Serveur minecraft

J'ai besoin d'aide, je ne sais pas comment le nommer, j'ai été piraté J'ASSUME. – Monter un serveur MineCraft

Le 15 mars 2021 - 95 minutes de lecture


Bien sûr, Gary.

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2020

Ran by User (administrator) on DESKTOP-P2H930S (FUJITSU ESPRIMO P910) (17-10-2020 15:49:12)

Exécution à partir de C: Users User Downloads

Profils chargés: utilisateur

Plate-forme: Windows 10 Pro Version 1909 18363.1139 (X64) Langue: Anglais (États-Unis)

Navigateur par défaut: Chrome

Mode de démarrage: normal

==================== Processus (sur liste blanche) ==================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

() [File not signed] C: Program Files (x86) WOMic WOMicClient.exe

(Blizzard Entertainment, Inc. ->) C: Program Files (x86) Overwatch _retail_ ErrorReporting x64 CrashMailer_64.exe

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C: Program Files (x86) Battle.net Battle.net.exe <3>

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C: Program Files (x86) Overwatch _retail_ Overwatch.exe

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C: ProgramData Battle.net Agent Agent.7220 Agent.exe

(Discord Inc. -> Discord Inc.) C: Users User AppData Local Discord app-0.0.307 Discord.exe <6>

(Google LLC -> Google Inc.) C: Program Files (x86) Google Chrome Remote Desktop 86.0.4240.48 remoting_host.exe <2>

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <16>

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.32 GoogleCrashHandler.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.32 GoogleCrashHandler64.exe

(Intel® pGFX -> Intel Corporation) C: Windows System32 igfxCUIService.exe

(Intel® pGFX -> Intel Corporation) C: Windows System32 igfxEM.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C: Windows Microsoft.NET Framework64 v3.0 WPF PresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 GameBarPresenceWriter.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 rundll32.exe

(NVIDIA Corporation -> Node.js) C: Program Files (x86) NVIDIA Corporation NvNode NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation ShadowPlay nvsphelper64.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Windows System32 DriverStore FileRepository nv_dispi.inf_amd64_feed726c6560f7a7 Display.NvContainer NVDisplay.Container.exe <2>

(Pango Inc. -> Pango Inc.) C: Program Files (x86) Hotspot Shield 10.5.0 bin cmw_srv.exe

(Piriform Software Ltd -> Piriform Software Ltd) C: Program Files CCleaner CCleaner64.exe

(Scarlet.Crush Productions) [File not signed] C: Users User Desktop ScpServer bin ScpService.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe

(WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.) C: Program Files (x86) MalwareFox AntiMalware ZAM.exe

==================== Registre (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Exécuter: [ZAM] => C: Program Files (x86) MalwareFox AntiMalware ZAM.exe [15767792 2020-10-17] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)

HKLM-x32 … Exécuter: [Discord] => C: ProgramData SquirrelMachineInstalls Discord.exe [61370712 2020-04-20] (Discord Inc. -> Discord Inc.)

HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Common Files Java Java Update jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)

HKLM SOFTWARE Policies Microsoft Windows Defender: Restriction <==== ATTENTION

HKU S-1-5-21-1477454007-310231868-2954047188-1001 … Exécuter: [Steam] => C: Program Files (x86) Steam steam.exe [3416352 2020-10-07] (Valve -> Valve Corporation)

HKU S-1-5-21-1477454007-310231868-2954047188-1001 … Exécuter: [Discord] => C: Users User AppData Local Discord app-0.0.307 Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)

HKU S-1-5-21-1477454007-310231868-2954047188-1001 … Exécuter: [Skype for Desktop] => C: Program Files (x86) Microsoft Skype for Desktop Skype.exe [91591032 2020-04-14] (Skype Software Sarl -> Skype Technologies S.A.)

HKU S-1-5-21-1477454007-310231868-2954047188-1001 … Exécuter: [DiscordCanary] => C: Users User AppData Local DiscordCanary app-0.0.272 DiscordCanary.exe [98176824 2020-08-13] (Discord Inc. -> Discord Inc.)

HKU S-1-5-21-1477454007-310231868-2954047188-1001 … Exécuter: [CCleaner Smart Cleaning] => C: Program Files CCleaner CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)

HKLM Software Microsoft Active Setup Composants installés: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 86.0.4240.75 Installer chrmstp.exe [2020-10-12] (Google LLC -> Google LLC)

Démarrage: C: Users User AppData Roaming Microsoft Windows Menu Démarrer Programmes Startup Twitch.lnk [2020-05-05]

ShortcutTarget: Twitch.lnk -> C: Users User AppData Roaming Twitch Bin Twitch.exe (pas de fichier)

==================== Tâches planifiées (sur liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 038506CA-6106-4F78-903A-A03C0B36C9C9 – System32 Tasks NvTmRep_CrashReport3_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDendIA Corporation NvBack.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 14513F0D-07B8-4094-85C7-F309DE33FFD2 – System32 Tasks NvTmRep_CrashReport2_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvTmackend.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 27180C8F-0E8E-4DBD-8740-855E3B473D01 – System32 Tasks ProtonVPN Update => C: Program Files (x86) Proton Technologies ProtonVPN ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG ->)

Tâche: 37932F7F-62E9-4655-89CF-9F844BCA4C7C – System32 Tasks NvDriverUpdateCheckDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvContainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C: Program Files NVIDIA Corporation NvDriverUpdateCheck" -l 3 -f C: ProgramData NVIDIA NvContainerDriverUpdateCheck.log

Tâche: 41A8F879-2D00-42F9-8805-B0E837341DD4 – System32 Tasks Overwolf Updater Task => C: Program Files (x86) Overwolf OverwolfUpdater.exe

Tâche: 424187D5-9D50-4292-9BE4-C6C38531F0F8 – System32 Tasks NVIDIA GeForce Experience SelfUpdate_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA GeForce Experience Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 4D185205-A6B3-49E9-ABB1-544506A6D2DF – System32 Tasks NvTmRep_CrashReport4_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDRIA Corporation NvBackep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 4D6B0BC6-A18B-49B2-8114-D306A4889E7D – System32 Tasks Microsoft Office OfficeTelemetryAgentFallBack => C: Program Files Microsoft Office Office15 msoia.exe [375416 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 571D3965-E684-4469-A5BC-59F08444763B – System32 Tasks klcp_update => C: Program Files (x86) K-Lite Codec Pack Tools CodecTweakTool.exe [1179648 2019-03-22] () [File not signed]

Tâche: 6CC35578-4147-4DAA-AD28-6A87514A4F77 – System32 Tasks Microsoft Office OfficeTelemetryAgentLogOn => C: Program Files Microsoft Office Office15 msoia.exe [375416 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 840D2D9D-BDB4-4234-9A9F-F7B39FD116D9 – System32 Tasks NvTmRep_CrashReport1_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDRIA Corporation NvBackep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 8547FA53-93F0-4913-BE2A-3A1BA3A7A5F0 – System32 Tasks Microsoft Office Office 15 Subscription Heartbeat => C: Program Files Common Files Microsoft Shared Office15 OLicenseHeartbeat.exe [1642672 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 931139C6-82AC-465F-AB60-4AE1FEE38D03 – System32 Tasks Microsoft Office 15 Sync Maintenance for DESKTOP-P2H930S-User DESKTOP-P2H930S => C: Program Files Microsoft Office Office15 MsoSync.exe [469640 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 9B99A770-EE82-4A46-9293-303926DF31F0 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [156968 2019-04-12] (Google Inc -> Google Inc.)

Tâche: 9FF1FC6C-1E46-4F26-8C5D-B38F664AF08C – System32 Tasks NvProfileUpdaterOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Coredater.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: AF387E21-1D1E-4718-8A39-12523F7C8CBB – System32 Tasks NvNodeLauncher_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation NvNodes nlaunvn.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: B482930C-27A2-40D9-9C10-9A3380D115A4 – System32 Tasks CCleanerSkipUAC => C: Program Files CCleaner CCleaner.exe [25492152 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche: CB2ABFEE-12DD-46A5-A35B-EB86392F7888 – System32 Tasks NvBatteryBoostCheckOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvContainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C: Program Files NVIDIA Corporation NvBackend NvBatteryBoostCheck" -l 3 -f C: ProgramData NVIDIA NvContainerBatteryBoostCheck.log

Tâche: D1CE3355-37E0-4004-B2A8-AFA9803FB596 – System32 Tasks CreateExplorerShellUnelevatedTask => C: Windows explorer.exe / NOUACCHECK

Tâche: D2B35E66-18A8-4B5D-BE1C-D83AFCF3857C – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [156968 2019-04-12] (Google Inc -> Google Inc.)

Tâche: EA6ACF48-DA56-4ABA-B49E-F4BE5BF68B0B – System32 Tasks CCleaner Update => C: Program Files CCleaner CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche: F8EB8C04-8776-4008-AFB1-7EDF8AEACC49 – System32 Tasks NvProfileUpdaterDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Core Ndaterv64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

(Si une entrée est incluse dans la liste de correctifs, le fichier de la tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

==================== Internet (sur liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)

Tcpip Paramètres: [DhcpNameServer] 8.8.8.8 8.8.4.4

Tcpip .. Interfaces 07d67ed8-96d9-4113-8e86-331124243648: [DhcpNameServer] 8.8.8.8 8.8.4.4

Tcpip .. Interfaces 25e2d8db-8feb-4b32-b056-b473ea3ab323: [DhcpNameServer] 80.90.80.90 8.8.8.8

Tcpip .. Interfaces 4e807101-92e6-48ae-8682-ace1eb0c1b35: [DhcpNameServer] 8.8.8.8

Tcpip .. Interfaces 8e64b786-dd45-48d4-9812-68bc4d15cdbc: [DhcpNameServer] 192.168.42.129

Tcpip .. Interfaces c1a80cd5-06e8-4392-860a-5410075f033a: [DhcpNameServer] 8.8.8.8 8.8.4.4

HKLM SOFTWARE Policies Microsoft Internet Explorer: Restriction <==== ATTENTION

Bord:

======

DownloadDir: C: Utilisateurs Utilisateur Téléchargements

Profil Edge: C: Users User AppData Local Microsoft Edge User Data Default [2020-10-17]

Edge HKLM-x32 … Edge Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Renard de feu:

========

Profil par défaut FF: ccjm1ppn.default

FF ProfilePath: C: Users User AppData Roaming Mozilla Firefox Profiles ccjm1ppn.default [2020-10-17]

Plugin FF: @ microsoft.com / SharePoint, version = 14.0 -> C: PROGRA ~ 1 MICROS ~ 1 Office15 NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF: @ videolan.org / vlc, version = 3.0.6 -> C: Program Files VideoLAN VLC npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ foxitsoftware.com / Foxit Reader Plugin, version = 1.0, application / pdf -> C: Program Files (x86) Foxit Software Foxit Reader plugins npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @ foxitsoftware.com / Foxit Reader Plugin, version = 1.0, application / vnd.fdf -> C: Program Files (x86) Foxit Software Foxit Reader plugins npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @ foxitsoftware.com / Foxit Reader Plugin, version = 1.0, application / vnd.xdp -> C: Program Files (x86) Foxit Software Foxit Reader plugins npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @ foxitsoftware.com / Foxit Reader Plugin, version = 1.0, application / vnd.xfdf -> C: Program Files (x86) Foxit Software Foxit Reader plugins npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @ java.com / DTPlugin, version = 11.251.2 -> C: Program Files (x86) Java jre1.8.0_251 bin dtplugin npDeployJava1.dll [2020-05-07] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @ java.com / JavaPlugin, version = 11.251.2 -> C: Program Files (x86) Java jre1.8.0_251 bin plugin2 npjp2.dll [2020-05-07] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @ microsoft.com / Lync, version = 15.0 -> C: Program Files (x86) Mozilla Firefox plugins npmeetingjoinpluginoc.dll [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: PROGRA ~ 2 MICROS ~ 1 Office15 NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF HKU S-1-5-21-1477454007-310231868-2954047188-1001: @ zoom.us / ZoomVideoPlugin -> C: Users User AppData Roaming Zoom bin npzoomplugin.dll [No File]

Chrome:

=======

CHR DefaultProfile: Par défaut

Profil CHR: C: Users User AppData Local Google Chrome User Data Default [2020-10-17]

Notifications CHR: Par défaut -> hxxps: //aternos.org

CHR HomePage: Par défaut -> hxxp: //live.prolive-al.com/

CHR DefaultSearchURL: Par défaut -> hxxps: //w2g.tv/static/icons/128.png

Extension CHR: (Slides) – C: Users User AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2019-08-19]

Extension CHR: (Adblocker for Chrome – NoAds) – C: Users User AppData Local Google Chrome User Data Default Extensions alplpnakfeabeiebipdmaenpmbgknjce [2020-05-12]

Extension CHR: (Docs) – C: Users User AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2019-08-19]

Extension CHR: (Google Drive) – C: Users User AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2019-08-19]

Extension CHR: (YouTube) – C: Users User AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-19]

Extension CHR: (Watch2Gether) – C: Users User AppData Local Google Chrome User Data Default Extensions ckhgpkajcncijenfpbpplkcpakikmbgd [2020-08-11]

Extension CHR: (Sheets) – C: Users User AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2019-08-19]

Extension CHR: (Google Docs hors ligne) – C: Users User AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-15]

Extension CHR: (Bureau à distance Chrome) – C: Users User AppData Local Google Chrome User Data Default Extensions inomeogfingihgjfjlpeplalcfajhgai [2020-05-29]

Extension CHR: (Paiements Chrome Web Store) – C: Users User AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2020-04-20]

Extension CHR: (Tutturu! ~) – C: Users User AppData Local Google Chrome User Data Default Extensions oabechfelncbikgmceoncaekonbldhpk [2020-06-07]

Extension CHR: (SetupVPN – VPN gratuit à vie) – C: Users User AppData Local Google Chrome User Data Default Extensions oofgbpoabipfcfjapgnbbjjaenockbdp [2020-10-16]

Extension CHR: (Gmail) – C: Users User AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2019-08-19]

Extension CHR: (Chrome Media Router) – C: Users User AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-13]

CHR HKLM-x32 … Chrome Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Chromotage R2; C: Program Files (x86) Google Chrome Remote Desktop 86.0.4240.48 remoting_host.exe [73200 2020-09-20] (Google LLC -> Google Inc.)

R2 Ds3Service; C: Users User Desktop ScpServer bin ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]

S3 EasyAntiCheat; C: Program Files (x86) EasyAntiCheat EasyAntiCheat.exe [803440 2020-02-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S2 Freemake Improver; C: ProgramData Freemake FreemakeUtilsService FreemakeUtilsService.exe [82216 2020-05-12] (Mixbyte Inc -> Freemake)

R2 hshld_10.5.0; C: Program Files (x86) Hotspot Shield 10.5.0 bin cmw_srv.exe [223904 2020-07-24] (Pango Inc. -> Pango Inc.)

R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [7185288 2020-10-17] (Malwarebytes Inc -> Malwarebytes)

Service S3 ProtonVPN; C: Program Files (x86) Proton Technologies ProtonVPN ProtonVPNService.exe [101184 2020-06-04] (ProtonVPN AG ->)

Service de mise à jour S3 ProtonVPN; C: Program Files (x86) Proton Technologies ProtonVPN ProtonVPN.UpdateService.exe [61760 2020-06-04] (ProtonVPN AG ->)

Service S3 Rockstar; C: Program Files Rockstar Games Launcher RockstarService.exe [1453184 2020-08-05] (Rockstar Games, Inc. -> Rockstar Games)

S3 Sense; C: Program Files Windows Defender Advanced Threat Protection MsSense.exe [6153064 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 TeamViewer; C: Program Files (x86) TeamViewer TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 uncheater_bgl; C: Program Files Common Files Uncheater uncheater_bgl.exe [2097008 2020-06-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

S3 WdNisSvc; C: ProgramData Microsoft Windows Defender platform 4.18.2009.7-0 NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C: ProgramData Microsoft Windows Defender platform 4.18.2009.7-0 MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 ZAMSvc; C: Program Files (x86) MalwareFox AntiMalware ZAM.exe [15767792 2020-10-17] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)

R2 NVDisplay.ContainerLocalSystem; C: WINDOWS System32 DriverStore FileRepository nv_dispi.inf_amd64_feed726c6560f7a7 Display.NvContainer NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f% ProgramData% NVIDIA NVDlisplay -f% ProgramData% NVIDIA NVDlisplay-local: WINDOWS System32 DriverStore FileRepository nv_dispi.inf_amd64_feed726c6560f7a7 Display.NvContainer plugins LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem LocalSystem

===================== Pilotes (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R3 AmdTools64; C: WINDOWS System32 drivers AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)

R3 athur; C: WINDOWS System32 drivers athurx.sys [1847296 2010-01-05] (Éditeur de compatibilité matérielle Microsoft Windows -> Atheros Communications, Inc.)

R1 ESProtectionDriver; C: WINDOWS system32 drivers mbae64.sys [153312 2020-10-17] (Malwarebytes Corporation -> Malwarebytes)

R3 EuMusDesignVirtualAudioCableWdm; C: WINDOWS System32 drivers vrtaucbl.sys [66728 2010-02-16] (NTONYX Ltd. -> Eugene V. Muzychenko)

S3 gdrv2; C: Windows gdrv2.sys [32600 2020-04-20] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

R2 MBAMChameleon; C: WINDOWS System32 Drivers MbamChameleon.sys [218112 2020-10-17] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C: WINDOWS System32 DRIVERS MbamElam.sys [19912 2020-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C: WINDOWS System32 DRIVERS farflt.sys [197280 2020-10-17] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C: WINDOWS system32 DRIVERS mbam.sys [74936 2020-10-17] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C: WINDOWS System32 Drivers mbamswissarmy.sys [248968 2020-10-17] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C: WINDOWS system32 DRIVERS mwac.sys [134304 2020-10-17] (Malwarebytes Inc -> Malwarebytes)

R1 pango_netfilter2; C: WINDOWS System32 drivers pango_netfilter2.sys [84472 2020-07-24] (Éditeur de compatibilité matérielle Microsoft Windows -> Pango Inc)

S3 ProtonVPNSplitTunnel; C: Program Files (x86) Proton Technologies ProtonVPN x64 Win10 ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Éditeur de compatibilité matérielle Microsoft Windows -> Proton Technologies AG)

R3 ScpVBus; C: WINDOWS System32 drivers ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)

S3 ssudmdm; C: WINDOWS system32 DRIVERS ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

Microphone SteamStreaming R3; C: WINDOWS system32 drivers SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. ->)

R3 SteamStreamingSpeakers; C: WINDOWS system32 drivers SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. ->)

S3 tap-tb-0901; C: WINDOWS System32 drivers tap-tb-0901.sys [38656 2020-04-08] (TunnelBear, Inc. -> Le projet OpenVPN)

R3 tap0901; C: WINDOWS System32 drivers tap0901.sys [39920 2019-10-23] (Éditeur de compatibilité matérielle Microsoft Windows -> Le projet OpenVPN)

R3 tapprotonvpn; C: WINDOWS System32 drivers tapprotonvpn.sys [49008 2020-04-06] (Éditeur de compatibilité matérielle Microsoft Windows -> Le projet OpenVPN)

U5 vwifimp; C: Windows System32 Drivers vwifimp.sys [50176 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

S3 WdBoot; C: WINDOWS system32 drivers wd WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C: WINDOWS system32 drivers wd WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C: WINDOWS System32 drivers wd WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)

R3 wovad_micarray; C: WINDOWS system32 drivers womic.sys [34496 2020-02-16] (Éditeur de compatibilité matérielle Microsoft Windows -> Fournisseur DDK Windows ® Win 7)

S3 xhunter1; C: Windows xhunter1.sys [74552 2020-06-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

R1 ZAM; C: WINDOWS System32 drivers zam64.sys [203680 2020-10-17] (Zemana Ltd. -> Zemana Ltd.)

R1 ZAM_Guard; C: WINDOWS System32 drivers zamguard64.sys [203680 2020-10-17] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (sur liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

==================== Un mois (créé) ===================

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)

2020-10-17 15:49 – 2020-10-17 15:50 – 000023987 _____ C: Users User Downloads FRST.txt

2020-10-17 15:48 – 2020-10-17 15:49 – 000000000 ____D C: FRST

2020-10-17 15:48 – 2020-10-17 15:48 – 002299904 _____ (Farbar) C: Users User Downloads FRST64.exe

2020-10-17 15:12 – 2020-10-17 15:12 – 000197280 _____ (Malwarebytes) C: WINDOWS system32 Drivers farflt.sys

2020-10-17 15:12 – 2020-10-17 15:12 – 000134304 _____ (Malwarebytes) C: WINDOWS system32 Drivers mwac.sys

2020-10-17 15:12 – 2020-10-17 15:12 – 000074936 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbam.sys

2020-10-17 15:08 – 2020-10-17 15:09 – 000000000 ____D C: AdwCleaner

2020-10-17 15:08 – 2020-10-17 15:08 – 008447152 _____ (Malwarebytes) C: Users User Downloads adwcleaner_8.0.8.exe

2020-10-17 14:59 – 2020-10-17 14:59 – 000378198 _____ C: Users User Documents cc_20201017_145940.reg

2020-10-17 14:40 – 2020-10-17 14:40 – 000000000 ____D C: Users User AppData Roaming Mozilla

2020-10-17 14:40 – 2020-10-17 14:40 – 000000000 ____D C: Users User AppData Local Mozilla

2020-10-17 13:12 – 2020-10-17 13:12 – 000000000 ____D C: Users User AppData Local mbam

2020-10-17 13:11 – 2020-10-17 13:11 – 000248968 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbamswissarmy.sys

2020-10-17 13:11 – 2020-10-17 13:11 – 000218112 _____ (Malwarebytes) C: WINDOWS system32 Drivers MbamChameleon.sys

2020-10-17 13:11 – 2020-10-17 13:11 – 000153312 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbae64.sys

2020-10-17 13:11 – 2020-10-17 13:11 – 000019912 _____ (Malwarebytes) C: WINDOWS system32 Drivers MbamElam.sys

2020-10-17 13:11 – 2020-10-17 13:11 – 000002033 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Malwarebytes.lnk

2020-10-17 13:11 – 2020-10-17 13:11 – 000002021 _____ C: Users Public Desktop Malwarebytes.lnk

2020-10-17 13:11 – 2020-10-17 13:11 – 000002021 _____ C: ProgramData Desktop Malwarebytes.lnk

2020-10-17 13:11 – 2020-10-17 13:11 – 000000000 ____D C: ProgramData Malwarebytes

2020-10-17 13:10 – 2020-10-17 13:10 – 002062144 _____ (Malwarebytes) C: Users User Downloads MBSetup.exe

2020-10-17 13:10 – 2020-10-17 13:10 – 000000000 ____D C: Program Files Malwarebytes

2020-10-17 12:52 – 2020-10-17 13:52 – 000000000 ____D C: Users User AppData Roaming Battle.net

2020-10-17 12:32 – 2020-10-17 12:33 – 000000217 _____ C: Users User Desktop hey ratter.txt

2020-10-17 12:29 – 2020-10-17 15:50 – 000099878 _____ C: WINDOWS ZAM.krnl.trace

2020-10-17 12:29 – 2020-10-17 15:50 – 000065079 _____ C: WINDOWS ZAM_Guard.krnl.trace

2020-10-17 12:29 – 2020-10-17 12:29 – 006617512 _____ (Zemana Ltd.) C: Users User Downloads MalwareFox.exe

2020-10-17 12:29 – 2020-10-17 12:29 – 000203680 _____ (Zemana Ltd.) C: WINDOWS system32 Drivers zamguard64.sys

2020-10-17 12:29 – 2020-10-17 12:29 – 000203680 _____ (Zemana Ltd.) C: WINDOWS system32 Drivers zam64.sys

2020-10-17 12:29 – 2020-10-17 12:29 – 000001255 _____ C: Users Public Desktop MalwareFox AntiMalware.lnk

2020-10-17 12:29 – 2020-10-17 12:29 – 000001255 _____ C: ProgramData Desktop MalwareFox AntiMalware.lnk

2020-10-17 12:29 – 2020-10-17 12:29 – 000000000 ____D C: Users User AppData Local Zemana

2020-10-17 12:29 – 2020-10-17 12:29 – 000000000 ____D C: Users User AppData Local Wolf of Webstreet OPC Private Limited

2020-10-17 12:29 – 2020-10-17 12:29 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes MalwareFox AntiMalware

2020-10-17 12:29 – 2020-10-17 12:29 – 000000000 ____D C: Program Files (x86) MalwareFox AntiMalware

2020-10-16 15:41 – 2020-10-16 15:46 – 000000000 ___HD C: Users User Desktop Wolfram pour Minecraft 1.10

2020-10-16 15:36 – 2020-10-16 15:36 – 000000000 ____D C: Users User AppData Local CherryPlayer

2020-10-16 15:34 – 2020-10-16 15:34 – 000000000 ____D C: Users User AppData Local DarlingiaWebsfzManager

2020-10-16 02:38 – 2020-10-16 17:13 – 000000000 ____D C: Program Files (x86) Call of Duty Black Ops Cold War Beta

2020-10-15 04:35 – 2020-10-06 02:13 – 000835472 _____ (Adobe) C: WINDOWS SysWOW64 FlashPlayerApp.exe

2020-10-15 04:35 – 2020-10-06 02:13 – 000179608 _____ (Adobe) C: WINDOWS SysWOW64 FlashPlayerCPLApp.cpl

2020-10-14 16:37 – 2020-10-14 16:37 – 011630080 _____ (Microsoft Corporation) C: WINDOWS system32 wmp.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 009728512 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 wmp.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000943616 _____ (Microsoft Corporation) C: WINDOWS system32 fveapi.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000839680 _____ (Microsoft Corporation) C: WINDOWS system32 fvewiz.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000800576 _____ (Microsoft Corporation) C: WINDOWS system32 Drivers fvevol.sys

2020-10-14 16:37 – 2020-10-14 16:37 – 000724992 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 fveapi.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000409088 _____ (Microsoft Corporation) C: WINDOWS system32 fveapibase.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000400896 _____ (Microsoft Corporation) C: WINDOWS system32 bdechangepin.exe

2020-10-14 16:37 – 2020-10-14 16:37 – 000340992 _____ (Microsoft Corporation) C: WINDOWS system32 fvecpl.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000339456 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 fveapibase.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000333824 _____ (Microsoft Corporation) C: WINDOWS system32 fveui.dll

2020-10-14 16:37 – 2020-10-14 16:37 – 000093112 _____ (Microsoft Corporation) C: WINDOWS system32 Drivers dumpfve.sys

2020-10-14 16:36 – 2020-10-14 16:36 – 032928928 _____ (Microsoft Corporation) C: WINDOWS system32 WindowsCodecsRaw.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 031599448 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 WindowsCodecsRaw.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 025445888 _____ (Microsoft Corporation) C: WINDOWS system32 Hydrogen.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 022646784 _____ (Microsoft Corporation) C: WINDOWS system32 mshtml.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 019852288 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 edgehtml.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 019812864 _____ (Microsoft Corporation) C: WINDOWS system32 HologramWorld.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 018035200 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mshtml.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 008010752 _____ (Microsoft Corporation) C: WINDOWS system32 mstscax.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 007289344 _____ (Microsoft Corporation) C: WINDOWS system32 ieframe.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 007012864 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mstscax.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 006307840 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 ieframe.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 005507072 _____ (Microsoft Corporation) C: WINDOWS system32 cdp.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 005008896 _____ (Microsoft Corporation) C: WINDOWS system32 MFMediaEngine.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 004608512 _____ (Microsoft Corporation) C: WINDOWS system32 msi.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 004547072 _____ (Microsoft Corporation) C: WINDOWS system32 DHolographicDisplay.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 004348928 _____ (Microsoft Corporation) C: WINDOWS system32 Windows.Mirage.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 004310016 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 cdp.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 004129416 _____ (Microsoft Corporation) C: WINDOWS system32 mfcore.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 003635712 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 MFMediaEngine.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 003525600 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfcore.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 003507200 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msi.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 003243080 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.Mirage.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002950264 _____ (Microsoft Corporation) C: WINDOWS system32 mfmp4srcsnk.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002588688 _____ (Microsoft Corporation) C: WINDOWS system32 WMVDECOD.DLL

2020-10-14 16:36 – 2020-10-14 16:36 – 002495248 _____ (Microsoft Corporation) C: WINDOWS system32 msmpeg2vdec.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002422400 _____ (Microsoft Corporation) C: WINDOWS system32 WMVCORE.DLL

2020-10-14 16:36 – 2020-10-14 16:36 – 002315984 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msmpeg2vdec.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002259192 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 WMVDECOD.DLL

2020-10-14 16:36 – 2020-10-14 16:36 – 002230224 _____ (Microsoft Corporation) C: WINDOWS system32 mfasfsrcsnk.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002227512 _____ (Microsoft Corporation) C: WINDOWS system32 ResetEngine.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002192696 _____ (Microsoft Corporation) C: WINDOWS system32 AppVEntSubsystems64.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 002138264 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 WMVCORE.DLL

2020-10-14 16:36 – 2020-10-14 16:36 – 002133312 _____ (Microsoft Corporation) C: WINDOWS system32 wsp_fs.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001869696 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfmp4srcsnk.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001789752 _____ (Microsoft Corporation) C: WINDOWS system32 wsp_health.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001783984 _____ (Microsoft Corporation) C:WINDOWSsystem32winmde.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001719616 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntVirtualization.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001616696 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVIntegration.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001615360 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramCompositor.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001523712 _____ (Microsoft Corporation) C:WINDOWSsystem32mstsc.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 001506112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsp_fs.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001499456 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVEntSubsystems32.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001386808 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntSubsystemController.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001298752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsp_health.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001285120 _____ (Microsoft Corporation) C:WINDOWSsystem32werconcpl.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001272160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfasfsrcsnk.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001249792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mstsc.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 001218048 _____ (Microsoft Corporation) C:WINDOWSsystem32reseteng.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001151816 _____ (Microsoft Corporation) C:WINDOWSsystem32mfmpeg2srcsnk.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001139200 _____ (Microsoft Corporation) C:WINDOWSsystem32nettrace.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001099608 _____ (Microsoft Corporation) C:WINDOWSsystem32mfds.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001098728 _____ (Microsoft Corporation) C:WINDOWSsystem32DolbyDecMFT.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001047352 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVPolicy.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001012784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmpeg2srcsnk.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 001000960 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.Internal.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000992256 _____ (Microsoft Corporation) C:WINDOWSsystem32imapi2fs.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000986112 _____ (Microsoft Corporation) C:WINDOWSsystem32Spectrum.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000959808 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVManifest.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000936448 _____ (Microsoft Corporation) C:WINDOWSsystem32autoconv.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000910336 _____ (Microsoft Corporation) C:WINDOWSsystem32autofmt.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000896512 _____ (Microsoft Corporation) C:WINDOWSsystem32RecoveryDrive.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000891904 _____ (Microsoft Corporation) C:WINDOWSsystem32HolographicExtensions.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000882688 _____ (Microsoft Corporation) C:WINDOWSsystem32CPFilters.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000868352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64imapi2fs.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000864768 _____ (Microsoft Corporation) C:WINDOWSsystem32ieproxy.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000855552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64autoconv.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000843776 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000834560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64autofmt.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000827184 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVOrchestration.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000816456 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVEntStreamingManager.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000807424 _____ (Microsoft Corporation) C:WINDOWSSysWOW64clusapi.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000797696 _____ (Microsoft Corporation) C:WINDOWSsystem32pwcreator.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000776704 _____ (Microsoft Corporation) C:WINDOWSsystem32nshwfp.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000748384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfds.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000743224 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVReporting.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000711168 _____ (Microsoft Corporation) C:WINDOWSsystem32AppReadiness.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000701440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000692224 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000666432 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVCatalog.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000649016 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVPublishing.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000609280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64nshwfp.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000576512 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverscsc.sys

2020-10-14 16:36 – 2020-10-14 16:36 – 000563712 _____ (Microsoft Corporation) C:WINDOWSsystem32gpedit.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000543744 _____ (Microsoft Corporation) C:WINDOWSsystem32scrptadm.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000534528 _____ (Microsoft Corporation) C:WINDOWSsystem32AdmTmpl.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000529920 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000516544 _____ (Microsoft Corporation) C:WINDOWSsystem32mf.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000515584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gpedit.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000513848 _____ (Microsoft Corporation) C:WINDOWSsystem32systemreset.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000498176 _____ (Microsoft Corporation) C:WINDOWSsystem32werui.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000498176 _____ (Microsoft Corporation) C:WINDOWSsystem32HolographicRuntimes.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000494904 _____ (Microsoft Corporation) C:WINDOWSsystem32TransportDSA.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000477696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64resutils.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000466432 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scrptadm.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000430592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64werui.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000429056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AdmTmpl.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000415744 _____ (Microsoft Corporation) C:WINDOWSsystem32tracerpt.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000396088 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVScripting.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000376320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tracerpt.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000374784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieproxy.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000353792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msrd3x40.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000294400 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_AnalogShell.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000259384 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVFileSystemMetadata.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000231224 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVShNotify.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000230200 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVStreamMap.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000224768 _____ (Microsoft Corporation) C:WINDOWSsystem32DWWIN.EXE

2020-10-14 16:36 – 2020-10-14 16:36 – 000202552 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVStreamingUX.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000198656 _____ (Microsoft Corporation) C:WINDOWSsystem32appmgmts.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000186880 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DWWIN.EXE

2020-10-14 16:36 – 2020-10-14 16:36 – 000186368 _____ (Microsoft Corporation) C:WINDOWSsystem32ResetEngOnline.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000184632 _____ (Microsoft Corporation) C:WINDOWSsystem32mavinject.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000181560 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVDllSurrogate.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000172856 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVNice.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000160768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appmgmts.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000152064 _____ (Microsoft Corporation) C:WINDOWSsystem32fdWSD.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000148280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mavinject.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000145216 _____ (Microsoft Corporation) C:WINDOWSsystem32CscMig.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000133632 _____ (Microsoft Corporation) C:WINDOWSsystem32appvetwclientres.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000127488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fdWSD.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000125440 _____ (Microsoft Corporation) C:WINDOWSsystem32wercplsupport.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000119808 _____ (Microsoft Corporation) C:WINDOWSsystem32WinHvEmulation.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000114688 _____ (Microsoft Corporation) C:WINDOWSsystem32logman.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000108032 _____ (Microsoft Corporation) C:WINDOWSsystem32provmigrate.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000097280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logman.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000089088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fdSSDP.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000065536 _____ (Microsoft Corporation) C:WINDOWSsystem32iemigplugin.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000063488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iemigplugin.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000063488 _____ (Microsoft Corporation) C:WINDOWSsystem32tsgqec.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000053760 _____ (Microsoft Corporation) C:WINDOWSsystem32relog.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000051712 _____ (Microsoft Corporation) C:WINDOWSsystem32gpscript.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000050688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tsgqec.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000048128 _____ (Microsoft Corporation) C:WINDOWSsystem32typeperf.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000045568 _____ (Microsoft Corporation) C:WINDOWSSysWOW64relog.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32gpscript.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000041984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64typeperf.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000041272 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVClientPS.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000040960 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gpscript.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000037888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gpscript.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000037688 _____ (Microsoft Corporation) C:WINDOWSsystem32SyncAppvPublishingServer.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000030208 _____ (Microsoft Corporation) C:WINDOWSsystem32gpupdate.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000026936 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVClientPS.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimsg.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32msimsg.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000025088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gpupdate.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000025088 _____ (Microsoft Corporation) C:WINDOWSsystem32diskperf.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000021816 _____ (Microsoft Corporation) C:WINDOWSsystem32ScriptRunner.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000021504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64diskperf.exe

2020-10-14 16:36 – 2020-10-14 16:36 – 000020288 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVTerminator.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000018248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVTerminator.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000015160 _____ (Microsoft Corporation) C:WINDOWSsystem32AppVSentinel.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000013824 _____ (Microsoft Corporation) C:WINDOWSsystem32appvetwstreamingux.dll

2020-10-14 16:36 – 2020-10-14 16:36 – 000013624 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppVSentinel.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 014818304 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Xaml.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 009924928 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 007604576 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 006525952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 006437376 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 005768256 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shell32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 005112320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64twinui.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 003805696 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 003748352 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_nt.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 003371168 _____ (Microsoft Corporation) C:WINDOWSsystem32combase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002986288 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 002799616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 002777184 _____ (Microsoft Corporation) C:WINDOWSsystem32iertutil.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002775688 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002740736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64directml.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002737664 _____ (Microsoft Corporation) C:WINDOWSsystem32WebRuntimeManager.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002696512 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversntfs.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 002585024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64combase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002491032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CoreUIComponents.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002262784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iertutil.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 002092328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001999440 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001958072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msxml6.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001916752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AudioEng.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001856000 _____ (Microsoft Corporation) C:WINDOWSsystem32urlmon.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001845912 _____ (Microsoft Corporation) C:WINDOWSsystem32d3d9.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001751040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallService.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001705472 _____ (Microsoft Corporation) C:WINDOWSsystem32msxml3.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001698816 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001686016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64urlmon.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001672552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.ApplicationModel.Store.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001665728 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001664688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001653800 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001617088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64d3d9.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001593344 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadtb.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001564984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpserverbase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001521664 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dbghelp.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001477120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dcomp.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001459712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GdiPlus.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001436032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msvbvm60.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001421392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gdi32full.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001408512 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettings.Handlers.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001397568 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 001393952 _____ (Microsoft Corporation) C:WINDOWSsystem32WinTypes.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001335608 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ttdrecordcpu.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001327616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msxml3.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001285120 _____ (Microsoft Corporation) C:WINDOWSsystem32usermgr.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001271808 _____ (Microsoft Corporation) C:WINDOWSsystem32gpsvc.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001265152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpsharercom.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001259720 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001246208 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBroker.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001214976 _____ (Microsoft Corporation) C:WINDOWSsystem32sdclt.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 001214464 _____ (Microsoft Corporation) C:WINDOWSsystem32sdengin2.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001182744 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ucrtbase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001170960 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcrt4.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001154440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AudioSes.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001084928 _____ (Microsoft Corporation) C:WINDOWSsystem32clusapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001077056 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 001053120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msctf.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001024656 _____ (Microsoft Corporation) C:WINDOWSsystem32ucrtbase.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 001004872 _____ (Microsoft Corporation) C:WINDOWSsystem32DismApi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000950272 _____ (Microsoft Corporation) C:WINDOWSsystem32rasmans.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000933288 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthService.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000907072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ReAgent.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000894024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WinTypes.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000893624 _____ (Microsoft Corporation) C:WINDOWSsystem32ci.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000890432 _____ (Microsoft Corporation) C:WINDOWSsystem32wer.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000877056 _____ (Microsoft Corporation) C:WINDOWSSysWOW64autochk.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000871936 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Security.Authentication.Web.Core.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000860160 _____ C:WINDOWSsystem32MBR2GPT.EXE

2020-10-14 16:35 – 2020-10-14 16:35 – 000845312 _____ (Microsoft Corporation) C:WINDOWSsystem32winlogon.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000844088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CloudExperienceHostCommon.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000837120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TpmCoreProvisioning.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000835672 _____ (Microsoft Corporation) C:WINDOWSsystem32fontdrvhost.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000833344 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LicenseManager.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000797456 _____ (Microsoft Corporation) C:WINDOWSsystem32oleaut32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000787456 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kerberos.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000784000 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000782656 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000777216 _____ (Microsoft Corporation) C:WINDOWSsystem32tdh.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000775480 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000767984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rpcrt4.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000741696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DismApi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000705536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BTAGService.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000693128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wer.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000682736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontdrvhost.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000676864 _____ (Microsoft Corporation) C:WINDOWSsystem32lsm.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000675024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppXDeploymentClient.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000639392 _____ (Microsoft Corporation) C:WINDOWSsystem32msvcp_win.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000635904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64apphelp.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000632320 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tdh.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000629248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SmartcardCredentialProvider.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000628416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000628032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LicensingWinRT.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000623616 _____ (Microsoft Corporation) C:WINDOWSsystem32resutils.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000614912 _____ (Microsoft Corporation) C:WINDOWSsystem32netprofmsvc.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000599864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wimgapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000598336 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000596992 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000593416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64oleaut32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000586560 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnetio.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000555520 _____ (Microsoft Corporation) C:WINDOWSsystem32cmdial32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000551624 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sxs.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000546968 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanager.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000543744 _____ (Microsoft Corporation) C:WINDOWSsystem32ResourceMapper.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000533504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000518456 _____ (Microsoft Corporation) C:WINDOWSsystem32WerFault.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000512000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64untfs.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000501000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msvcp_win.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000499200 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.FileExplorer.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000492032 _____ (Microsoft Corporation) C:WINDOWSsystem32profsvc.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000491008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cmdial32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000488568 _____ (Microsoft Corporation) C:WINDOWSsystem32ucrtbase_enclave.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS

2020-10-14 16:35 – 2020-10-14 16:35 – 000474432 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000468944 _____ (Microsoft Corporation) C:WINDOWSSysWOW64policymanager.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000467952 _____ (Microsoft Corporation) C:WINDOWSsystem32Faultrep.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000455680 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversks.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000453944 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WerFault.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000444416 _____ (Microsoft Corporation) C:WINDOWSsystem32edgeIso.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000439296 _____ (Microsoft Corporation) C:WINDOWSsystem32rascustom.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000437568 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversfltMgr.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000435200 _____ (Microsoft Corporation) C:WINDOWSsystem32wincorlib.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000422000 _____ (Microsoft Corporation) C:WINDOWSsystem32SgrmEnclave_secure.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000405936 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Faultrep.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000375504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AUDIOKSE.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000362296 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthAgent.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000350208 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MicrosoftAccountWAMExtension.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000337408 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnetbt.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64es.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000328192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgeIso.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000326656 _____ (Microsoft Corporation) C:WINDOWSsystem32DeveloperOptionsSettingsHandlers.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000308736 _____ (Microsoft Corporation) C:WINDOWSsystem32msIso.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000307712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wincorlib.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000300704 _____ (Microsoft Corporation) C:WINDOWSsystem32skci.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000287232 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcomapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000285560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wintrust.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000284504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ttdwriter.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000283648 _____ (Microsoft Corporation) C:WINDOWSsystem32cryptui.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000280888 _____ (Microsoft Corporation) C:WINDOWSsystem32Dism.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000279040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppxAllUserStore.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000272384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppLockerCSP.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000254976 _____ (Microsoft Corporation) C:WINDOWSsystem32BitLockerCsp.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000251904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msIso.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000247856 _____ (Microsoft Corporation) C:WINDOWSsystem32weretw.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000244736 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndproxy.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000239104 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mdmregistration.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000239104 _____ (Microsoft Corporation) C:WINDOWSsystem32dpapisrv.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000236032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cryptui.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000229888 _____ (Microsoft Corporation) C:WINDOWSsystem32wersvc.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000228864 _____ (Microsoft Corporation) C:WINDOWSsystem32netprofm.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000228352 _____ (Microsoft Corporation) C:WINDOWSsystem32sppnp.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000224568 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Dism.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000223744 _____ (Microsoft Corporation) C:WINDOWSsystem32TabSvc.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000222008 _____ (Microsoft Corporation) C:WINDOWSsystem32wermgr.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000213784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EditionUpgradeManagerObj.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000211256 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000204104 _____ (Microsoft Corporation) C:WINDOWSsystem32unattend.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000199992 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wermgr.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000193592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64weretw.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000188224 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ifsutil.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000188208 _____ (Microsoft Corporation) C:WINDOWSsystem32ActionQueue.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000183808 _____ (Microsoft Corporation) C:WINDOWSsystem32spopk.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000179712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallServiceTasks.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000176440 _____ (Microsoft Corporation) C:WINDOWSsystem32uxlib.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000168448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EditionUpgradeHelper.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000166936 _____ (Microsoft Corporation) C:WINDOWSsystem32vertdll.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000165840 _____ (Microsoft Corporation) C:WINDOWSsystem32WerFaultSecure.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000164352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64updatepolicy.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000164352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BitLockerCsp.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000150328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WerFaultSecure.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000149304 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ulib.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000148992 _____ (Microsoft Corporation) C:WINDOWSsystem32sdrsvc.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000146432 _____ (Microsoft Corporation) C:WINDOWSSysWOW64spopk.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000144896 _____ (Microsoft Corporation) C:WINDOWSsystem32setupcln.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000143872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SpatialAudioLicenseSrv.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000141632 _____ (Microsoft Corporation) C:WINDOWSsystem32migisol.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000141520 _____ (Microsoft Corporation) C:WINDOWSsystem32userenv.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000131072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srpapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000130112 _____ (Microsoft Corporation) C:WINDOWSsystem32gpapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000125952 _____ (Microsoft Corporation) C:WINDOWSsystem32fontsub.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000125440 _____ (Microsoft Corporation) C:WINDOWSsystem32sdshext.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000124928 _____ (Microsoft Corporation) C:WINDOWSSysWOW64setupcln.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000118784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64setupugc.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000117208 _____ (Microsoft Corporation) C:WINDOWSSysWOW64userenv.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000111536 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gpapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000108856 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthProxyStub.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000108544 _____ (Microsoft Corporation) C:WINDOWSsystem32fdSSDP.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000107520 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GraphicsCapture.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000103424 _____ (Microsoft Corporation) C:WINDOWSsystem32MuiUnattend.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000101888 _____ (Microsoft Corporation) C:WINDOWSsystem32spbcd.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000099328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontsub.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000093512 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000092672 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswanarp.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000089336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000084280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000073728 _____ (Microsoft Corporation) C:WINDOWSsystem32djoin.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000072824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64remoteaudioendpoint.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000071168 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBrokerUI.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000071168 _____ (Microsoft Corporation) C:WINDOWSsystem32cryptext.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000068416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DeviceReactivation.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000063296 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthHost.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000060416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cryptext.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000059904 _____ (Microsoft Corporation) C:WINDOWSsystem32PnPUnattend.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000057664 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000054720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appidapi.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000054272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBrokerUI.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000051632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel.appcore.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000049152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbauth.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000045056 _____ (Microsoft Corporation) C:WINDOWSsystem32npmproxy.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000044544 _____ (Microsoft Corporation) C:WINDOWSsystem32werdiagcontroller.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000043520 _____ (Microsoft Corporation) C:WINDOWSsystem32LaunchWinApp.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000038912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64werdiagcontroller.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000036352 _____ (Microsoft Corporation) C:WINDOWSsystem32sxstrace.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000035840 _____ C:WINDOWSsystem32deploymentcsphelper.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000034816 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmskssrv.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000033280 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LaunchWinApp.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000032768 _____ (Microsoft Corporation) C:WINDOWSsystem32dnscacheugc.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000030208 _____ (Microsoft Corporation) C:WINDOWSsystem32netiougc.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sxstrace.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000029696 _____ (Microsoft Corporation) C:WINDOWSsystem32nlmproxy.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000029184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBrokerCookies.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000028672 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversndistapi.sys

2020-10-14 16:35 – 2020-10-14 16:35 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32netbtugc.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000021312 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000020992 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sdbinst.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000020992 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appidtel.exe

2020-10-14 16:35 – 2020-10-14 16:35 – 000020480 _____ (Microsoft Corporation) C:WINDOWSsystem32EsdSip.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000017408 _____ (Microsoft Corporation) C:WINDOWSsystem32nlmsprep.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32dciman32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32d3d8thk.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000012800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64d3d8thk.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000011776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dciman32.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000005632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shimeng.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000003584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TpmCertResources.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000003072 _____ (Microsoft Corporation) C:WINDOWSsystem32lpk.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tzres.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msxml6r.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msxml3r.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64lpk.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32tzres.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32msxml3r.dll

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth9.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth12.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth11.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth10.bin

2020-10-14 16:35 – 2020-10-14 16:35 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin

2020-10-14 16:34 – 2020-10-14 16:35 – 000636856 _____ (Microsoft Corporation) C:WINDOWSsystem32sxs.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 017790976 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 007271752 _____ (Microsoft Corporation) C:WINDOWSsystem32shell32.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 004565248 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 004140544 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettingsThresholdAdminFlowUI.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 004050944 _____ (Microsoft Corporation) C:WINDOWSsystem32SRH.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 003985920 _____ (Microsoft Corporation) C:WINDOWSsystem32tellib.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 003728384 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 003725824 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 003581248 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 003545088 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 003327776 _____ (Microsoft Corporation) C:WINDOWSsystem32CoreUIComponents.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 003232064 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 003143168 _____ (Microsoft Corporation) C:WINDOWSsystem32directml.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002712064 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 002556224 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateAgent.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002485248 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallService.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002455928 _____ (Microsoft Corporation) C:WINDOWSsystem32msxml6.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002296832 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.onecore.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002260832 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.ApplicationModel.Store.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002125392 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002074624 _____ (Microsoft Corporation) C:WINDOWSsystem32ISM.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 002007360 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001967104 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001947688 _____ (Microsoft Corporation) C:WINDOWSsystem32dcomp.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001942016 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001918976 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001833272 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpserverbase.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001756592 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2020-10-14 16:34 – 2020-10-14 16:34 – 001751552 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.desktop.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001743688 _____ (Microsoft Corporation) C:WINDOWSsystem32sppobjs.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001656904 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001618704 _____ (Microsoft Corporation) C:WINDOWSsystem32ttdrecordcpu.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001614848 _____ (Microsoft Corporation) C:WINDOWSsystem32wpncore.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001512840 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 001499136 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBroker.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001487360 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpsharercom.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001413712 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001375744 _____ (Microsoft Corporation) C:WINDOWSsystem32NotificationController.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001366136 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2020-10-14 16:34 – 2020-10-14 16:34 – 001187840 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.Web.Core.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001182720 _____ (Microsoft Corporation) C:WINDOWSsystem32localspl.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001182248 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 001150264 _____ (Microsoft Corporation) C:WINDOWSsystem32ApplyTrustOffline.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 001092608 _____ (Microsoft Corporation) C:WINDOWSsystem32TpmCoreProvisioning.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001086784 _____ (Microsoft Corporation) C:WINDOWSsystem32ReAgent.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001083704 _____ (Microsoft Corporation) C:WINDOWSsystem32LicenseManager.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001077248 _____ (Microsoft Corporation) C:WINDOWSsystem32BTAGService.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001047040 _____ (Microsoft Corporation) C:WINDOWSsystem32IKEEXT.DLL

2020-10-14 16:34 – 2020-10-14 16:34 – 001029952 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversClipSp.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 001026800 _____ (Microsoft Corporation) C:WINDOWSsystem32ClipSVC.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001014784 _____ (Microsoft Corporation) C:WINDOWSsystem32kerberos.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 001008960 _____ (Microsoft Corporation) C:WINDOWSsystem32CloudExperienceHostCommon.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000974336 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000961024 _____ (Microsoft Corporation) C:WINDOWSsystem32autochk.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000916760 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000878080 _____ (Microsoft Corporation) C:WINDOWSsystem32BFE.DLL

2020-10-14 16:34 – 2020-10-14 16:34 – 000875400 _____ (Microsoft Corporation) C:WINDOWSsystem32pkeyhelper.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000874304 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000865792 _____ (Microsoft Corporation) C:WINDOWSsystem32SmartcardCredentialProvider.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000863232 _____ (Microsoft Corporation) C:WINDOWSsystem32win32spl.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000852280 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000805184 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversacpi.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000804672 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvhdmp.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000761672 _____ (Microsoft Corporation) C:WINDOWSsystem32wimgapi.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000742720 _____ (Microsoft Corporation) C:WINDOWSsystem32LicensingWinRT.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000735744 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEndpointBuilder.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000722080 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000672064 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000604992 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000602424 _____ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000589392 _____ (Microsoft Corporation) C:WINDOWSsystem32audiodg.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000586048 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000578560 _____ (Microsoft Corporation) C:WINDOWSsystem32SppExtComObj.Exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000564736 _____ (Microsoft Corporation) C:WINDOWSsystem32apphelp.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000563200 _____ (Microsoft Corporation) C:WINDOWSsystem32untfs.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000554496 _____ (Microsoft Corporation) C:WINDOWSsystem32EnterpriseAppMgmtSvc.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000525824 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000522688 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemSettingsAdminFlows.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000519496 _____ (Microsoft Corporation) C:WINDOWSsystem32wimserv.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000495104 _____ (Microsoft Corporation) C:WINDOWSsystem32MicrosoftAccountWAMExtension.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000467456 _____ (Microsoft Corporation) C:WINDOWSsystem32FWPUCLNT.DLL

2020-10-14 16:34 – 2020-10-14 16:34 – 000452608 _____ (Microsoft Corporation) C:WINDOWSsystem32slui.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000441152 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000437056 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000422712 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversfastfat.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000415816 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32es.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000399360 _____ (Microsoft Corporation) C:WINDOWSsystem32NotificationControllerPS.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000389440 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000382464 _____ (Microsoft Corporation) C:WINDOWSsystem32AppLockerCSP.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000381656 _____ (Microsoft Corporation) C:WINDOWSsystem32CredentialEnrollmentManager.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000363112 _____ (Microsoft Corporation) C:WINDOWSsystem32wintrust.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000353752 _____ (Microsoft Corporation) C:WINDOWSsystem32sppwinob.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000343416 _____ (Microsoft Corporation) C:WINDOWSsystem32ttdwriter.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000338432 _____ (Microsoft Corporation) C:WINDOWSsystem32AppxAllUserStore.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000328704 _____ (Microsoft Corporation) C:WINDOWSsystem32winsku.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000322048 _____ (Microsoft Corporation) C:WINDOWSsystem32BootMenuUX.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000307712 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcomapi.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000301568 _____ (Microsoft Corporation) C:WINDOWSsystem32storewuauth.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000291328 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceDirectoryClient.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000288768 _____ (Microsoft Corporation) C:WINDOWSsystem32mdmregistration.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000284672 _____ (Microsoft Corporation) C:WINDOWSsystem32PushToInstall.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000271872 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceSetupManager.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000265728 _____ (Microsoft Corporation) C:WINDOWSsystem32netman.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000251904 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000234992 _____ (Microsoft Corporation) C:WINDOWSsystem32EditionUpgradeManagerObj.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000231936 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallServiceTasks.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000231424 _____ (Microsoft Corporation) C:WINDOWSsystem32bcdboot.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000222528 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversataport.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000214840 _____ (Microsoft Corporation) C:WINDOWSsystem32ifsutil.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000205632 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversappid.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000201728 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXApplicabilityBlob.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000201216 _____ (Microsoft Corporation) C:WINDOWSsystem32updatepolicy.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32Win32CompatibilityAppraiserCSP.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000192176 _____ (Microsoft Corporation) C:WINDOWSsystem32winbrand.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000183616 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversusbccgp.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000180544 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswfplwfs.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000180032 _____ (Microsoft Corporation) C:WINDOWSsystem32ulib.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000177152 _____ (Microsoft Corporation) C:WINDOWSsystem32EditionUpgradeHelper.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000174400 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorahci.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000160064 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000153600 _____ (Microsoft Corporation) C:WINDOWSsystem32srpapi.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000144384 _____ (Microsoft Corporation) C:WINDOWSsystem32GraphicsCapture.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000142336 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSAssessment.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000141632 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstornvme.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000130560 _____ (Microsoft Corporation) C:WINDOWSsystem32setupugc.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000127064 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000102720 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000089928 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000089920 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceReactivation.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000088360 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000082944 _____ (Microsoft Corporation) C:WINDOWSsystem32appidsvc.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000077824 _____ (Microsoft Corporation) C:WINDOWSsystem32CustomInstallExec.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000076952 _____ (Microsoft Corporation) C:WINDOWSsystem32CredentialEnrollmentManagerForUser.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000073728 _____ (Microsoft Corporation) C:WINDOWSbfsvc.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000067656 _____ (Microsoft Corporation) C:WINDOWSsystem32appidapi.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000066048 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswatchdog.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32pcadm.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershidspi.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32tbauth.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000059200 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorufs.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000058888 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel.appcore.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000057344 _____ (Microsoft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000056640 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspciidex.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000051200 _____ (Microsoft Corporation) C:WINDOWSsystem32pcalua.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.Resources.Common.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000039936 _____ (Microsoft Corporation) C:WINDOWSsystem32ReAgentc.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBrokerCookies.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000031232 _____ (Microsoft Corporation) C:WINDOWSsystem32FaxPrinterInstaller.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000030016 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversatapi.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000025600 _____ (Microsoft Corporation) C:WINDOWSsystem32EnterpriseAppMgmtClient.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000025600 _____ (Microsoft Corporation) C:WINDOWSsystem32appidtel.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000024064 _____ (Microsoft Corporation) C:WINDOWSsystem32sdbinst.exe

2020-10-14 16:34 – 2020-10-14 16:34 – 000019768 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversintelide.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000018432 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversapplockerfltr.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000016704 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspciide.sys

2020-10-14 16:34 – 2020-10-14 16:34 – 000012800 _____ (Microsoft Corporation) C:WINDOWSsystem32pcaevts.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000007680 _____ (Microsoft Corporation) C:WINDOWSsystem32shimeng.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000003584 _____ (Microsoft Corporation) C:WINDOWSsystem32TpmCertResources.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32tier2punctuations.dll

2020-10-14 16:34 – 2020-10-14 16:34 – 000002560 _____ (Microsoft Corporation) C:WINDOWSsystem32msxml6r.dll

2020-10-14 16:03 – 2020-10-14 16:04 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe

2020-10-14 16:03 – 2020-10-14 16:04 – 000390656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe

2020-10-12 10:08 – 2020-10-12 10:08 – 000000000 ____D C:UsersUserDesktopSan Francisco Shock

2020-10-12 10:07 – 2020-10-12 10:07 – 006219584 _____ C:UsersUserDownloadsSan_Francisco_Shock.zip

2020-10-10 21:56 – 2020-10-10 22:03 – 824065743 _____ C:UsersUserDownloadsN3xt Fr1d4y (2000).mp4

2020-10-09 03:00 – 2020-10-09 03:00 – 000000000 ____D C:UsersUserDocumentsKoeiTecmo

2020-10-09 02:31 – 2020-10-09 02:31 – 000001659 _____ C:UsersUserDesktopAttack on Titan!.lnk

2020-10-09 01:16 – 2020-10-09 01:49 – 000000000 ____D C:UsersUserDownloadsAttack on Titan Wings of Freedom PC game ^^nosTEAM^^

2020-10-09 01:13 – 2020-10-09 01:15 – 003910093 _____ C:UsersUserDownloadsAttackOnTitan.exe

2020-10-08 05:20 – 2020-10-08 12:54 – 000000000 ____D C:Program Files (x86)Call of Duty Modern Warfare

2020-10-08 05:12 – 2020-10-16 13:15 – 000004210 _____ C:WINDOWSsystem32TasksCCleaner Update

2020-10-08 05:12 – 2020-10-08 05:12 – 000002886 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC

2020-10-08 05:12 – 2020-10-08 05:12 – 000000863 _____ C:UsersPublicDesktopCCleaner.lnk

2020-10-08 05:12 – 2020-10-08 05:12 – 000000863 _____ C:ProgramDataDesktopCCleaner.lnk

2020-10-08 05:12 – 2020-10-08 05:12 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner

2020-10-08 05:12 – 2020-10-08 05:12 – 000000000 ____D C:Program FilesCCleaner

2020-10-08 04:50 – 2020-10-02 01:48 – 001769688 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2020-10-08 04:50 – 2020-10-02 01:48 – 001769688 _____ C:WINDOWSsystem32vulkaninfo.exe

2020-10-08 04:50 – 2020-10-02 01:48 – 001370328 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2020-10-08 04:50 – 2020-10-02 01:48 – 001370328 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2020-10-08 04:50 – 2020-10-02 01:48 – 001054944 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2020-10-08 04:50 – 2020-10-02 01:48 – 001054944 _____ C:WINDOWSsystem32vulkan-1.dll

2020-10-08 04:50 – 2020-10-02 01:48 – 000917728 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2020-10-08 04:50 – 2020-10-02 01:48 – 000917728 _____ C:WINDOWSSysWOW64vulkan-1.dll

2020-10-08 04:50 – 2020-10-02 01:48 – 000455408 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2020-10-08 04:50 – 2020-10-02 01:48 – 000351128 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2020-10-08 04:50 – 2020-10-02 01:46 – 001023216 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2020-10-08 04:50 – 2020-10-02 01:46 – 000816368 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvmcumd.dll

2020-10-08 04:50 – 2020-10-02 01:46 – 000673520 _____ C:WINDOWSsystem32nvofapi64.dll

2020-10-08 04:50 – 2020-10-02 01:46 – 000543128 _____ C:WINDOWSSysWOW64nvofapi.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 002098072 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 001585560 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 001507224 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 001161112 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 000813464 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 000670616 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2020-10-08 04:50 – 2020-10-02 01:45 – 000589208 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2020-10-08 04:50 – 2020-10-02 01:45 – 000555248 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2020-10-08 04:50 – 2020-10-02 01:44 – 007707544 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2020-10-08 04:50 – 2020-10-02 01:44 – 006860184 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2020-10-08 04:50 – 2020-10-02 01:44 – 004174064 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2020-10-08 04:50 – 2020-10-02 01:44 – 002508528 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2020-10-08 04:50 – 2020-10-02 01:44 – 000849648 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2020-10-08 04:50 – 2020-10-02 01:44 – 000445848 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2020-10-08 04:50 – 2020-10-02 01:43 – 005972824 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2020-10-08 04:50 – 2020-10-01 09:14 – 000080930 _____ C:WINDOWSsystem32nvinfo.pb

2020-10-06 20:29 – 2020-10-06 20:29 – 054690392 _____ (Team Tutturu) C:UsersUserDownloadsTutturu Setup 0.13.0.exe

2020-10-04 01:42 – 2020-10-04 01:42 – 000000000 ____D C:UsersUserDocumentsDiablo III

2020-10-03 23:58 – 2020-10-03 23:58 – 000000000 ____D C:UsersUserAppDataLocalLowmiHoYo

2020-10-03 22:57 – 2020-10-03 22:57 – 000000000 ____D C:UsersUserAppDataLocalmiHoYo

2020-10-02 08:55 – 2020-10-02 08:56 – 000000000 ____D C:UsersUserDocumentsNeed for Speed™ Payback

2020-10-02 02:18 – 2020-10-02 02:20 – 003967142 _____ C:UsersUserDownloadsNFS-Payback.exe

2020-10-01 23:32 – 2020-10-01 23:32 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2020-10-01 23:32 – 2020-09-10 18:14 – 000436536 _____ (Microsoft Corporation) C:WINDOWSsystem32QualityUpdateAssistant.dll

2020-10-01 17:06 – 2020-10-01 17:07 – 003871541 _____ C:UsersUserDownloadsASCB.exe

2020-10-01 11:40 – 2020-10-01 13:00 – 000032768 _____ C:UsersPublicDocumentscrash_dump.bin

2020-10-01 11:40 – 2020-10-01 13:00 – 000032768 _____ C:ProgramDataDocumentscrash_dump.bin

2020-09-21 02:37 – 2020-09-21 14:58 – 000000000 ____D C:UsersUserDocumentsAssassin's Creed Odyssey

2020-09-21 02:37 – 2020-09-21 02:37 – 000000000 ____D C:UsersUserDocumentsNST_SAVES

2020-09-19 02:58 – 2020-09-15 02:01 – 000038632 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhdap64.dll

2020-09-18 16:25 – 2020-09-18 16:25 – 000000000 ____D C:UsersUserDocumentsOpenIV

2020-09-18 16:23 – 2020-09-30 21:08 – 000000000 ____D C:UsersUserAppDataLocalNew Technology Studio

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-17 15:49 – 2020-04-20 12:33 – 000000000 ____D C:UsersUserAppDataRoamingDiscord

2020-10-17 15:47 – 2020-04-20 12:55 – 000000000 ____D C:UsersUserAppDataLocalBattle.net

2020-10-17 15:42 – 2019-03-19 06:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2020-10-17 15:20 – 2020-06-29 21:39 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2020-10-17 15:20 – 2020-06-29 21:39 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2020-10-17 15:19 – 2020-04-20 18:08 – 000000000 ____D C:ProgramDataNVIDIA

2020-10-17 15:13 – 2019-04-12 16:59 – 000000000 __SHD C:UsersUserIntelGraphicsProfiles

2020-10-17 15:11 – 2020-06-29 21:39 – 000000006 ____H C:WINDOWSTasksSA.DAT

2020-10-17 15:11 – 2020-05-02 21:08 – 000000000 ____D C:Program Files (x86)TeamViewer

2020-10-17 15:10 – 2019-03-19 06:37 – 000786432 _____ C:WINDOWSsystem32configBBI

2020-10-17 14:59 – 2020-04-20 12:33 – 000000000 ____D C:Program Files (x86)Steam

2020-10-17 14:58 – 2020-06-28 23:10 – 000000000 ___DC C:WINDOWSPanther

2020-10-17 14:58 – 2020-04-21 04:11 – 000000000 ____D C:UsersUserAppDataLocalCrashDumps

2020-10-17 14:58 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSLiveKernelReports

2020-10-17 14:58 – 2019-03-19 06:50 – 000000000 ____D C:WINDOWSINF

2020-10-17 14:52 – 2020-04-20 13:01 – 000000000 ____D C:Program Files (x86)Overwatch

2020-10-17 14:48 – 2020-06-02 11:24 – 000000000 ____D C:UsersUserAppDataLocalLowMozilla

2020-10-17 14:41 – 2019-04-12 16:58 – 000000000 ____D C:Program FilesMozilla Firefox

2020-10-17 14:41 – 2019-04-12 16:58 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2020-10-17 14:40 – 2019-04-12 16:58 – 000000000 ____D C:ProgramDataMozilla

2020-10-17 13:32 – 2019-03-19 06:52 – 000000000 ___HD C:Program FilesWindowsApps

2020-10-17 13:32 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSAppReadiness

2020-10-17 13:27 – 2020-06-06 15:48 – 000000000 ____D C:UsersUserSapphire Plugins (VEGAS Pro)

2020-10-17 13:20 – 2020-04-20 12:52 – 000000000 ____D C:Program Files (x86)Battle.net

2020-10-17 13:15 – 2020-06-29 21:09 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2020-10-17 13:11 – 2019-03-19 06:52 – 000000000 ___HD C:WINDOWSELAMBKUP

2020-10-16 23:43 – 2020-06-12 19:02 – 000002421 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2020-10-16 17:19 – 2020-06-29 21:39 – 000005242 _____ C:WINDOWSsystem32TasksMicrosoft Office 15 Sync Maintenance for DESKTOP-P2H930S-User DESKTOP-P2H930S

2020-10-16 13:28 – 2020-04-20 12:54 – 000000870 _____ C:UsersUserDesktopBattle.net.lnk

2020-10-15 19:11 – 2020-06-29 21:39 – 000003376 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1477454007-310231868-2954047188-1001

2020-10-15 19:11 – 2020-06-29 21:16 – 000002405 _____ C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2020-10-15 19:11 – 2019-04-13 01:41 – 000000000 ___RD C:UsersUserOneDrive

2020-10-15 18:27 – 2020-04-07 01:31 – 000000000 ____D C:UsersUserAppDataLocalD3DSCache

2020-10-15 04:40 – 2020-06-30 06:34 – 000741728 _____ C:WINDOWSsystem32perfh007.dat

2020-10-15 04:40 – 2020-06-30 06:34 – 000149880 _____ C:WINDOWSsystem32perfc007.dat

2020-10-15 04:40 – 2020-06-29 21:29 – 001723292 _____ C:WINDOWSsystem32PerfStringBackup.INI

2020-10-15 04:36 – 2019-04-13 01:39 – 000000000 __RHD C:UsersPublicAccountPictures

2020-10-15 04:36 – 2019-04-13 01:39 – 000000000 ___RD C:UsersUser3D Objects

2020-10-15 04:34 – 2020-06-29 21:09 – 000443624 _____ C:WINDOWSsystem32FNTCACHE.DAT

2020-10-15 04:29 – 2019-03-19 08:23 – 000000000 ___SD C:WINDOWSsystem32AppV

2020-10-15 04:29 – 2019-03-19 08:23 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ___RD C:WINDOWSPrintDialog

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSSysWOW64oobe

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSSysWOW64Dism

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSSystemResources

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32Sysprep

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32oobe

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32es-MX

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32Dism

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSsystem32appraiser

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSShellExperiences

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSProvisioning

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSPolicyDefinitions

2020-10-15 04:29 – 2019-03-19 06:52 – 000000000 ____D C:WINDOWSbcastdvr

2020-10-15 00:50 – 2020-06-29 21:39 – 000003418 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2020-10-15 00:50 – 2020-06-29 21:39 – 000003294 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2020-10-14 21:42 – 2019-04-13 01:39 – 000000000 ____D C:UsersUserAppDataLocalPackages

2020-10-14 21:41 – 2020-04-22 20:10 – 000000000 ____D C:UsersUserAppDataLocalWhatsApp

2020-10-14 16:46 – 2019-03-19 06:37 – 000000000 ____D C:WINDOWSCbsTemp

2020-10-12 21:50 – 2019-04-12 16:59 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2020-10-12 21:50 – 2019-04-12 16:59 – 000002260 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2020-10-12 21:50 – 2019-04-12 16:59 – 000002260 _____ C:ProgramDataDesktopGoogle Chrome.lnk

2020-10-09 15:58 – 2020-04-20 16:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOverwatch

2020-10-09 13:16 – 2020-04-21 21:22 – 000000000 ____D C:UsersUserAppDataLocalBitTorrentHelper

2020-10-09 02:31 – 2020-04-25 11:01 – 000000000 ____D C:Games

2020-10-09 01:18 – 2020-06-29 21:16 – 000000000 ____D C:UsersNustil

2020-10-08 15:14 – 2020-04-20 16:57 – 000000894 _____ C:UsersUserDesktopOverwatch.lnk

2020-10-08 05:27 – 2020-04-20 18:00 – 000000000 ____D C:ProgramDataPackage Cache

2020-10-08 05:25 – 2020-04-30 16:42 – 000000000 ____D C:UsersUserAppDataLocalUbisoft Game Launcher

2020-10-08 05:25 – 2020-04-21 01:18 – 000000000 ____D C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam

2020-10-08 05:23 – 2020-08-30 14:28 – 000000000 ____D C:UsersUserDesktopRandom

2020-10-08 05:06 – 2020-04-20 20:16 – 000000000 ____D C:UsersUserAppDataLocalNVIDIA

2020-10-08 05:01 – 2020-04-20 20:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRiot Games

2020-10-07 05:16 – 2019-04-13 01:27 – 000000000 ____D C:WINDOWSsystem32Driverswd

2020-10-03 20:42 – 2020-08-16 22:19 – 000002365 _____ C:UsersUserDesktopDiscord Canary.lnk

2020-10-03 20:42 – 2020-08-16 22:19 – 000000000 ____D C:UsersUserAppDataLocalDiscordCanary

2020-10-02 01:45 – 2020-06-14 05:26 – 000657304 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2020-10-02 01:43 – 2020-06-14 05:26 – 007001536 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2020-10-01 19:24 – 2020-04-30 16:42 – 000000000 ____D C:ProgramDataUbisoft

2020-09-30 21:07 – 2020-09-10 11:45 – 000000000 ____D C:Program Files (x86)Rockstar Games

2020-09-30 21:07 – 2020-06-13 03:51 – 000000000 ____D C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsRockstar Games

2020-09-30 21:07 – 2020-06-13 03:51 – 000000000 ____D C:Program FilesRockstar Games

2020-09-30 21:06 – 2020-09-09 23:58 – 000000000 ____D C:Program FilesEpic Games

2020-09-30 21:04 – 2020-05-13 16:43 – 000001919 _____ C:UsersUserDesktopuTorrent Web.lnk

2020-09-30 21:04 – 2020-05-13 16:43 – 000001905 _____ C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsuTorrent Web.lnk

2020-09-30 15:18 – 2020-07-04 00:52 – 000000000 ____D C:UsersUserDocumentsMy Games

2020-09-24 14:40 – 2020-04-20 20:01 – 000000000 ____D C:ProgramDataRiot Games

2020-09-24 02:11 – 2019-04-12 16:55 – 000000000 ____D C:UsersUserAppDataLocalPlaceholderTileLogoFolder

2020-09-22 06:50 – 2019-04-12 16:59 – 000000000 ____D C:Program Files (x86)Google

2020-09-21 05:30 – 2020-09-15 20:36 – 000000000 ____D C:Program Filesdnplayerext2

2020-09-19 03:01 – 2020-04-20 17:57 – 000000000 ____D C:ProgramDataNVIDIA Corporation

==================== Files in the root of some directories ========

2019-08-19 11:11 – 2019-08-19 11:11 – 001388448 _____ () C:UsersPublicASR.dat

2019-08-19 11:11 – 2019-08-19 11:11 – 001388448 _____ () C:UsersPublicVOIP.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020

Ran by User (17-10-2020 15:51:05)

Running from C:UsersUserDownloads

Windows 10 Pro Version 1909 18363.1139 (X64) (2020-06-29 19:41:10)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1477454007-310231868-2954047188-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-1477454007-310231868-2954047188-503 – Limited – Disabled)

Guest (S-1-5-21-1477454007-310231868-2954047188-501 – Limited – Disabled)

Nustil (S-1-5-21-1477454007-310231868-2954047188-1003 – Limited – Enabled) => C:UsersNustil

User (S-1-5-21-1477454007-310231868-2954047188-1001 – Administrator – Enabled) => C:UsersUser

WDAGUtilityAccount (S-1-5-21-1477454007-310231868-2954047188-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B

AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

CCleaner (HKLM…CCleaner) (Version: 5.72 – Piriform)

Chrome Remote Desktop Host (HKLM-x32…E2831D81-5BA3-4A9A-9E81-6C87D9E91D36) (Version: 86.0.4240.48 – Google Inc.)

Core Temp 1.15.1 (HKLM…86D343F-8E78-4AFC-81AC-D6D414AFD8AC_is1) (Version: 1.15.1 – ALCPU)

Discord (HKUS-1-5-21-1477454007-310231868-2954047188-1001…Discord) (Version: 0.0.308 – Discord Inc.)

Discord Canary (HKUS-1-5-21-1477454007-310231868-2954047188-1001…DiscordCanary) (Version: 0.0.283 – Discord Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…F9C5C994-F6B9-4D75-B3E7-AD01B84073E9) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Equalizer APO (HKLM…EqualizerAPO) (Version: 1.2.1 – )

F1 2018 (HKLM-x32…F1 2018_is1) (Version:  – )

Foxit Reader (HKLM-x32…Foxit Reader_is1) (Version: 9.4.1.16828 – Foxit Software Inc.)

GenArts Sapphire Plug-ins 6.10 for OFX (HKLM…GenArts Sapphire Plug-ins for OFX_is1) (Version:  – )

Google Chrome (HKLM…78831B61-87DE-3660-9687-A541FD017EA9) (Version: 86.0.4240.75 – Google LLC)

Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.36.31 – Google LLC) Hidden

GTA San Andreas (HKLM-x32…D417C96A-FCC7-4590-A1BB-FAF73F5BC98E) (Version: 1.00.00001 – Rockstar Games)

HandBrake 1.3.1 (HKLM-x32…HandBrake) (Version: 1.3.1 – )

Hotspot Shield 10.5.0 (HKLM-x32…AF599C42-A2E5-4251-B7EE-4925F177B0F1) (Version: 10.5.0.11726 – Pango Inc.) Hidden

Hotspot Shield 10.5.0 (HKLM-x32…c56b855c-b3cd-4303-bbd8-7c43a1bf2aa3) (Version: 10.5.0.11726 – Pango Inc.)

Hotspot Shield 10.5.0 (HKLM-x32…HotspotShield) (Version: 10.5.0 – Pango Inc.) Hidden

ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)

Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 10.18.10.4358 – Intel Corporation)

Java 8 Update 251 (HKLM-x32…26A24AE4-039D-4CA4-87B4-2F32180251F0) (Version: 8.0.2510.8 – Oracle Corporation)

Kast 2.8.1 (HKUS-1-5-21-1477454007-310231868-2954047188-1001…d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.8.1 – Evasyst, Inc.)

K-Lite Codec Pack 14.8.8 Full (HKLM-x32…KLiteCodecPack_is1) (Version: 14.8.8 – KLCP)

Launcher Prerequisites (x64) (HKLM-x32…43a03b9c-4770-409c-a999-587b60700b63) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Malwarebytes version 4.2.1.89 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.2.1.89 – Malwarebytes)

MalwareFox AntiMalware (HKLM-x32…8F0CD7D1-42F3-4195-95CD-833578D45057_is1) (Version: 2.74.0.150 – Wolf of Webstreet OPC Private Limited)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 86.0.622.43 – Microsoft Corporation)

Microsoft Edge Update (HKLM-x32…Microsoft Edge Update) (Version: 1.3.135.49 – )

Microsoft Office Professional Plus 2013 (HKLM…Office15.PROPLUS) (Version: 15.0.4420.1017 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-1477454007-310231868-2954047188-1001…OneDriveSetup.exe) (Version: 20.169.0823.0006 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…97238E8A-4919-4A1E-965A-C6C36938F4CE) (Version: 2.68.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.21022 (HKLM…350AA351-21FA-3270-8B7A-835434E766AD) (Version: 9.0.21022 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4) (Version: 9.0.21022 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.25.28508 (HKLM-x32…6913e92a-b64e-41c9-a5e6-cef39207fe89) (Version: 14.25.28508.3 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…e31cb1a4-76b5-46a5-a084-3fa419e82201) (Version: 14.24.28127.4 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…2BFC7AA0-544C-4E3A-8796-67F3BE655BE9) (Version: 4.0.20823.0 – Microsoft Corporation)

Mozilla Firefox 66.0.3 (x64 en-US) (HKLM…Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 66.0.3 – Mozilla)

NVAPI Monitor plugin for NvContainer (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_NvContainer.NvapiMonitor) (Version: 1.27 – NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 3.20.4.14 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.20.4.14 – NVIDIA Corporation)

NVIDIA Graphics Driver 456.71 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 456.71 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.35 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_HDAudio.Driver) (Version: 1.3.38.35 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

NvModuleTracker (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_NvModuleTracker.Driver) (Version: 6.14.24033.38719 – NVIDIA Corporation) Hidden

OBS Studio (HKLM-x32…OBS Studio) (Version: 25.0.8 – OBS Project)

Outils de vérification linguistique 2013 de Microsoft Office – Français (HKLM…90150000-001F-040C-1000-0000000FF1CE) (Version: 15.0.4420.1017 – Microsoft Corporation) Hidden

Overwatch (HKLM-x32…Overwatch) (Version:  – Blizzard Entertainment)

paint.net (HKLM…15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC) (Version: 4.2.10 – dotPDN LLC)

Porofessor.gg (HKUS-1-5-21-1477454007-310231868-2954047188-1001…Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.4.18 – Overwolf app)

ProtonVPN (HKLM-x32…CC56589D-2FE8-4B38-9024-0ABCD9F3CB0E) (Version: 1.16.1 – Proton Technologies AG) Hidden

ProtonVPN (HKLM-x32…ProtonVPN 1.16.1) (Version: 1.16.1 – Proton Technologies AG)

ProtonVPNTap (HKLM-x32…BCB82CD9-F514-4F93-A6D9-F898494DC927) (Version: 1.1.0 – Proton Technologies AG)

Skype version 8.59 (HKLM-x32…Skype_is1) (Version: 8.59 – Skype Technologies S.A.)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

TAP-Windows 9.24.2 (HKLM…TAP-Windows) (Version: 9.24.2 – OpenVPN Technologies, Inc.)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.5.3 – TeamViewer)

Tutturu 0.13.0 (HKUS-1-5-21-1477454007-310231868-2954047188-1001…148066b9-48df-52d5-bede-a43fc5ea871f) (Version: 0.13.0 – Team Tutturu)

Twitch (HKUS-1-5-21-1477454007-310231868-2954047188-1001…DEE70742-F4E9-44CA-B2B9-EE95DCF37295) (Version: 8.0.0 – Twitch Interactive, Inc.)

uTorrent Web (HKUS-1-5-21-1477454007-310231868-2954047188-1001…utweb) (Version: 1.1.1 – BitTorrent, Inc.)

VEGAS Pro 14.0 (64-bit) (HKLM…4C79D80F-79F9-11E6-8402-BB95F5A309BD) (Version: 14.0.161 – VEGAS)

Virtual Audio Cable 4.10 (HKLM…Virtual Audio Cable 4.10) (Version:  – )

VLC media player (HKLM…VLC media player) (Version: 3.0.6 – VideoLAN)

WhatsApp (HKUS-1-5-21-1477454007-310231868-2954047188-1001…WhatsApp) (Version: 2.2041.6 – WhatsApp)

WinRAR 5.90 (64-bit) (HKLM…WinRAR archiver) (Version: 5.90.0 – win.rar GmbH)

WO Mic Client (HKLM-x32…WOMic) (Version:  – )

Zoom (HKUS-1-5-21-1477454007-310231868-2954047188-1001…ZoomUMX) (Version: 5.0 – Zoom Video Communications, Inc.)

Packages:

=========

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-12] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-12] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-23] (NVIDIA Corp.)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-09] (Microsoft Corporation)

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0 [2020-10-14] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-1477454007-310231868-2954047188-1001_ClassesCLSID820D63D5-8CFF-46DE-86AF-4997DEDD6DB5localserver32 -> C:WINDOWSsystem32igfxEM.exe (Intel® pGFX -> Intel Corporation)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> 6ABB1C11-E261-4CEA-BBB5-3836225689DD => C:Program Files (x86)MalwareFox AntiMalwareZAMShellExt64.dll [2020-10-17] (Zemana Ltd. -> )

ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> A94757A0-0226-426F-B4F1-4DF381C630D3 => C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsConvertToPDFShellExtension_x64.dll [2018-12-26] (Foxit Software Incorporated -> Foxit Software Inc.)

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-10-17] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 =>  -> No File

ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:WINDOWSsystem32igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_feed726c6560f7a7nvshext.dll [2020-10-02] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> 6ABB1C11-E261-4CEA-BBB5-3836225689DD => C:Program Files (x86)MalwareFox AntiMalwareZAMShellExt64.dll [2020-10-17] (Zemana Ltd. -> )

ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> A94757A0-0226-426F-B4F1-4DF381C630D3 => C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsConvertToPDFShellExtension_x64.dll [2018-12-26] (Foxit Software Incorporated -> Foxit Software Inc.)

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-10-17] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersUserDesktopRandomWatch2Gether.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=ckhgpkajcncijenfpbpplkcpakikmbgd

ShortcutWithArgument: C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsTutturu!_.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=oabechfelncbikgmceoncaekonbldhpk

ShortcutWithArgument: C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsWatch2Gether.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=ckhgpkajcncijenfpbpplkcpakikmbgd

==================== Loaded Modules (Whitelisted) =============

2020-10-14 04:51 – 2020-10-14 04:51 – 096130560 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.12437libcef.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000117760 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.12437libEGL.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 004342784 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.12437libGLESv2.dll

2019-06-10 13:21 – 2019-06-10 13:21 – 000668160 _____ () [File not signed] C:Program FilesEqualizerAPOEqualizerAPO.dll

2017-07-08 12:52 – 2017-07-08 12:52 – 002983917 _____ () [File not signed] C:Program FilesEqualizerAPOlibfftw3f-3.dll

2015-11-22 22:05 – 2015-11-22 22:05 – 001530880 _____ () [File not signed] C:Program FilesEqualizerAPOlibsndfile-1.dll

2020-04-20 14:20 – 2020-04-20 14:20 – 000221696 _____ (Mercer Road Corp) [File not signed] C:Program Files (x86)Overwatch_retail_ortp_x64.dll

2020-04-20 13:49 – 2020-04-20 13:49 – 005323776 _____ (Mercer Road Corp) [File not signed] C:Program Files (x86)Overwatch_retail_vivoxsdk_x64.dll

2020-04-20 14:22 – 2020-04-20 14:22 – 000371200 _____ (RAD Game Tools, Inc.) [File not signed] C:Program Files (x86)Overwatch_retail_bink2w64.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000760832 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437chrome_elf.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000047104 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437audioqtaudio_windows.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000026112 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437imageformatsqgif.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000027136 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437imageformatsqico.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000243712 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437imageformatsqjpeg.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000223744 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437imageformatsqmng.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000020992 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437imageformatsqsvg.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 000332288 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437imageformatsqtiff.dll

2020-10-14 04:51 – 2020-10-14 04:51 – 001140224 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437platformsqwindows.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000041984 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQmlModels.2modelsplugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQuick.2qtquick2plugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000084480 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQuickControls.2qtquickcontrols2plugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000267776 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQuickControlsqtquickcontrolsplugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000071680 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQuickLayoutsqquicklayoutsplugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000211456 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQuickTemplates.2qtquicktemplates2plugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437qmlQtQuickWindow.2windowplugin.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 004943360 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Core.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 005022208 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Gui.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000626176 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Multimedia.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000877056 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Network.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 002908672 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Qml.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 003078656 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Quick.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000096256 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5QuickControls2.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000681472 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5QuickTemplates2.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000259072 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Svg.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 004718080 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Widgets.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000439296 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5WinExtras.dll

2020-10-14 04:52 – 2020-10-14 04:52 – 000159232 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.12437Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Lync Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficeOffice15OCHelper.dll [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

BHO: Office Document Cache Handler -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C:Program FilesMicrosoft OfficeOffice15URLREDIR.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF -> C:Program FilesMicrosoft OfficeOffice15GROOVEEX.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Lync Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficeOffice15OCHelper.dll [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program Files (x86)Javajre1.8.0_251binssv.dll [2020-05-07] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Office Document Cache Handler -> B4F3A835-0E21-4959-BA22-42B3008E02FF -> C:Program Files (x86)Microsoft OfficeOffice15URLREDIR.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF -> C:Program Files (x86)Microsoft OfficeOffice15GROOVEEX.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program Files (x86)Javajre1.8.0_251binjp2ssv.dll [2020-05-07] (Oracle America, Inc. -> Oracle Corporation)

Handler: osf – D924BDC6-C83A-4BD5-90D0-095128A113D1 – C:Program FilesMicrosoft OfficeOffice15MSOSB.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 – 2020-06-14 07:34 – 000000822 _____ C:WINDOWSsystem32driversetchosts

2020-06-01 20:03 – 2020-06-03 22:39 – 000000443 _____ C:WINDOWSsystem32driversetchosts.ics

192.168.1.65 DESKTOP-P2H930S.mshome.net # 2025 6 1 2 20 39 44 578

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program Files (x86)NVIDIA CorporationPhysXCommon;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-1477454007-310231868-2954047188-1001Control PanelDesktop\Wallpaper -> C:UsersUserDesktopSan Francisco ShockWallpaperSFS_DesktopWallpaper.png

DNS Servers: 8.8.8.8 – 8.8.4.4

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedRun: => "RTHDVCPL"

HKLM…StartupApprovedRun32: => "SunJavaUpdateSched"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedStartupFolder: => "Twitch.lnk"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "OneDrive"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "com.blitz.app"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "Overwolf"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "uTorrent"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "Steam"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "utweb"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "btweb"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "Skype for Desktop"

HKUS-1-5-21-1477454007-310231868-2954047188-1001…StartupApprovedRun: => "DiscordCanary"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User08B9BEFF-EFBC-45CF-BA98-337EA8DCEB27C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query User3F54ED3B-7D03-48F6-B827-DD628EB6DDE8C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [97C6C2FD-9465-4500-B6E3-E04D73367303] => (Allow) C:WINDOWSsystem32alg.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [D1B4012D-2023-477B-BD92-4820DEFCF116] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [D610DDDE-8FB5-4D72-8903-EEA12A0494EA] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [UDP Query UserE772E098-E825-4491-B123-5593E96B60EBC:usersusertwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Allow) C:usersusertwitchminecraftinstallruntimejre-x64binjavaw.exe

FirewallRules: [TCP Query User378F7480-FF7F-4FCD-8EA8-D20E73F3585AC:usersusertwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Allow) C:usersusertwitchminecraftinstallruntimejre-x64binjavaw.exe

FirewallRules: [UDP Query User18F240A8-0A7F-437F-B398-1A37F156BDC4C:usersuserappdatalocalprogramskast-appkast.exe] => (Allow) C:usersuserappdatalocalprogramskast-appkast.exe (Evasyst, Inc. -> Evasyst, Inc.)

FirewallRules: [TCP Query UserDA36141D-4649-424D-9585-7CFE0D4B0F8DC:usersuserappdatalocalprogramskast-appkast.exe] => (Allow) C:usersuserappdatalocalprogramskast-appkast.exe (Evasyst, Inc. -> Evasyst, Inc.)

FirewallRules: [FE9D48CD-901C-47D6-90A5-7C206EB2049C] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [6C721EB7-F4FA-4308-9813-E8B622E56D6D] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [D4E27013-B2DC-416F-AB62-54548BC21DB8] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [4AE397FD-EFFE-4647-BB4C-3BE02E6CCC94] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [F5CDFEFB-1357-4FB9-B246-78CF7FF54BDC] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [CA9002AC-B1BA-4EFC-A6CB-15857F4BE34D] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [UDP Query User08C1829B-62E0-4A10-A959-9693C35C7DC6C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query User28060768-127E-416E-B42B-F92BFFB04105C:program files (x86)overwatch_retail_overwatch.exe] => (Allow) C:program files (x86)overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [33EB8D06-13D9-4E51-BDE3-5D1EF3C3DD2E] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [8A210304-8E5A-4493-8638-49AA3E70E1DE] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [1492650A-3C83-4508-81A0-B3B824D4BCC5] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [0F6680AE-7A21-4F68-81EC-2D9A6B65F6D7] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [4E24A933-3E8D-419E-8448-99ABF06E3BB3] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [BBD64A90-9846-4B69-979E-9066EAB3B985] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [UDP Query User31CFD9E8-586B-433F-AFD5-3493963D75F5E:sdi_russdi_x64_r1811.exe] => (Block) E:sdi_russdi_x64_r1811.exe => No File

FirewallRules: [TCP Query User2FE2C3F8-2283-480A-B151-7440B890C27FE:sdi_russdi_x64_r1811.exe] => (Block) E:sdi_russdi_x64_r1811.exe => No File

FirewallRules: [84B2B706-7441-459A-B911-93388A2018CE] => (Allow) C:Program FilesMicrosoft OfficeOffice15UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [76CB0F97-6285-43E6-9F8F-B07BCA356CAA] => (Allow) C:Program FilesMicrosoft OfficeOffice15UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [8D687101-FE17-4D20-BA56-3CA52FE3B9C5] => (Allow) C:Program FilesMicrosoft OfficeOffice15lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [863C3A93-EAB7-402F-A5CD-A04F7D77AF51] => (Allow) C:Program FilesMicrosoft OfficeOffice15lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User0A9A84F1-60AB-44D4-B089-7EFBB66C9D49C:usersuserappdatalocalprogramstutturututturu.exe] => (Allow) C:usersuserappdatalocalprogramstutturututturu.exe (Tutturu LLC -> Team Tutturu)

FirewallRules: [UDP Query User9AD4F012-A8B3-427A-8031-924CBFE8A943C:usersuserappdatalocalprogramstutturututturu.exe] => (Allow) C:usersuserappdatalocalprogramstutturututturu.exe (Tutturu LLC -> Team Tutturu)

FirewallRules: [F9ACED16-E762-4EC9-9CC6-2E0D282D6B87] => (Allow) C:Program Files (x86)WOMicwomicclient.exe () [File not signed]

FirewallRules: [13A7BBF7-2533-4614-AE25-50AAFBDA3CE6] => (Allow) C:Program Files (x86)WOMicwomicclient.exe () [File not signed]

FirewallRules: [779DC601-A92D-4FAC-9C1D-100509D57E57] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [595BDB94-086F-4586-A36C-0CBB174EB691] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [C11A9E6B-078E-4089-A246-A91356EEAFD1] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [BB929790-E533-4436-A04F-A8F3C8AFE103] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [5FA99B36-9258-44EE-B3D2-4C604F9D1BCB] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [2EDDD571-1465-446E-BC8D-E0EBEA0434B1] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [3E3F3992-209F-45DF-8C82-9C24F370C965] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [01DC2EED-80A2-41BD-AB21-20D1325BBC34] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [C64AED87-C4D7-4F30-B58A-041FB4E9EE64] => (Allow) C:Program Files (x86)GoogleChrome Remote Desktop86.0.4240.48remoting_host.exe (Google LLC -> Google Inc.)

FirewallRules: [50A277C3-4851-404C-A179-26C1F849F718] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [53904A86-10A2-4FCD-950D-34F705EA2D90] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [0B2B54CD-DF80-44DD-AED4-20AF3E341FF5] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [C7B4388F-CEB6-4C4A-AB7B-7BC2BC302F99] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [27CCA8B8-E76A-4ECE-B26A-79928B557C92] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [71857ACC-330B-44D3-B547-5B26D228CC60] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [12F9EC37-EDBF-4A1A-851A-04A16C24FFF7] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [33A5F1DF-1523-44C0-8441-89FA6F9E6C50] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [85597534-7C5B-4FCB-9B1E-F179DF525888] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.144.538.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

11-10-2020 20:29:07 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (10/17/2020 03:23:13 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (4000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (10/17/2020 03:12:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5eba45ef

Faulting module name: KERNELBASE.dll, version: 10.0.18362.1139, time stamp: 0x6a8e6b97

Exception code: 0xe0434352

Fault offset: 0x00114662

Faulting process id: 0xcf4

Faulting application start time: 0x01d6a4870eadaae9

Faulting application path: C:ProgramDataFreemakeFreemakeUtilsServiceFreemakeUtilsService.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 14fa8300-f516-486f-950f-065bc63cf612

Faulting package full name:

Faulting package-relative application ID:

Error: (10/17/2020 03:11:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: FreemakeUtilsService.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.IO.FileNotFoundException

at FreemakeUtilsService.Program.Main(System.String[])

Error: (10/17/2020 03:10:17 PM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

.

Error: (10/17/2020 03:10:17 PM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress

]

Error: (10/17/2020 03:06:15 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (6392,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (10/17/2020 02:45:56 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (11764,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

Error: (10/17/2020 02:35:10 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (1004,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:WINDOWSsystem32configsystemprofileAppDataLocalTileDataLayerDatabaseEDB.log.

System errors:

=============

Error: (10/17/2020 03:42:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P2H930S)

Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (10/17/2020 03:17:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P2H930S)

Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (10/17/2020 03:15:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P2H930S)

Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (10/17/2020 03:12:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The MessagingService_80280 service terminated with the following error:

The device is not ready.

Error: (10/17/2020 03:12:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Freemake Improver service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (10/17/2020 03:12:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (45000 milliseconds) while waiting for the Freemake Improver service to connect.

Error: (10/17/2020 03:11:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

Module Path: C:WINDOWSsystem32athExt.dll

Error Code: 126

Error: (10/17/2020 03:09:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Hotspot Shield Service 10.5.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Windows Defender:

===================================

Date: 2020-10-16 17:18:40.740

Description:

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: HackTool:Win32/AutoKMS

ID: 2147685180

Severity: High

Category: Tool

Path: file:_C:Program FilesKMSpicoscriptsInstall_Service.cmd; file:_C:Program FilesKMSpicoscriptsInstall_Task.cmd; file:_C:Program FilesKMSpicoscriptsUnInstall_Service.cmd

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: User

Process Name: Unknown

Security intelligence Version: AV: 1.325.865.0, AS: 1.325.865.0, NIS: 1.325.865.0

Engine Version: AM: 1.1.17500.4, NIS: 1.1.17500.4

Date: 2020-10-16 17:18:40.739

Description:

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: HackTool:Win32/Keygen

ID: 2147593794

Severity: High

Category: Tool

Path: file:_C:UsersUserSapphire Plugins (VEGAS Pro)Patch.exe

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: User

Process Name: Unknown

Security intelligence Version: AV: 1.325.865.0, AS: 1.325.865.0, NIS: 1.325.865.0

Engine Version: AM: 1.1.17500.4, NIS: 1.1.17500.4

Date: 2020-10-16 15:56:35.046

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: 23AF45E8-C01A-4453-89E6-BF1835A07479

Scan Type: Antimalware

Scan Parameters: Full Scan

Date: 2020-10-16 15:55:46.482

Description:

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Trojan:MSIL/Perseus.AKR!MTB

ID: 2147753291

Severity: Severe

Category: Trojan

Path: file:_C:UsersUserAppDataLocalTempIbbpfuvxmnl.exe; process:_pid:1548,ProcessStart:132473295427500810

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: User

Process Name: C:UsersUserAppDataLocalTempIbbpfuvxmnl.exe

Security intelligence Version: AV: 1.325.865.0, AS: 1.325.865.0, NIS: 1.325.865.0

Engine Version: AM: 1.1.17500.4, NIS: 1.1.17500.4

Date: 2020-10-16 15:55:46.481

Description:

Windows Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Trojan:Win32/Masson.A!ac

ID: 2147749143

Severity: Severe

Category: Trojan

Path: file:_C:UsersUserDesktoptrainer v5.4.1.exe; process:_pid:2652,ProcessStart:132473299111079951

Detection Origin: Local machine

Detection Type: FastPath

Detection Source: User

Process Name: Unknown

Security intelligence Version: AV: 1.325.865.0, AS: 1.325.865.0, NIS: 1.325.865.0

Engine Version: AM: 1.1.17500.4, NIS: 1.1.17500.4

Date: 2020-10-16 10:20:09.862

Description:

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.325.838.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.17500.4

Error code: 0x80240438

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-10-15 04:45:10.719

Description:

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.325.718.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.17500.4

Error code: 0x8024402c

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:

===================================

Date: 2020-10-17 13:12:39.724

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-10-17 13:12:39.127

Description:

Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsSystem32aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: FUJITSU // American Megatrends Inc. V4.6.5.3 R1.23.0 for D3162-A1x 12/01/2014

Motherboard: FUJITSU D3162-A1

Processor: Intel® Core™ i5-3470 CPU @ 3.20GHz

Percentage of memory in use: 47%

Total physical RAM: 15267.75 MB

Available physical RAM: 7982.86 MB

Total Virtual: 25267.75 MB

Available Virtual: 15540.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:463.68 GB) (Free:237.49 GB) NTFS

Drive h: (DRIVER) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS

\?Volume65a7d184-0000-0000-0000-100000000000 (System Reserved) (Fixed) (Total:2.08 GB) (Free:1.5 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 65A7D184)

Partition 1: (Active) – (Size=2.1 GB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=463.7 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.