CEAC85D-2590-4760-800F-8DE5E91F3700) (Version: 11.0.0.1173 – Intel Corporation) Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 25.20.100.6446 – Intel Corporation) Intel® Ready Mode Technology (HKLM…9F82AA39-BB14-4BD3-98EF-D4E9E3526B7D) (Version: 1.1.70.514 – Intel Corporation) Intel® WiDi (HKLM…5DD8D7E4-87F1-4134-AD28-4228FB1A03BA) (Version: 6.0.44.0 – Intel Corporation) Intel® WiDi Software Asset Manager (HKLM-x32…86905E62-645F-482E-A417-82C812ABD787) (Version: 1.1.383 – Intel Corporation) Hidden Intel® Wireless Bluetooth® (HKLM-x32…4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265) (Version: 18.1.1546.2762 – Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32…f8c930bd-0a68-425f-8c11-87723d1e2c97) (Version: 20.90.0 – Intel Corporation) Intel® Security Assist (HKLM-x32…4B230374-6475-4A73-BA6E-41015E9C5013) (Version: 1.0.0.532 – Intel Corporation) Microsoft Office (HKLM-x32…90150000-0138-0409-0000-0000000FF1CE) (Version: 15.0.4693.1005 – Microsoft Corporation) Microsoft OneDrive (HKUS-1-5-21-999762305-681959455-3457413626-1001…OneDriveSetup.exe) (Version: 20.052.0311.0011 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation) Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.21005 (HKLM-x32…7f51bdb9-ee21-49ee-94d6-90afc321780e) (Version: 12.0.21005.1 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.21005 (HKLM-x32…ce085a78-074e-4823-8dc1-8a721b94b76d) (Version: 12.0.21005.1 – Microsoft Corporation) Minecraft (HKLM-x32…1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872) (Version: 1.0.3.0 – Mojang) Norton 360 (HKLM-x32…NGC) (Version: 22.20.2.57 – Symantec Corporation) Product Improvement Study for HP Officejet 5740 series (HKLM…D4B37902-C484-4AAC-B3B8-70C203C4FAB3) (Version: 40.13.1176.1978 – HP Inc.) Realtek Card Reader (HKLM-x32…5BC2B5AB-80DE-4E83-B8CF-426902051D0A) (Version: 10.0.10125.31214 – Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32…8833FFB6-5B0C-4764-81AA-06DFEED9A476) (Version: 10.1.505.2015 – Realtek) Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.7673 – Realtek Semiconductor Corp.) TeamViewer (HKLM-x32…TeamViewer) (Version: 15.5.3 – TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…16AD6161-2E47-4BF1-AA77-0946EFE93E08) (Version: 2.61.0.0 – Microsoft Corporation) UpdateAssistant (HKLM…E1D7CB46-BAE9-4D58-99C4-582332B1755A) (Version: 1.13.0.0 – Microsoft Corporation) Hidden Viewpoint Media Player (HKLM-x32…ViewpointMediaPlayer) (Version:  – ) Vulkan Run Time Libraries 1.0.54.1 (HKLM…VulkanRT1.0.54.1) (Version: 1.0.54.1 – LunarG, Inc.) Hidden Windows 10 Update Assistant (HKLM-x32…D5C69738-B486-402E-85AC-2456D98A64E4) (Version: 1.4.9200.22395 – Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM…5534e02f-0f5d-40dd-ba92-bea38d22384d.sdb) (Version:  – )

Packages: ========= Adblock Plus -> C:Program FilesWindowsAppsEyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-05-11] (eyeo GmbH) AdGuard AdBlocker -> C:Program FilesWindowsAppsAdguard.AdguardAdBlocker_3.3.8.0_neutral__m055xr0c82818 [2020-01-09] (Performix) Amazon -> C:Program FilesWindowsAppsAmazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-29] (Amazon.com) Candy Crush Soda Saga -> C:Program FilesWindowsAppsking.com.CandyCrushSodaSaga_1.167.200.0_x86__kgqvnymyfvs32 [2020-05-06] (king.com) Hearts Deluxe -> C:Program FilesWindowsApps26720RandomSaladGamesLLC.HeartsDeluxe_6.6.26.0_x64__kx24dqmazqk8j [2020-01-25] (Random Salad Games LLC) [MS Ad] HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-04-15] (HP Inc.) Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-27] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-27] (Microsoft Corporation) [MS Ad] Microsoft News -> C:Program FilesWindowsAppsMicrosoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad] MSN Money -> C:Program FilesWindowsAppsMicrosoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] MSN Sports -> C:Program FilesWindowsAppsMicrosoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] MSN Weather -> C:Program FilesWindowsAppsMicrosoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-10] (Netflix, Inc.) Simple Solitaire -> C:Program FilesWindowsApps26720RandomSaladGamesLLC.SimpleSolitaire_6.18.78.0_x64__kx24dqmazqk8j [2020-03-03] (Random Salad Games LLC) [MS Ad] Snapfish -> C:Program FilesWindowsAppsAD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-05] (Snapfish) TripAdvisor Hotels Flights Restaurants -> C:Program FilesWindowsAppsTripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC) Twitter -> C:Program FilesWindowsApps9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> 4433A54A-1AC8-432F-90FC-85F045CF383C => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [  OverlayPending] -> F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [  OverlayProtected] -> 476D0EA3-80F9-48B5-B70B-05E677C9C148 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> 4433A54A-1AC8-432F-90FC-85F045CF383C => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> 476D0EA3-80F9-48B5-B70B-05E677C9C148 => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program FilesNorton SecurityEngine22.20.2.57NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program FilesNorton SecurityEngine22.20.2.57NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 =>  -> No File ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:WINDOWSSystem32DriverStoreFileRepositoryki131064.inf_amd64_5d13f27a9a9843faigfxDTCM.dll [2019-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB => C:Program FilesNorton SecurityEngine22.20.2.57buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> FAD61B3D-699D-49B2-BE16-7F82CB4C59CA => C:Program FilesNorton SecurityEngine22.20.2.57NavShExt.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.i420] => C:WINDOWSsystem32lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersphyliDesktopMy AOL.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) ->  –profile-directory=Default –app-id=pigepclndadjaebpijfcjeeefpjhcdca ShortcutWithArgument: C:UsersphyliAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsMy AOL.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) ->  –profile-directory=Default –app-id=pigepclndadjaebpijfcjeeefpjhcdca ShortcutWithArgument: C:ProgramDataMicrosoftWindowsStart MenuProgramsPriceline.com.lnk -> C:Program Files (x86)Hewlett-PackardSharedWizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSMR521 => ""="Service" HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSMR521.SYS => ""="Driver" HKLMSYSTEMCurrentControlSetControlSafeBootNetworkWRBoot => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 – 2015-10-30 03:21 – 000000824 ____N C:WINDOWSsystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)InteliCLS Client;C:Program FilesInteliCLS Client;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesIntelIntel® Management Engine ComponentsIPT;%SYSTEMROOT%System32OpenSSH;C:Program FilesIntelWiFibin;C:Program FilesCommon FilesIntelWirelessCommon HKUS-1-5-21-999762305-681959455-3457413626-1001Control PanelDesktop\Wallpaper -> DNS Servers: 192.168.1.1 – 10.255.0.0 HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedStartupFolder: => "Install LastPass IE RunOnce.lnk" HKLM…StartupApprovedRun: => "RTHDVCPL" HKLM…StartupApprovedRun32: => "PowerDVD14Agent" HKLM…StartupApprovedRun32: => "WRSVC" HKLM…StartupApprovedRun32: => "HostManager" HKLM…StartupApprovedRun32: => "SecurityHealth" HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedStartupFolder: => "AOL Desktop Launcher.lnk" HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "CCleaner Monitoring" HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "OneDrive" HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "Uninstall 17.3.7076.1026amd64" HKUS-1-5-21-999762305-681959455-3457413626-1001…StartupApprovedRun: => "Uninstall 17.3.7076.1026"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [54640540-F97A-4412-900E-39472727094D] => (Allow) C:Program FilesIntelWiFibinPanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [8DC4717E-FCAF-469D-9E12-79DB0B253EF1] => (Allow) C:Program FilesCommon FilesMcAfeeMMSSHostMMSSHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [791E7CF7-C352-4609-87FE-4C2E705A6E1F] => (Allow) C:Program Files (x86)Common FilesMcafeeMMSSHostMMSSHost.exe => No File FirewallRules: [AF62C409-25E2-4AEC-9DEC-12B069A10F79] => (Allow) C:Program Files (x86)Common FilesAOLSystem Informationsinf.exe (AOL Inc. -> AOL Inc.) FirewallRules: [F3B8345F-5967-46B5-BA4F-A598A14D09D3] => (Allow) C:Program Files (x86)Common FilesAOLSystem Informationsinf.exe (AOL Inc. -> AOL Inc.) FirewallRules: [FF87652F-D92F-4FD5-B8D2-DC22659AB369] => (Allow) C:Program Files (x86)Common FilesAOLLoaderaolload.exe (AOL Inc. -> AOL Inc.) FirewallRules: [29CAECA3-8459-490A-B734-D5D8B16E5BC5] => (Allow) C:Program Files (x86)Common FilesAOLLoaderaolload.exe (AOL Inc. -> AOL Inc.) FirewallRules: [3241FBCD-FFAC-4EE7-8F09-8A5105596348] => (Allow) C:Program Files (x86)Common FilesAOLTopSpeed3.0aoltpsd3.exe (AOL Inc. -> AOL Inc.) FirewallRules: [1958B452-6813-4A87-A829-95800B9FDB77] => (Allow) C:Program Files (x86)Common FilesAOLTopSpeed3.0aoltpsd3.exe (AOL Inc. -> AOL Inc.) FirewallRules: [E46AC436-D866-4D71-B2B9-ADE4A9339A1B] => (Allow) C:Program Files (x86)AOL Desktop 9.8.2waol.exe (AOL Inc. -> AOL Inc.) FirewallRules: [975C4FE9-8C93-4A39-AD4A-033BF7D371FD] => (Allow) C:Program Files (x86)AOL Desktop 9.8.2waol.exe (AOL Inc. -> AOL Inc.) FirewallRules: [A012B925-4D8A-4CA0-90E5-ECD661D3E083] => (Allow) C:Program Files (x86)Common FilesAOL1474834258eeaolsoftware.exe (AOL Inc. -> AOL Inc.) FirewallRules: [DB6A911E-74F0-457F-BFF3-291FBD427D56] => (Allow) C:Program Files (x86)Common FilesAOL1474834258eeaolsoftware.exe (AOL Inc. -> AOL Inc.) FirewallRules: [9F2E22A7-C276-4028-875D-E9BE1FCE1F3D] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLacsd.exe (AOL Inc. -> AOL Inc.) FirewallRules: [71A37010-12B4-4407-B154-0F9980309A79] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLacsd.exe (AOL Inc. -> AOL Inc.) FirewallRules: [C733D88A-3187-4419-87C5-1A0EB1FDCCBB] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLDial.exe (AOL Inc. -> AOL Inc.) FirewallRules: [9A69636F-43A5-4523-ADC5-B05E7329E939] => (Allow) C:Program Files (x86)Common FilesAOLacsAOLDial.exe (AOL Inc. -> AOL Inc.) FirewallRules: [B745797E-820D-45A1-9096-B8F2E7D887CA] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVD CinemaPowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [8A476C2A-9A52-41E6-8608-EA62290278ED] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14MoviePowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [F4ECB65E-59C8-477E-BA52-2A2020C15832] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [76B1143C-70F8-452E-94C8-3CB3C4C595B6] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14KernelDMSCLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink) FirewallRules: [903790A5-47BC-4DE7-B8EF-5FFA2A23BFF3] => (Allow) C:Program Files (x86)CyberLinkPowerDVD14PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [70D32C90-6419-457B-8B12-37EF83F7CB75] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [9027CB07-C9CF-4D46-8607-8A1AC3201DBF] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [3770051C-48E7-46F6-85CC-DCE51562BD14] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [AB9F9C90-7C33-40D1-9DDF-CA8253003040] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [530F0275-912A-49A4-A418-E5014F38FF16] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinFaxApplications.exe (HP Inc -> HP Inc.) FirewallRules: [4E862923-0E31-4D90-A8D4-BD42EF44D066] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinDigitalWizards.exe (HP Inc -> HP Inc.) FirewallRules: [6ACD8E74-027D-4580-8EE3-351AABAB3602] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinSendAFax.exe (HP Inc -> HP Inc.) FirewallRules: [61D83D5B-BCA4-4DDA-8B89-DF5986B5E587] => (Allow) C:Program FilesHPHP Officejet 5740 seriesbinFaxPrinterUtility.exe (HP Inc -> HP Inc.) FirewallRules: [D83F6F84-CB01-4B1B-B74F-522E4ED00D68] => (Allow) C:Program FilesHPHP Officejet 5740 seriesBinDeviceSetup.exe (HP Inc -> HP Inc.) FirewallRules: [CBB4B686-C3E0-42EA-8BA8-FD001355A894] => (Allow) LPort=5357 FirewallRules: [16643FC5-67E9-487C-B277-A99B9C0B0A91] => (Allow) C:Program FilesHPHP Officejet 5740 seriesBinHPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) FirewallRules: [38841FC4-2F6E-48B2-A565-A7D70AD5936C] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC) FirewallRules: [4D96E522-6D29-4ED1-A56E-3DCF75D7A03E] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [E7F8679D-AFED-4B1A-9DCE-40715CC682D2] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [D06019FB-2384-4BB9-A71A-4CE2590E3755] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [170F4B69-67DF-4CB1-93D6-EC86EAE15F14] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

20-04-2020 17:12:46 Windows Update 28-04-2020 15:32:48 Scheduled Checkpoint 07-05-2020 12:26:10 Scheduled Checkpoint 11-05-2020 15:24:27 tech

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors: ================== Error: (05/12/2020 08:10:51 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (832,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/12/2020 06:19:26 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (11352,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/12/2020 06:12:16 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (05/12/2020 06:12:16 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (05/12/2020 06:12:16 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (05/12/2020 06:08:14 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6280,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/12/2020 10:17:45 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6160,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (05/11/2020 08:06:19 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3468,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

System errors: ============= Error: (05/11/2020 07:41:55 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server: Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (05/11/2020 07:40:58 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: 9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: 9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: 9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:40:57 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: 9E175B6D-F52A-11D8-B9A5-505054503030

Error: (05/11/2020 07:39:01 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

Error: (05/11/2020 07:38:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GIRJ15B) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

CodeIntegrity: ===================================

Date: 2020-05-12 18:10:41.976 La description: Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-05-12 18:10:35.458 La description: Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMsMpEng.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:35.390 La description: Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMsMpEng.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:35.376 La description: Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMsMpEng.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:34.197 La description: Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:34.178 La description: Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-12 18:10:32.348 La description: Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-05-12 18:10:32.302 La description: Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesNorton SecurityEngine22.20.2.57symamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: AMI A0.13 12/21/2015 Motherboard: HP 2B47 Processor: Intel® Core™ i5-6400 CPU @ 2.70GHz Percentage of memory in use: 39% Total physical RAM: 12183.87 MB Available physical RAM: 7377.78 MB Total Virtual: 14039.87 MB Available Virtual: 8974.65 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1849.94 GB) (Free:1785.56 GB) NTFS Drive d: (Recovery Image) (Fixed) (Total:11.64 GB) (Free:1.51 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (OS) (Fixed) (Total:581.11 GB) (Free:399.92 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:0.29 GB) NTFS Drive h: (Apria DVD Project June 2019) (CDROM) (Total:7.95 GB) (Free:0 GB) UDF

\?Volume43b2a7e8-a447-45e8-ac50-4bc30569771a (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.52 GB) NTFS \?Volume832b0909-50d7-4b26-88e3-66a386fdb90d (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32

==================== MBR & Partition Table ====================

========================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 2BD6946D)

Partition: GPT.

========================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 90000000) Partition 1: (Not Active) – (Size=63 MB) – (Type=DE) Partition 2: (Not Active) – (Size=15 GB) – (Type=07 NTFS) Partition 3: (Active) – (Size=581.1 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================

Click to rate this post! [Total: 0 Average: 0]