Windows Defender a détecté Office2019.cmd comme HackTool: BAT / AutoKms! MTB False / real? – Un bon serveur Minecraft

[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]

Est-il correct d'exécuter l'outil d'analyse de récupération Farbar avec Windows Defender? Je crains que cela puisse interférer avec les résultats ou quelque chose … Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021Ran by Admin (administrator) on DESKTOP-4SAGV8L (LENOVO 20193) (07-05-2021 21:32:10)Exécution à partir de C: Users Admin DownloadsProfils chargés: AdminPlate-forme: Windows 10 Pro Version 20H2 19042.928 (X64) Langue: Anglais (États-Unis)Navigateur par défaut: EdgeMode de démarrage: normal ==================== Processus (sur liste blanche) ================== (Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.) (Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Edge Application msedge.exe (Microsoft Corporation -> Microsoft Corporation) C: Program Files Common Files microsoft shared ClickToRun OfficeClickToRun.exe(Microsoft Corporation -> Microsoft Corporation) C: Users Admin AppData Local Microsoft OneDrive 21.073.0411.0002 FileCoAuth.exe(Microsoft Corporation -> Microsoft Corporation) C: Users Admin AppData Local Microsoft OneDrive OneDrive.exe(Microsoft Corporation) C: Program Files WindowsApps microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe HxOutlook.exe(Microsoft Corporation) C: Program Files WindowsApps microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe HxTsr.exe(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe WinStore.App.exe(Microsoft Windows -> Microsoft Corporation) C: Windows ImmersiveControlPanel SystemSettings.exe(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe(Microsoft Windows -> Microsoft Corporation) C: Windows System32 InputMethod CHS ChsIME.exe(Microsoft Windows -> Microsoft Corporation) C: Windows System32 oobe UserOOBEBroker.exe(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe(Microsoft Windows Publisher -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2103.7-0 MsMpEng.exe(Microsoft Windows Publisher -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2103.7-0 NisSrv.exe(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe (Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jusched.exe(Power Software Limited -> Power Software Ltd) C: Program Files PowerISO PWRISOVM.EXE(Qualcomm Atheros -> Fournisseur DDK Windows ® Win 7) C: Windows System32 drivers AdminService.exe(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVBg64.exe(Realtek Semiconductor Corp -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RAVCpl64.exe(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPEnhService.exe ==================== Registre (sur liste blanche) =================== (Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM … Exécuter: [RtHDVCpl] => C: Program Files Realtek Audio HDA RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)HKLM … Exécuter: [RtHDVBg_Dolby] => C: Program Files Realtek Audio HDA RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Common Files Java Java Update jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)HKLM-x32 … Exécuter: [PWRISOVM.EXE] => C: Program Files PowerISO PWRISOVM.EXE [455872 2020-06-21] (Power Software Limited -> Power Software Ltd)HKLM SOFTWARE Policies Microsoft Windows Defender: Restriction <==== ATTENTIONHKU S-1-5-21-2960236716-1891352181-3316826821-1001 … Exécuter: [Discord] => C: Users Admin AppData Local Discord Update.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)HKLM … Print Monitors HP C211 Status Monitor: C: Windows system32 hpinkstsC211LM.dll [342232 2015-07-03] (Hewlett Packard -> Hewlett-Packard Co.)GroupPolicy: Restriction? <==== ATTENTIONStratégies: C: ProgramData NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (sur liste blanche) ============ (Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.) Tâche: 1166C8FE-0B63-4E7B-8EDD-7B529CCB2376 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)Tâche: 290E63A1-6390-465A-A347-762334A26EC2 – System32 Tasks Microsoft Office OfficeBackgroundTaskHandlerLogon => C: Program Files (x86) Microsoft Office root Office16 officebackgroundtaskhandler.exe [1527064 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Tâche: 55A05E10-917D-4FD0-8D5B-DA93BCEA7A37 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Verification => C: ProgramData Microsoft Windows Defender platform 4.18.2103.7-0 MpCmdRun. EXE [566368 2021-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)Tâche: 6851006D-3D72-4034-B836-AF01641A23E8 – System32 Tasks Microsoft Office OfficeOsfInstaller => C: Program Files (x86) Microsoft Office root VFS ProgramFilesCommonX86 Microsoft Shared Office16 osfinstaller. EXE [87120 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Tâche: 6A3F8B86-E2A2-4DCC-A90B-C34C27347866 – System32 Tasks Microsoft Office OfficeBackgroundTaskHandlerRegistration => C: Program Files (x86) Microsoft Office root Office16 officebackgroundtaskhandler.exe [1527064 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Tâche: 77C11178-724E-415C-B9F9-15FDB9794A07 – System32 Tasks Microsoft Office OfficeTelemetryAgentLogOn2016 => C: Program Files (x86) Microsoft Office root Office16 msoia.exe [2417448 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Tâche: 795DAD24-B754-487B-A43E-DDAEAB28D656 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cleanup => C: ProgramData Microsoft Windows Defender platform 4.18.2103.7-0 MpCmdRun. EXE [566368 2021-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)Tâche: CBFAEC17-B00F-448D-90B4-0243C17A5D1D – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cache Maintenance => C: ProgramData Microsoft Windows Defender platform 4.18.2103.7-0 MpCmdRun .EXE [566368 2021-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)Tâche: E1D7ECCD-8C42-42B5-A4F2-9C1A70A5AD5A – System32 Tasks Microsoft Office OfficeTelemetryAgentFallBack2016 => C: Program Files (x86) Microsoft Office root Office16 msoia.exe [2417448 2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Tâche: E9150417-A6EA-43A1-8D7C-89Dedral18B578 – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23966488 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)Tâche: FCE5A01C-B17A-4BE6-BCA6-1DB1BDF5D436 – System32 Tasks Microsoft Windows Windows Defender Windows Defender Scheduled Scan => C: ProgramData Microsoft Windows Defender platform 4.18.2103.7-0 MpCmdRun .EXE [566368 2021-04-21] (Microsoft Windows Publisher -> Microsoft Corporation) (Si une entrée est incluse dans la liste de correctifs, le fichier de la tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (sur liste blanche) ==================== (Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.) Tcpip Paramètres: [DhcpNameServer] 192.168.43.1Tcpip .. Interfaces 86694137-c608-4c81-8763-02eb0cc9d9f5: [DhcpNameServer] 192.168.43.1 Bord:=======Edge DefaultProfile: Par défautProfil Edge: C: Users Admin AppData Local Microsoft Edge User Data Default [2021-05-07]Extension Edge: (Honey) – C: Users Admin AppData Local Microsoft Edge User Data Default Extensions amnbcmdbanbkjhnfoeceemmmdiepnbpp [2021-05-06]Edge HKLM-x32 … Edge Extension: [ihcjicgdanjaechkgeegckofjjedodee] Renard de feu:========FF Plugin-x32: @ java.com / DTPlugin, version = 11.291.2 -> C: Program Files (x86) Java jre1.8.0_291 bin dtplugin npDeployJava1.dll [2021-04-22] (Oracle America, Inc. -> Oracle Corporation)FF Plugin-x32: @ java.com / JavaPlugin, version = 11.291.2 -> C: Program Files (x86) Java jre1.8.0_291 bin plugin2 npjp2.dll [2021-04-22] (Oracle America, Inc. -> Oracle Corporation)FF Plugin-x32: @ microsoft.com / Lync, version = 15.0 -> C: Program Files (x86) Microsoft Office root VFS ProgramFilesX86 Mozilla Firefox plugins npmeetingjoinpluginoc.dll [2021-05-07] (Microsoft Corporation -> Microsoft Corporation)FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files (x86) Microsoft Office root Office16 NPSPWRAP.DLL [2021-05-07] (Microsoft Corporation -> Microsoft Corporation) Chrome:=======Profil CHR: C: Users Admin AppData Local Google Chrome User Data Default [2021-05-05]Extension CHR: (Malwarebytes Browser Guard) – C: Users Admin AppData Local Google Chrome User Data Default Extensions ihcjicgdanjaechkgeegckofjjedodee [2021-05-05]Extension CHR: (Paiements Chrome Web Store) – C: Users Admin AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2021-04-26]Extension CHR: (Chrome Media Router) – C: Users Admin AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-26]CHR HKLM-x32 … Chrome Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (sur liste blanche) =================== (Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.) R2 ClickToRunSvc; C: Program Files Common Files Microsoft Shared ClickToRun OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation -> Microsoft Corporation)S3 Sense; C: Program Files Windows Defender Advanced Threat Protection MsSense.exe [5361256 2021-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)R3 WdNisSvc; C: ProgramData Microsoft Windows Defender platform 4.18.2103.7-0 NisSrv.exe [2624104 2021-04-21] (Microsoft Windows Publisher -> Microsoft Corporation)R2 WinDefend; C: ProgramData Microsoft Windows Defender platform 4.18.2103.7-0 MsMpEng.exe [128376 2021-04-21] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (sur liste blanche) =================== (Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.) S3 RimVSerPort; C: Windows System32 drivers RimSerial_AMD64.sys [31744 2009-01-09] (Éditeur de compatibilité matérielle Microsoft Windows -> Research in Motion Ltd)S3 SaiK0CCB; C: Windows System32 drivers SaiK0CCB.sys [180544 2012-09-20] (Mad Catz Inc -> Saitek)S3 SaiU0CCB; C: Windows System32 drivers SaiU0CCB.sys [47168 2012-09-20] (Mad Catz Inc -> Saitek)S3 usbglcs1100301; C: Windows system32 drivers usbglcs1100301.sys [25600 2012-04-24] (Éditeur de compatibilité matérielle Microsoft Windows -> Fournisseur DDK Windows ® Win 7)S3 VBoxUSB; C: Windows System32 Drivers VBoxUSB.sys [174968 2021-01-07] (Oracle Corporation -> Oracle Corporation)S0 WdBoot; C: Windows System32 drivers wd WdBoot.sys [49560 2021-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)R0 WdFilter; C: Windows System32 drivers wd WdFilter.sys [421088 2021-04-21] (Microsoft Windows -> Microsoft Corporation)R3 WdNisDrv; C: Windows System32 drivers wd WdNisDrv.sys [72928 2021-04-21] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (sur liste blanche) ==================== (Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.) ==================== Trois mois (créé) (sur liste blanche) ========= (Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.) 2021-05-07 21:31 – 2021-05-07 21:31 – 002298368 _____ (Farbar) C: Users Admin Downloads FRST64 (1) .exe07/05/2021 18:55 – 07/05/2021 18:56 – 000310292 _____ C: TDSSKiller.3.1.0.28_07.05.2021_18.55.46_log.txt07/05/2021 11:56 – 07/05/2021 12:12 – 000011054 _____ C: Users Admin OneDrive Documents Leçon 1 avec pak dion.xlsx2021-05-07 11:55 – 2021-05-07 11:55 – 000000000 ____D C: Users Admin OneDrive Documents Custom Office Templates2021-05-07 10:49 – 2021-05-07 10:49 – 000000000 ____D C: Users Admin AppData Roaming Skype2021-05-07 10:47 – 2021-05-07 10:47 – 000002508 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Skype Entreprise.lnk2021-05-07 10:47 – 2021-05-07 10:47 – 000002503 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Word.lnk2021-05-07 10:47 – 2021-05-07 10:47 – 000002502 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes PowerPoint.lnk2021-05-07 10:47 – 2021-05-07 10:47 – 000002466 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Access.lnk2021-05-07 10:47 – 2021-05-07 10:47 – 000002465 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Excel.lnk2021-05-07 10:47 – 2021-05-07 10:47 – 000002459 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Outlook.lnk07/05/2021 10:47 – 07/05/2021 10:47 – 000002453 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Publisher.lnk2021-05-07 10:47 – 2021-05-07 10:47 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes Microsoft Office Tools2021-05-07 10:45 – 2021-05-07 10:47 – 000000000 ____D C: Program Files (x86) Microsoft Office07/05/2021 10:45 – 07/05/2021 10:45 – 000000000 ____D C: Program Files Microsoft Office 152021-05-07 10:43 – 2021-05-07 10:43 – 000000863 _____ C: Users Public Desktop PowerISO.lnk2021-05-07 10:43 – 2021-05-07 10:43 – 000000863 _____ C: ProgramData Desktop PowerISO.lnk2021-05-07 10:43 – 2021-05-07 10:43 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes PowerISO2021-05-07 10:43 – 2021-05-07 10:43 – 000000000 ____D C: Program Files PowerISO2021-05-07 10:43 – 2017-06-06 18:36 – 000138296 _____ (Power Software Ltd) C: Windows system32 Drivers scdemu.sys2021-05-07 10:41 – 2021-05-07 10:41 – 000000000 ____D C: Users Admin AppData Roaming WinRAR2021-05-07 10:41 – 2021-05-07 10:41 – 000000000 ____D C: Users Admin AppData Roaming Microsoft Windows Menu Démarrer Programmes WinRAR2021-05-07 10:41 – 2021-05-07 10:41 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes WinRAR2021-05-07 10:41 – 2021-05-07 10:41 – 000000000 ____D C: Program Files WinRAR07/05/2021 10:40 – 07/05/2021 10:40 – 003333552 _____ (Alexander Roshal) C: Users Admin Downloads winrar-x64-601.exe2021-05-06 19:42 – 2021-05-06 19:43 – 000308282 _____ C: TDSSKiller.3.1.0.28_06.05.2021_19.42.56_log.txt2021-05-05 21:13 – 2021-05-05 21:13 – 001310832 _____ (Google LLC) C: Users Admin Downloads ChromeSetup.exe2021-05-05 11:21 – 2021-05-05 11:22 – 013319538 _____ C: Users Admin Downloads VanillaTweaks_r142431.zip2021-05-05 11:06 – 2021-05-05 11:06 – 000010688 _____ C: Users Admin Downloads VanillaTweaks_d267491_UNZIP_ME.zip2021-05-03 18:40 – 2021-05-03 18:40 – 001802704 _____ (Bleeping Computer, LLC) C: Users Admin Downloads rkill.exe2021-05-03 18:39 – 2021-05-03 18:40 – 000307684 _____ C: TDSSKiller.3.1.0.28_03.05.2021_18.39.17_log.txt2021-05-03 18:38 – 2021-05-03 18:39 – 005054744 _____ (AO Kaspersky Lab) C: Users Admin Downloads tdsskiller.exe2021-05-03 18:37 – 2021-05-03 18:37 – 008534696 _____ (Malwarebytes) C: Users Admin Downloads AdwCleaner.exe2021-05-03 00:03 – 2021-05-07 10:59 – 094109696 _____ C: Windows system32 config SOFTWARE2021-05-02 23:58 – 2021-05-03 00:03 – 000000000 ____D C: Windows Microsoft Antimalware2021-05-02 21:31 – 2021-05-02 21:31 – 001291685 _____ C: Users Admin Downloads algo-master.zip02/05/2021 12:08 – 02/05/2021 12:08 – 000000000 ____H C: Windows system32 Drivers Msft_User_WpdFs_01_11_00.Wdf2021-05-02 11:57 – 2019-10-22 11:57 – 3549331456 _____ C: Users Admin OneDrive Documents Office Professional Plus 2019 AIO.iso2021-04-30 16:15 – 2021-04-30 16:16 – 001842156 _____ C: Users Admin Downloads amidst-v4-6.exe2021-04-29 17:44 – 2021-04-29 17:46 – 000002464 _____ C: Users Admin Downloads FSS.txt2021-04-29 17:44 – 2021-04-29 17:44 – 000909824 _____ (Farbar) C: Users Admin Downloads FSS.exe2021-04-29 17:41 – 2021-04-29 17:41 – 000000410 __RSH C: ProgramData ntuser.pol2021-04-28 22:20 – 2021-04-28 22:20 – 000022511 _____ C: Users Admin Downloads Shortcut.txt2021-04-28 22:20 – 2021-04-28 22:20 – 000019259 _____ C: Users Admin Downloads Addition.txt2021-04-28 22:16 – 2021-05-07 21:32 – 000012005 _____ C: Users Admin Downloads FRST.txt2021-04-28 22:09 – 2021-05-07 21:32 – 000000000 ____D C: FRST2021-04-28 22:08 – 2021-04-28 22:08 – 002298368 _____ (Farbar) C: Users Admin Downloads FRST64.exe2021-04-28 22:03 – 2021-04-28 22:06 – 000000000 ____D C: AdwCleaner2021-04-28 21:59 – 2021-04-28 21:59 – 008534696 _____ (Malwarebytes) C: Users Admin Downloads adwcleaner_8.2.exe2021-04-28 21:56 – 2021-04-28 21:56 – 002078632 _____ (Malwarebytes) C: Users Admin Downloads MBSetup (2) .exe2021-04-27 15:48 – 2021-04-27 15:51 – 000000000 ____D C: ProgramData HitmanPro2021-04-27 15:29 – 2021-04-27 15:29 – 000000000 ____D C: Windows system32 appmgmt2021-04-26 23:36 – 2021-04-26 23:36 – 000000000 ____D C: Users Admin AppData Local CrashDumps2021-04-26 23:03 – 2021-04-26 23:03 – 000000000 ____D C: Users Admin AppData Local mbam2021-04-26 23:01 – 2021-04-26 23:01 – 002078632 _____ (Malwarebytes) C: Users Admin Downloads MBSetup.exe2021-04-26 23:01 – 2021-04-26 23:01 – 002078632 _____ (Malwarebytes) C: Users Admin Downloads MBSetup (1) .exe2021-04-26 23:01 – 2021-04-26 23:01 – 000000000 ____D C: Program Files Malwarebytes2021-04-26 18:26 – 2021-04-26 18:27 – 000000000 ____D C: Windows system32 MRT2021-04-26 18:21 – 2021-05-07 15:44 – 000000000 ____D C: Program Files Microsoft Update Health Tools2021-04-26 16:56 – 2021-05-07 21:00 – 000000444 _____ C: Windows system32 Drivers etc hosts.ics2021-04-26 16:50 – 2021-04-26 16:50 – 000000000 ____D C: Windows system32 BestPractices2021-04-26 16:21 – 2021-04-26 16:21 – 000000000 ____D C: Program Files Hyper-V2021-04-26 16:01 – 2021-05-06 19:42 – 000000000 ____D C: Program Files (x86) Google2021-04-26 16:01 – 2021-04-26 16:13 – 000000000 ____D C: Users Admin AppData Local Google2021-04-26 15:21 – 2021-04-26 18:27 – 000000000 ____D C: Users Admin VirtualBox VMs2021-04-26 15:17 – 2021-04-27 14:41 – 000000000 ____D C: Users Admin .VirtualBox2021-04-26 15:17 – 2021-04-27 14:39 – 000000000 ____D C: ProgramData VirtualBox2021-04-26 15:15 – 2021-04-26 15:15 – 000000000 ____D C: Program Files Oracle2021-04-26 12:22 – 2021-04-26 12:22 – 000000000 ____D C: ProgramData HP2021-04-26 12:20 – 2021-04-26 12:20 – 002286975 _____ C: Users Admin OneDrive Documents TNT Mom.pdf2021-04-26 12:20 – 2021-04-26 12:20 – 000000000 ____D C: Users Admin AppData LocalLow Temp2021-04-26 12:18 – 2021-04-26 12:19 – 002922396 _____ C: Users Admin Downloads TNTcommercial facture.pdf2021-04-26 12:11 – 2021-04-26 12:11 – 000000000 ___HD C: $ WinREAgent2021-04-23 18:28 – 2021-04-23 18:28 – 000010073 _____ C: Users Admin Downloads VanillaTweaks_r390486.zip2021-04-23 18:27 – 2021-04-23 18:27 – 000015824 _____ C: Users Admin Downloads VanillaTweaks_r252079.zip2021-04-23 18:26 – 2021-04-23 18:26 – 000094007 _____ C: Users Admin Downloads VanillaTweaks_r612916.zip2021-04-23 18:26 – 2021-04-23 18:26 – 000005300 _____ C: Users Admin Downloads VanillaTweaks_r888557.zip2021-04-23 18:25 – 2021-04-23 18:25 – 000007710 _____ C: Users Admin Downloads VanillaTweaks_r784676.zip2021-04-23 18:24 – 2021-04-23 18:25 – 000049874 _____ C: Users Admin Downloads VanillaTweaks_r282927.zip2021-04-23 18:24 – 2021-04-23 18:24 – 000141531 _____ C: Users Admin Downloads VanillaTweaks_r827839.zip2021-04-23 18:24 – 2021-04-23 18:24 – 000021652 _____ C: Users Admin Downloads VanillaTweaks_r443269.zip2021-04-23 18:24 – 2021-04-23 18:24 – 000018534 _____ C: Users Admin Downloads VanillaTweaks_r209250.zip2021-04-23 18:24 – 2021-04-23 18:24 – 000012900 _____ C: Users Admin Downloads VanillaTweaks_r237965.zip2021-04-23 18:23 – 2021-04-23 18:23 – 000117722 _____ C: Users Admin Downloads VanillaTweaks_r415285.zip2021-04-23 18:23 – 2021-04-23 18:23 – 000010774 _____ C: Users Admin Downloads VanillaTweaks_r205238.zip2021-04-23 18:23 – 2021-04-23 18:23 – 000010005 _____ C: Users Admin Downloads VanillaTweaks_r250976.zip2021-04-23 18:23 – 2021-04-23 18:23 – 000008668 _____ C: Users Admin Downloads VanillaTweaks_r319067.zip2021-04-23 18:23 – 2021-04-23 18:23 – 000008240 _____ C: Users Admin Downloads VanillaTweaks_r827195.zip2021-04-23 18:22 – 2021-04-23 18:22 – 000160524 _____ C: Users Admin Downloads VanillaTweaks_r270880.zip2021-04-23 18:22 – 2021-04-23 18:22 – 000059871 _____ C: Users Admin Downloads VanillaTweaks_r688696.zip2021-04-23 18:22 – 2021-04-23 18:22 – 000040492 _____ C: Users Admin Downloads VanillaTweaks_r501217.zip2021-04-23 18:22 – 2021-04-23 18:22 – 000007795 _____ C: Users Admin Downloads VanillaTweaks_r959720.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000204079 _____ C: Users Admin Downloads VanillaTweaks_r264482.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000152627 _____ C: Users Admin Downloads VanillaTweaks_r758780.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000133011 _____ C: Users Admin Downloads VanillaTweaks_r602613.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000101851 _____ C: Users Admin Downloads VanillaTweaks_r292088.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000076512 _____ C: Users Admin Downloads VanillaTweaks_r690878.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000070735 _____ C: Users Admin Downloads VanillaTweaks_r223120.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000033100 _____ C: Users Admin Downloads VanillaTweaks_r391861.zip2021-04-23 18:21 – 2021-04-23 18:21 – 000009544 _____ C: Users Admin Downloads VanillaTweaks_r361930.zip2021-04-23 18:20 – 2021-04-23 18:21 – 000543123 _____ C: Users Admin Downloads VanillaTweaks_r100512.zip2021-04-23 18:20 – 2021-04-23 18:20 – 000064454 _____ C: Users Admin Downloads VanillaTweaks_r719507.zip2021-04-23 18:20 – 2021-04-23 18:20 – 000017521 _____ C: Users Admin Downloads VanillaTweaks_r347242.zip2021-04-23 18:19 – 2021-04-23 18:19 – 000009187 _____ C: Users Admin Downloads VanillaTweaks_r983366.zip2021-04-23 18:19 – 2021-04-23 18:19 – 000008611 _____ C: Users Admin Downloads VanillaTweaks_r801027.zip2021-04-23 18:18 – 2021-04-23 18:18 – 000035129 _____ C: Users Admin Downloads VanillaTweaks_r248681.zip2021-04-23 18:17 – 2021-04-23 18:17 – 000011835 _____ C: Users Admin Downloads VanillaTweaks_r981932.zip2021-04-23 18:12 – 2021-04-23 18:12 – 000010688 _____ C: Users Admin Downloads VanillaTweaks_d678806_UNZIP_ME.zip2021-04-23 12:58 – 2021-04-23 12:58 – 000000000 ____D C: Users Admin AppData Local OneDrive2021-04-23 12:51 – 2021-04-23 12:51 – 000418984 _____ C: Users Admin Downloads sodium-fabric-mc1.16.3-0.1.0.jar2021-04-22 23:16 – 2021-04-22 23:16 – 000150618 _____ C: Users Admin Downloads InventoryHUD-fabric-[1.16.2-1.16.5]-3.2.2.jar2021-04-22 23:13 – 2021-04-22 23:14 – 000793769 _____ C: Users Admin Downloads Xaeros_Minimap_21.7.0_Fabric_1.16.5.jar2021-04-22 23:11 – 2021-04-22 23:11 – 000938491 _____ C: Users Admin Downloads fabric-api-0.33.0 + 1.16.jar2021-04-22 00:26 – 2021-04-22 00:26 – 000164640 _____ (Oracle Corporation) C: Windows SysWOW64 WindowsAccessBridge-32.dll2021-04-22 00:26 – 2021-04-22 00:26 – 000000000 ____D C: Users Admin AppData Roaming Sun2021-04-22 00:26 – 2021-04-22 00:26 – 000000000 ____D C: Users Admin AppData LocalLow Sun2021-04-22 00:26 – 2021-04-22 00:26 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes Java2021-04-22 00:25 – 2021-04-22 00:25 – 000000000 ____D C: ProgramData Oracle2021-04-22 00:25 – 2021-04-22 00:25 – 000000000 ____D C: Program Files (x86) Java2021-04-22 00:20 – 2021-04-22 00:20 – 002079496 _____ (Oracle Corporation) C: Users Admin Downloads JavaSetup8u291.exe2021-04-22 00:15 – 2021-04-22 00:15 – 000417291 _____ (Fabric Team) C: Users Admin Downloads fabric-installer-0.7.3 (1) .exe2021-04-22 00:00 – 2021-04-22 00:00 – 000000000 ____D C: Users Admin AppData Local NVIDIA2021-04-21 20:39 – 2021-04-21 20:39 – 000000000 ____D C: Users Admin AppData Local PeerDistRepub2021-04-21 20:22 – 2021-04-21 20:23 – 000417291 _____ (Fabric Team) C: Users Admin Downloads fabric-installer-0.7.3.exe2021-04-21 20:20 – 2021-05-01 23:15 – 000000120 ____R C: Users Admin OneDrive Documents My Notebook.url2021-04-21 20:20 – 2021-04-21 20:20 – 000000000 ___HD C: OneDriveTemp2021-04-21 10:04 – 2021-05-07 20:17 – 000000000 ____D C: Users Admin AppData Roaming discord2021-04-21 10:04 – 2021-04-21 10:04 – 000000000 ____D C: Users Admin AppData Roaming Microsoft Windows Menu Démarrer Programmes Discord Inc2021-04-21 10:03 – 2021-05-07 19:06 – 000000000 ____D C: Users Admin AppData Local Discord2021-04-21 10:03 – 2021-04-21 10:04 – 000000000 ____D C: Users Admin AppData Local SquirrelTemp2021-04-21 10:02 – 2021-04-21 10:03 – 070939752 _____ (Discord Inc.) C: Users Admin Downloads DiscordSetup.exe2021-04-21 09:43 – 2021-05-07 16:02 – 000000000 ____D C: Users Admin AppData Roaming .minecraft2021-04-21 09:43 – 2021-05-07 15:49 – 000000000 ____D C: Program Files (x86) Minecraft Launcher2021-04-21 09:43 – 2021-04-21 09:43 – 000001113 _____ C: Users Public Desktop Minecraft Launcher.lnk2021-04-21 09:43 – 2021-04-21 09:43 – 000001113 _____ C: ProgramData Desktop Minecraft Launcher.lnk2021-04-21 09:43 – 2021-04-21 09:43 – 000000000 ____D C: Users Admin AppData Local CEF2021-04-21 09:43 – 2021-04-21 09:43 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes Minecraft Launcher2021-04-21 09:42 – 2021-04-21 09:42 – 002674688 _____ C: Users Admin Downloads MinecraftInstaller.msi2021-04-21 09:23 – 2021-04-21 09:23 – 000000000 _____ C: Recovery.txt2021-04-21 09:12 – 2021-04-21 09:12 – 000000000 ____D C: Users Admin AppData Local Comms2021-04-21 09:05 – 2021-04-21 09:05 – 000000000 ____D C: Users Admin AppData Local D3DSCache2021-04-21 09:04 – 2021-05-07 20:19 – 000000000 ___RD C: Users Admin OneDrive2021-04-21 09:04 – 2021-05-06 17:44 – 000003380 _____ C: Windows system32 Tasks OneDrive Standalone Update Task-S-1-5-21-2960236716-1891352181-3316826821-10012021-04-21 09:04 – 2021-04-26 23:33 – 000000000 ____D C: Users Admin AppData Local PlaceholderTileLogoFolder2021-04-21 09:04 – 2021-04-21 09:04 – 000000000 ____H C: ProgramData DP45977C.lfl2021-04-21 09:04 – 2021-04-21 09:04 – 000000000 ____D C: ProgramData Microsoft OneDrive2021-04-21 09:03 – 2021-04-21 09:03 – 000000000 ____D C: Users Admin AppData Local Publishers2021-04-21 09:02 – 2021-04-26 23:37 – 000000000 ____D C: Users Admin AppData Local Packages2021-04-21 09:02 – 2021-04-21 20:20 – 000000000 ____D C: ProgramData Packages2021-04-21 09:02 – 2021-04-21 19:31 – 000000000 ____D C: Users Admin AppData Local ConnectedDevicesPlatform2021-04-21 09:02 – 2021-04-21 09:47 – 000000000 __RHD C: Users Public AccountPictures2021-04-21 09:02 – 2021-04-21 09:02 – 000000000 ___RD C: Users Admin 3D Objects2021-04-21 09:02 – 2021-04-21 09:02 – 000000000 ____D C: Users Admin AppData Roaming Adobe2021-04-21 09:02 – 2021-04-21 09:02 – 000000000 ____D C: Users Admin AppData Local VirtualStore2021-04-21 09:01 – 2021-05-07 19:06 – 000000000 ____D C: Users Admin2021-04-21 09:01 – 2021-05-06 17:44 – 000002377 _____ C: Users Admin AppData Roaming Microsoft Windows Menu Démarrer Programmes OneDrive.lnk2021-04-21 09:01 – 2021-04-21 09:01 – 000000020 ___SH C: Users Admin ntuser.ini2021-04-21 08:39 – 2021-05-07 11:47 – 000840602 _____ C: Windows system32 PerfStringBackup.INI2021-04-21 08:35 – 2021-04-21 08:35 – 000000000 _SHDL C: Users Default User2021-04-21 08:35 – 2021-04-21 08:35 – 000000000 _SHDL C: Users All Users2021-04-21 08:35 – 2021-04-21 08:35 – 000000000 _SHDL C: Documents and Settings2021-04-21 08:32 – 2021-04-21 08:54 – 000000000 ____D C: ProgramData NVIDIA Corporation2021-04-21 08:32 – 2021-04-21 08:32 – 000000000 ____H C: Windows system32 Drivers Msft_Kernel_SynTP_01011.Wdf2021-04-21 08:32 – 2021-04-21 08:32 – 000000000 ____H C: Windows system32 Drivers Msft_Kernel_Smb_driver_Intel_01011.Wdf2021-04-21 08:31 – 2021-05-07 19:22 – 000000000 ____D C: ProgramData NVIDIA2021-04-21 08:31 – 2021-05-07 15:39 – 000000000 ____D C: Windows system32 SleepStudy2021-04-21 08:31 – 2021-05-07 10:59 – 000462792 _____ C: Windows system32 FNTCACHE.DAT2021-04-21 08:31 – 2021-05-07 10:59 – 000008192 ___SH C: DumpStack.log.tmp2021-04-21 08:31 – 2021-05-07 10:59 – 000000006 ____H C: Windows Tasks SA.DAT2021-04-21 08:31 – 2021-05-02 11:52 – 000002448 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Microsoft Edge.lnk2021-04-21 08:31 – 2021-05-02 11:52 – 000002286 _____ C: Users Public Desktop Microsoft Edge.lnk2021-04-21 08:31 – 2021-05-02 11:52 – 000002286 _____ C: ProgramData Desktop Microsoft Edge.lnk2021-04-21 08:31 – 2021-04-26 12:16 – 000003480 _____ C: Windows system32 Tasks MicrosoftEdgeUpdateTaskMachineUA2021-04-21 08:31 – 2021-04-26 12:16 – 000003356 _____ C: Windows system32 Tasks MicrosoftEdgeUpdateTaskMachineCore2021-04-21 08:31 – 2021-04-21 23:53 – 000000000 ____D C: Windows system32 Drivers wd2021-04-21 08:31 – 2021-04-21 08:31 – 000000000 ____D C: Windows SysWOW64 RTCOM2021-04-21 08:31 – 2021-04-21 08:31 – 000000000 ____D C: Windows system32 Drivers NVIDIA Corporation2021-04-21 08:31 – 2021-04-21 08:31 – 000000000 ____D C: Windows ServiceProfiles2021-04-21 08:31 – 2021-04-21 08:31 – 000000000 ____D C: Program Files Realtek2021-04-21 08:31 – 2021-04-21 08:31 – 000000000 ____D C: Program Files NVIDIA Corporation2021-04-21 08:31 – 2021-04-21 08:31 – 000000000 ____D C: Program Files (x86) NVIDIA Corporation2021-04-21 08:31 – 2019-04-09 05:43 – 005365744 _____ (NVIDIA Corporation) C: Windows system32 nvcpl.dll2021-04-21 08:31 – 2019-04-09 05:43 – 002624824 _____ (NVIDIA Corporation) C: Windows system32 nvsvc64.dll2021-04-21 08:31 – 2019-04-09 05:43 – 001767736 _____ (NVIDIA Corporation) C: Windows system32 nvsvcr.dll2021-04-21 08:31 – 2019-04-09 05:43 – 000651576 _____ (NVIDIA Corporation) C: Windows system32 nv3dappshext.dll2021-04-21 08:31 – 2019-04-09 05:43 – 000450872 _____ (NVIDIA Corporation) C: Windows system32 nvmctray.dll2021-04-21 08:31 – 2019-04-09 05:43 – 000148848 _____ (NVIDIA Corporation) C: Windows SysWOW64 oemdspif.dll2021-04-21 08:31 – 2019-04-09 05:43 – 000124784 _____ (NVIDIA Corporation) C: Windows system32 nvshext.dll2021-04-21 08:31 – 2019-04-09 05:43 – 000082984 _____ (NVIDIA Corporation) C: Windows system32 nv3dappshextr.dll2021-04-21 08:31 – 2019-04-09 04:08 – 008530822 _____ C: Windows system32 nvcoproc.bin2021-04-21 08:31 – 2019-03-30 03:37 – 000001951 _____ C: Windows NvContainerRecovery.bat2021-04-21 06:42 – 2021-04-21 08:35 – 000000000 ____D C: Windows Panther2021-04-21 06:40 – 2021-04-21 06:40 – 000000000 ____D C: Program Files Synaptics2021-04-21 06:39 – 2021-04-21 06:39 – 000008192 _____ C: Windows system32 config userdiff2021-04-21 06:38 – 2021-04-21 09:19 – 000000000 ____D C: Windows OCR2021-04-21 06:38 – 2021-04-21 08:37 – 000000000 ____D C: Windows system32 FxsTmp21/04/2021 06:38 – 21/04/2021 06:38 – 000000000 ____D C: Windows SysWOW64 winrm2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C: Windows SysWOW64 WCN21/04/2021 06:38 – 21/04/2021 06:38 – 000000000 ____D C: Windows SysWOW64 sysprep2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C: Windows SysWOW64 slmgr2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64Printing_Admin_Scripts2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64MailContactsCalendarSync2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64FxsTmp2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW644092021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32winrm2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32WCN2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32slmgr2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32Printing_Admin_Scripts2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32OpenSSH2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32MailContactsCalendarSync2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem324092021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSetup2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:WindowsDigitalLocker2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Windowsaddins2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:ProgramDatassh2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Program FilesReference Assemblies2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Program FilesMSBuild2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Program Files (x86)Reference Assemblies2021-04-21 06:38 – 2021-04-21 06:38 – 000000000 ____D C:Program Files (x86)MSBuild2021-04-21 06:36 – 2021-04-21 06:34 – 000215943 _____ C:WindowsSysWOW64dssec.dat2021-04-21 06:36 – 2021-04-21 06:34 – 000003103 _____ C:WindowsSysWOW64mmc.exe.config2021-04-21 06:36 – 2021-04-21 06:34 – 000000741 _____ C:WindowsSysWOW64NOISE.DAT2021-04-21 06:35 – 2021-05-07 19:22 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft2021-04-21 06:35 – 2021-05-07 10:45 – 000000000 ___RD C:Program Files (x86)2021-04-21 06:35 – 2021-05-07 10:45 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared2021-04-21 06:35 – 2021-05-05 10:23 – 000000000 ____D C:WindowsAppReadiness2021-04-21 06:35 – 2021-05-03 13:46 – 000000000 ___HD C:Program FilesWindowsApps2021-04-21 06:35 – 2021-04-29 17:37 – 000000000 ___HD C:Windowssystem32GroupPolicy2021-04-21 06:35 – 2021-04-29 17:23 – 000000000 ___HD C:WindowsELAMBKUP2021-04-21 06:35 – 2021-04-26 16:50 – 000000000 ____D C:Windowsschemas2021-04-21 06:35 – 2021-04-22 08:12 – 000000000 ____D C:Windowsappcompat2021-04-21 06:35 – 2021-04-21 23:53 – 000000000 ____D C:Program FilesWindows Defender2021-04-21 06:35 – 2021-04-21 20:39 – 000000000 ____D C:Windowssystem32NDF2021-04-21 06:35 – 2021-04-21 09:23 – 000028672 _____ C:Windowssystem32configBCD-Template2021-04-21 06:35 – 2021-04-21 09:19 – 000000000 ___RD C:WindowsPrintDialog2021-04-21 06:35 – 2021-04-21 09:19 – 000000000 ____D C:WindowsServiceState2021-04-21 06:35 – 2021-04-21 09:02 – 000000000 ___RD C:WindowsImmersiveControlPanel2021-04-21 06:35 – 2021-04-21 09:01 – 000000000 ____D C:Windowssystem32WinBioDatabase2021-04-21 06:35 – 2021-04-21 08:53 – 000000000 ____D C:ProgramDataUSOPrivate2021-04-21 06:35 – 2021-04-21 08:37 – 000000000 ____D C:Windowssystem32spool2021-04-21 06:35 – 2021-04-21 08:35 – 000000000 ____D C:WindowsCSC2021-04-21 06:35 – 2021-04-21 08:31 – 000000000 ____D C:Windowssystem32configTxR2021-04-21 06:35 – 2021-04-21 08:31 – 000000000 ____D C:WindowsHelp2021-04-21 06:35 – 2021-04-21 06:42 – 000000000 ____D C:WindowsContainers2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ___SD C:WindowsSysWOW64F122021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ___SD C:WindowsSysWOW64DiagSvcs2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ___SD C:Windowssystem32F122021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ___SD C:Windowssystem32dsc2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ___SD C:Windowssystem32DiagSvcs2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64setup2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64oobe2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64MUI2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64Dism2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSysWOW64Com2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsSystemResources2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32WinBioPlugIns2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32SystemResetPlatform2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32Sysprep2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32setup2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32PerceptionSimulation2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32oobe2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32MUI2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32migwiz2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32Dism2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Windowssystem32Com2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsPolicyDefinitions2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:WindowsIME2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program FilesWindows Photo Viewer2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program FilesWindows NT2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program FilesCommon FilesSystem2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program Files (x86)Windows NT2021-04-21 06:35 – 2021-04-21 06:38 – 000000000 ____D C:Program Files (x86)Windows Defender2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ___SD C:WindowsSysWOW64Nui2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64WinMetadata2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64PerceptionSimulation2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64migwiz2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64Keywords2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64icsxml2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64downlevel2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64Bthprops2021-04-21 06:35 – 2021-04-21 06:36 – 000000000 ____D C:WindowsSysWOW64AdvancedInstallers2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 __SHD C:WindowsBitLockerDiscoveryVolumeContents2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 __SHD C:Program FilesWindows Sidebar2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 __SHD C:Program Files (x86)Windows Sidebar2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 __RSD C:WindowsMedia2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 __RHD C:UsersPublicLibraries2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___SD C:WindowsSysWOW64Configuration2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___SD C:Windowssystem32UNP2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___SD C:Windowssystem32Nui2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___SD C:Windowssystem32Configuration2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___SD C:Windowssystem32AppV2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___SD C:WindowsDownloaded Program Files2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___RD C:WindowsOffline Web Pages2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ___HD C:WindowsLanguageOverlayCache2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsWeb2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsWaaS2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsVss2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowstracing2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsTAPI2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64SMI2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64ras2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64NDF2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64Msdtc2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64Ipmi2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64InputMethod2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64inetsrv2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64IME2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64GroupPolicyUsers2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64GroupPolicy2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSysWOW64AppLocker2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSystemApps2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32WinMetadata2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32winevt2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ti-et2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ta-lk2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ta-in2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32si-lk2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ShellExperiences2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32Sgrm2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32SecureBootUpdates2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ras2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ProximityToast2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32PointOfService2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32osa-Osge-0012021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32my-mm2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32MsDtc2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32Keywords2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32Ipmi2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32InputMethod2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32inetsrv2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32IME2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32icsxml2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ias2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32Hydrogen2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32GroupPolicyUsers2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ff-Adlm-SN2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32DriverState2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32DriversDriverData2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32downlevel2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32DDFs2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32ContainerSettingsProviders2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32configsystemprofile2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32configRegBack2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32configJournal2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32Bthprops2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32appraiser2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32AppLocker2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32am-et2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32AdvancedInstallers2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSystem2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSKB2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsShellExperiences2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsShellComponents2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowssecurity2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsSchCache2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsResources2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowsrescache2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsRemotePackages2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsRegistration2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsProvisioning2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsPLA2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsPerformance2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsModemLogs2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsLiveKernelReports2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsL2Schemas2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsInputMethod2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsIdentityCRL2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsGlobalization2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsGameBarPresenceWriter2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsDiagTrack2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsCursors2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:WindowsBranding2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Windowsbcastdvr2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:ProgramDataWindowsHolographicDevices2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:ProgramDataUSOShared2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program FilesWindows Security2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program FilesWindows Portable Devices2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program FilesWindows Multimedia Platform2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program FilesModifiableWindowsApps2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program FilesCommon FilesServices2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program Files (x86)Windows Portable Devices2021-04-21 06:35 – 2021-04-21 06:35 – 000000000 ____D C:Program Files (x86)Windows Multimedia Platform2021-04-21 06:35 – 2021-04-21 06:34 – 000215943 _____ C:Windowssystem32dssec.dat2021-04-21 06:35 – 2021-04-21 06:34 – 000020908 _____ C:Windowssystem32OEMDefaultAssociations.xml2021-04-21 06:35 – 2021-04-21 06:34 – 000017635 _____ C:Windowssystem32Driversetcservices2021-04-21 06:35 – 2021-04-21 06:34 – 000003683 _____ C:Windowssystem32Driversetclmhosts.sam2021-04-21 06:35 – 2021-04-21 06:34 – 000003103 _____ C:Windowssystem32mmc.exe.config2021-04-21 06:35 – 2021-04-21 06:34 – 000001358 _____ C:Windowssystem32Driversetcprotocol2021-04-21 06:35 – 2021-04-21 06:34 – 000000858 _____ C:Windowssystem32DefaultQuestions.json2021-04-21 06:35 – 2021-04-21 06:34 – 000000741 _____ C:Windowssystem32NOISE.DAT2021-04-21 06:35 – 2021-04-21 06:34 – 000000407 _____ C:Windowssystem32Driversetcnetworks2021-04-21 06:35 – 2021-04-21 06:34 – 000000219 _____ C:Windowssystem.ini2021-04-21 06:35 – 2021-04-21 06:34 – 000000092 _____ C:Windowswin.ini2021-04-21 06:34 – 2021-05-07 11:47 – 000000000 ____D C:WindowsINF2021-04-21 06:31 – 2021-04-27 14:45 – 000000000 ____D C:WindowsCbsTemp2021-04-21 06:30 – 2021-05-07 10:59 – 068419584 _____ C:Windowssystem32configSYSTEM2021-04-21 06:30 – 2021-05-07 10:59 – 001048576 _____ C:Windowssystem32configDEFAULT2021-04-21 06:30 – 2021-05-07 10:59 – 000524288 _____ C:Windowssystem32configBBI2021-04-21 06:30 – 2021-05-07 10:59 – 000131072 _____ C:Windowssystem32configSAM2021-04-21 06:30 – 2021-05-07 10:59 – 000065536 _____ C:Windowssystem32configSECURITY2021-04-21 06:30 – 2021-04-26 19:01 – 000000000 ____D C:Windowsservicing2021-04-21 06:30 – 2021-04-21 08:56 – 000032768 _____ C:Windowssystem32configELAM2021-04-21 06:30 – 2021-04-21 06:35 – 000000000 ____D C:Windowssystem32SMI2021-04-21 06:29 – 2021-04-21 09:30 – 000000000 ___HD C:$SysReset2021-04-20 09:57 – 2021-04-20 09:57 – 000374072 _____ C:Windowssystem32vp9fs.dll2021-04-20 09:56 – 2021-04-20 09:56 – 001823304 _____ (Microsoft Corporation) C:Windowssystem32winload.efi2021-04-20 09:56 – 2021-04-20 09:56 – 000231248 _____ C:Windowssystem32containerdevicemanagement.dll2021-04-20 09:56 – 2021-04-20 09:56 – 000011357 _____ C:Windowssystem32DrtmAuthTxt.wim2021-04-19 22:38 – 2021-04-19 22:38 – 000249512 _____ (Oracle Corporation) C:Windowssystem32DriversVBoxNetLwf.sys2021-04-19 22:38 – 2021-04-19 22:38 – 000239616 _____ (Oracle Corporation) C:Windowssystem32DriversVBoxNetAdp6.sys2021-04-01 21:54 – 2019-10-15 14:50 – 000001696 _____ C:Windowssystem32NOISE.CHS2021-03-18 19:42 – 2021-03-18 19:42 – 002755584 ____N (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb2021-03-18 19:42 – 2021-03-18 19:42 – 002755584 ____N (Microsoft Corporation) C:Windowssystem32mshtml.tlb2021-03-18 19:42 – 2021-03-18 19:42 – 001314128 ____N (Microsoft Corporation) C:Windowssystem32SecConfig.efi2021-03-18 19:42 – 2021-03-18 19:42 – 000480256 ____N C:Windowssystem32AssignedAccessCsp.dll2021-03-18 19:41 – 2021-03-18 19:41 – 001394024 ____N (Microsoft Corporation) C:Windowssystem32winresume.efi2021-03-18 19:41 – 2021-03-18 19:41 – 001163776 ____N C:Windowssystem32MBR2GPT.EXE2021-03-18 19:41 – 2021-03-18 19:41 – 000707016 ____N C:Windowssystem32TextShaping.dll2021-03-18 19:41 – 2021-03-18 19:41 – 000611952 ____N C:WindowsSysWOW64TextShaping.dll2021-03-18 19:41 – 2021-03-18 19:41 – 000091136 ____N C:Windowssystem32Driverscimfs.sys2021-02-23 15:34 – 2021-02-23 15:34 – 003860832 ____N (Microsoft Corporation) C:WindowsSysWOW64rtmpltfm.dll2021-02-23 15:34 – 2021-02-23 15:34 – 001333760 ____N C:WindowsSysWOW64TextInputMethodFormatter.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000980320 ____N (Microsoft Corporation) C:WindowsSysWOW64rtmpal.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000915296 ____N (Microsoft Corporation) C:WindowsSysWOW64rtmcodecs.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000732000 ____N (Microsoft Corporation) C:WindowsSysWOW64ortcengine.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000729600 ____N (Microsoft Corporation) C:Windowssystem32hhctrl.ocx2021-02-23 15:34 – 2021-02-23 15:34 – 000671744 _____ C:Windowssystem32hgattest.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000595968 ____N (Microsoft Corporation) C:Windowssystem32appwiz.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000581120 ____N (Microsoft Corporation) C:Windowssystem32PhotoScreensaver.scr2021-02-23 15:34 – 2021-02-23 15:34 – 000575488 ____N (Microsoft Corporation) C:WindowsSysWOW64hhctrl.ocx2021-02-23 15:34 – 2021-02-23 15:34 – 000499200 ____N (Microsoft Corporation) C:WindowsSysWOW64PhotoScreensaver.scr2021-02-23 15:34 – 2021-02-23 15:34 – 000469504 ____N (Microsoft Corporation) C:WindowsSysWOW64appwiz.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000455680 ____N C:WindowsSysWOW64WindowManagementAPI.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000446976 ____N (Microsoft Corporation) C:WindowsSysWOW64mmsys.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000422912 ____N (Microsoft Corporation) C:WindowsSysWOW64winspool.drv2021-02-23 15:34 – 2021-02-23 15:34 – 000330752 ____N C:WindowsSysWOW64ssdm.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000304128 ____N (Microsoft Corporation) C:Windowssystem32ksproxy.ax2021-02-23 15:34 – 2021-02-23 15:34 – 000266240 ____N C:WindowsSysWOW64Windows.Internal.UI.Shell.WindowTabManager.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000266240 ____N (Microsoft Corporation) C:Windowssystem32mpg2splt.ax2021-02-23 15:34 – 2021-02-23 15:34 – 000240640 ____N C:WindowsSysWOW64CoreMas.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000235520 ____N C:WindowsSysWOW64HeatCore.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000234496 ____N (Microsoft Corporation) C:WindowsSysWOW64ksproxy.ax2021-02-23 15:34 – 2021-02-23 15:34 – 000221184 ____N (Microsoft Corporation) C:WindowsSysWOW64bthprops.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000204800 ____N (Microsoft Corporation) C:WindowsSysWOW64mpg2splt.ax2021-02-23 15:34 – 2021-02-23 15:34 – 000182272 ____N (Microsoft Corporation) C:WindowsSysWOW64timedate.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000178688 ____N (Microsoft Corporation) C:WindowsSysWOW64intl.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000170496 ____N (Microsoft Corporation) C:Windowssystem32VBICodec.ax2021-02-23 15:34 – 2021-02-23 15:34 – 000157184 ____N C:Windowssystem32uwfcsp.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000138056 ____N C:Windowssystem32HvsiManagementApi.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000135168 ____N (Microsoft Corporation) C:WindowsSysWOW64VBICodec.ax2021-02-23 15:34 – 2021-02-23 15:34 – 000112128 ____N (Microsoft Corporation) C:WindowsSysWOW64activeds.tlb2021-02-23 15:34 – 2021-02-23 15:34 – 000101704 ____N C:WindowsSysWOW64HvsiManagementApi.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000100864 ____N (Microsoft Corporation) C:WindowsSysWOW64ncpa.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000095744 ____N C:Windowssystem32VirtualMonitorManager.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000087552 ____N (Microsoft Corporation) C:Windowssystem32tdc.ocx2021-02-23 15:34 – 2021-02-23 15:34 – 000084992 ____N (Microsoft Corporation) C:Windowssystem32wscui.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000072704 ____N (Microsoft Corporation) C:WindowsSysWOW64tdc.ocx2021-02-23 15:34 – 2021-02-23 15:34 – 000067584 ____N (Microsoft Corporation) C:WindowsSysWOW64wscui.cpl2021-02-23 15:34 – 2021-02-23 15:34 – 000067072 ____N C:Windowssystem32BWContextHandler.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000055376 ____N (Microsoft Corporation) C:WindowsSysWOW64rtmmvrortc.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000053760 ____N C:WindowsSysWOW64BWContextHandler.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000047472 ____N C:WindowsSysWOW64umpdc.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000045880 ____N C:Windowssystem32HvSocket.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000039936 ____N (Adobe Systems) C:WindowsSysWOW64atmlib.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000023552 ____N (Microsoft Corporation) C:WindowsSysWOW64msacm32.drv2021-02-23 15:34 – 2021-02-23 15:34 – 000014848 _____ C:Windowssystem32hnsproxy.dll2021-02-23 15:34 – 2021-02-23 15:34 – 000010752 ____N C:WindowsSysWOW64agentactivationruntimestarter.exe2021-02-23 15:33 – 2021-02-23 15:33 – 004898144 ____N (Microsoft Corporation) C:Windowssystem32rtmpltfm.dll2021-02-23 15:33 – 2021-02-23 15:33 – 004227116 ____N C:Windowssystem32DefaultHrtfs.bin2021-02-23 15:33 – 2021-02-23 15:33 – 002260992 ____N C:Windowssystem32TextInputMethodFormatter.dll2021-02-23 15:33 – 2021-02-23 15:33 – 002260480 ____N (The ICU Project) C:Windowssystem32icu.dll2021-02-23 15:33 – 2021-02-23 15:33 – 002254336 ____N C:Windowssystem32dwmscene.dll2021-02-23 15:33 – 2021-02-23 15:33 – 001354080 ____N (Microsoft Corporation) C:Windowssystem32rtmpal.dll2021-02-23 15:33 – 2021-02-23 15:33 – 001091936 ____N (Microsoft Corporation) C:Windowssystem32rtmcodecs.dll2021-02-23 15:33 – 2021-02-23 15:33 – 001032544 ____N (Microsoft Corporation) C:Windowssystem32ortcengine.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000643072 ____N C:Windowssystem32WindowManagementAPI.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000562688 ____N (Microsoft Corporation) C:Windowssystem32winspool.drv2021-02-23 15:33 – 2021-02-23 15:33 – 000544768 ____N (Microsoft Corporation) C:Windowssystem32mmsys.cpl2021-02-23 15:33 – 2021-02-23 15:33 – 000455168 ____N C:Windowssystem32ssdm.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000363520 ____N C:Windowssystem32Windows.Internal.UI.Shell.WindowTabManager.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000306688 ____N C:Windowssystem32HeatCore.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000287232 ____N C:Windowssystem32CoreMas.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000266752 ____N (Microsoft Corporation) C:Windowssystem32bthprops.cpl2021-02-23 15:33 – 2021-02-23 15:33 – 000243200 ____N (Microsoft Corporation) C:Windowssystem32timedate.cpl2021-02-23 15:33 – 2021-02-23 15:33 – 000238592 ____N (Microsoft Corporation) C:Windowssystem32intl.cpl2021-02-23 15:33 – 2021-02-23 15:33 – 000197632 ____N C:Windowssystem32IHDS.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000190976 ____N C:Windowssystem32BthpanContextHandler.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000165888 ____N C:Windowssystem32DataStoreCacheDumpTool.exe2021-02-23 15:33 – 2021-02-23 15:33 – 000152064 ____N C:Windowssystem32EoAExperiences.exe2021-02-23 15:33 – 2021-02-23 15:33 – 000112128 ____N (Microsoft Corporation) C:Windowssystem32activeds.tlb2021-02-23 15:33 – 2021-02-23 15:33 – 000102912 ____N (Microsoft Corporation) C:Windowssystem32ncpa.cpl2021-02-23 15:33 – 2021-02-23 15:33 – 000089088 ____N C:Windowssystem32windows.applicationmodel.conversationalagent.proxystub.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000074240 ____N C:Windowssystem32rdsxvmaudio.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000073216 ____N C:Windowssystem32windows.applicationmodel.conversationalagent.internal.proxystub.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000064552 ____N C:Windowssystem32umpdc.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000060928 ____N C:Windowssystem32runexehelper.exe2021-02-23 15:33 – 2021-02-23 15:33 – 000056672 ____N (Microsoft Corporation) C:Windowssystem32rtmmvrortc.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000048640 ____N (Adobe Systems) C:Windowssystem32atmlib.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000030208 ____N (Microsoft Corporation) C:Windowssystem32msacm32.drv2021-02-23 15:33 – 2021-02-23 15:33 – 000029696 ____N (The ICU Project) C:Windowssystem32icuuc.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000025088 ____N (The ICU Project) C:Windowssystem32icuin.dll2021-02-23 15:33 – 2021-02-23 15:33 – 000013312 ____N C:Windowssystem32agentactivationruntimestarter.exe2021-02-23 15:33 – 2021-02-23 15:33 – 000001370 ____N C:Windowssystem32ThirdPartyNoticesBySHS.txt2021-02-23 15:27 – 2019-10-15 15:53 – 000076060 ____N C:Windowssystem32xpsrchvw.xml2021-02-23 15:27 – 2019-04-18 20:49 – 000076060 ____N C:WindowsSysWOW64xpsrchvw.xml ==================== Three months (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) ==================== SigCheckExt ========================= 2021-04-30 16:15 – 2021-04-30 16:16 – 001842156 _____ C:UsersAdminDownloadsamidst-v4-6.exe2021-04-22 00:15 – 2021-04-22 00:15 – 000417291 _____ (Fabric Team) C:UsersAdminDownloadsfabric-installer-0.7.3 (1).exe2021-04-21 20:22 – 2021-04-21 20:23 – 000417291 _____ (Fabric Team) C:UsersAdminDownloadsfabric-installer-0.7.3.exe2021-05-07 21:31 – 2021-05-07 21:31 – 002298368 _____ (Farbar) C:UsersAdminDownloadsFRST64 (1).exe2021-04-28 22:08 – 2021-04-28 22:08 – 002298368 _____ (Farbar) C:UsersAdminDownloadsFRST64.exe2021-04-29 17:44 – 2021-04-29 17:44 – 000909824 _____ (Farbar) C:UsersAdminDownloadsFSS.exe ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== BCD ================================ Windows Boot Manager——————–identifier bootmgrdevice partition=DeviceHarddiskVolume1description Windows Boot Managerlocale en-USinherit globalsettingsdefault currentresumeobject 7e64812f-a2b5-11eb-aebf-8aea6e7616a7displayorder currenttoolsdisplayorder memdiagtimeout 30 Windows Boot Loader——————-identifier currentdevice partition=C:path Windowssystem32winload.exedescription Windows 10locale en-USinherit bootloadersettingsrecoverysequence 7eb5dafa-a2b5-11eb-aebf-8aea6e7616a7displaymessageoverride Recoveryrecoveryenabled Yesallowedinmemorysettings 0x15000075osdevice partition=C:systemroot Windowsresumeobject 7e64812f-a2b5-11eb-aebf-8aea6e7616a7nx OptInbootmenupolicy Standard Windows Boot Loader——————-identifier 7eb5dafa-a2b5-11eb-aebf-8aea6e7616a7device ramdisk=[DeviceHarddiskVolume3]RecoveryWindowsREWinre.wim,7eb5dafb-a2b5-11eb-aebf-8aea6e7616a7path windowssystem32winload.exedescription Windows Recovery Environmentlocale en-USinherit bootloadersettingsdisplaymessage Recoveryosdevice ramdisk=[DeviceHarddiskVolume3]RecoveryWindowsREWinre.wim,7eb5dafb-a2b5-11eb-aebf-8aea6e7616a7systemroot windowsnx OptInbootmenupolicy Standardwinpe Yes Resume from Hibernate———————identifier 7e64812f-a2b5-11eb-aebf-8aea6e7616a7device partition=C:path Windowssystem32winresume.exedescription Windows Resume Applicationlocale en-USinherit resumeloadersettingsrecoverysequence 7eb5dafa-a2b5-11eb-aebf-8aea6e7616a7recoveryenabled Yesallowedinmemorysettings 0x15000075filedevice partition=C:filepath hiberfil.sysbootmenupolicy Standarddebugoptionenabled No Windows Memory Tester———————identifier memdiagdevice partition=DeviceHarddiskVolume1path bootmemtest.exedescription Windows Memory Diagnosticlocale en-USinherit globalsettingsbadmemoryaccess Yes EMS Settings————identifier emssettingsbootems No Debugger Settings—————–identifier dbgsettingsdebugtype Local RAM Defects———–identifier badmemory Global Settings—————identifier globalsettingsinherit dbgsettingsemssettingsbadmemory Boot Loader Settings——————–identifier bootloadersettingsinherit globalsettingshypervisorsettings Hypervisor Settings——————-identifier hypervisorsettingshypervisordebugtype Serialhypervisordebugport 1hypervisorbaudrate 115200 Resume Loader Settings———————-identifier resumeloadersettingsinherit globalsettings Device options————–identifier 7eb5dafb-a2b5-11eb-aebf-8aea6e7616a7description Windows Recoveryramdisksdidevice partition=DeviceHarddiskVolume3ramdisksdipath RecoveryWindowsREboot.sdi ==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021Ran by Admin (07-05-2021 21:35:26)Running from C:UsersAdminDownloadsWindows 10 Pro Version 20H2 19042.928 (X64) (2021-04-21 14:35:25)Boot Mode: Normal========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-2960236716-1891352181-3316826821-1001 – Administrator – Enabled) => C:UsersAdminAdministrator (S-1-5-21-2960236716-1891352181-3316826821-500 – Administrator – Disabled)DefaultAccount (S-1-5-21-2960236716-1891352181-3316826821-503 – Limited – Disabled)Guest (S-1-5-21-2960236716-1891352181-3316826821-501 – Limited – Disabled)WDAGUtilityAccount (S-1-5-21-2960236716-1891352181-3316826821-504 – Limited – Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46 ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Discord (HKUS-1-5-21-2960236716-1891352181-3316826821-1001…Discord) (Version: 1.0.9001 – Discord Inc.)Java 8 Update 291 (HKLM-x32…26A24AE4-039D-4CA4-87B4-2F32180291F0) (Version: 8.0.2910.10 – Oracle Corporation)Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 90.0.818.51 – Microsoft Corporation)Microsoft Office Professional Plus 2019 – en-us (HKLM…ProPlus2019Retail – en-us) (Version: 16.0.10730.20102 – Microsoft Corporation)Microsoft OneDrive (HKUS-1-5-21-2960236716-1891352181-3316826821-1001…OneDriveSetup.exe) (Version: 21.073.0411.0002 – Microsoft Corporation)Microsoft Update Health Tools (HKLM…A0E1B43D-5F4A-46AF-9925-ABA3423325DC) (Version: 2.77.0.0 – Microsoft Corporation)Minecraft Launcher (HKLM-x32…911FBC64-4C64-4B8F-A637-B34832638C86) (Version: 1.0.0.0 – Mojang)Office 16 Click-to-Run Extensibility Component (HKLM-x32…90160000-008C-0000-0000-0000000FF1CE) (Version: 16.0.10730.20102 – Microsoft Corporation) HiddenOffice 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…90160000-00DD-0000-1000-0000000FF1CE) (Version: 16.0.10730.20102 – Microsoft Corporation) HiddenOffice 16 Click-to-Run Licensing Component (HKLM…90160000-008F-0000-1000-0000000FF1CE) (Version: 16.0.10730.20102 – Microsoft Corporation) HiddenOffice 16 Click-to-Run Localization Component (HKLM-x32…90160000-008C-0409-0000-0000000FF1CE) (Version: 16.0.10730.20102 – Microsoft Corporation) HiddenPowerISO (HKLM-x32…PowerISO) (Version: 7.7 – Power Software Ltd)Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6873 – Realtek Semiconductor Corp.)Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 19.0.17.58 – Synaptics Incorporated)WinRAR 6.01 (64-bit) (HKLM…WinRAR archiver) (Version: 6.01.0 – win.rar GmbH) Packages:=========Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-26] (Microsoft Corporation)Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0 [2021-05-03] (Spotify AB) [Startup Task] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [PowerISO] -> 967B2D40-8B7D-4127-9049-61EA0C2C6DCE => C:Program FilesPowerISOPWRISOSH.DLL [2020-06-21] (Power Software Limited -> Power Software Ltd)ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)ContextMenuHandlers4: [PowerISO] -> 967B2D40-8B7D-4127-9049-61EA0C2C6DCE => C:Program FilesPowerISOPWRISOSH.DLL [2020-06-21] (Power Software Limited -> Power Software Ltd)ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:Windowssystem32nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)ContextMenuHandlers6: [PowerISO] -> 967B2D40-8B7D-4127-9049-61EA0C2C6DCE => C:Program FilesPowerISOPWRISOSH.DLL [2020-06-21] (Power Software Limited -> Power Software Ltd)ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-05-07] (Microsoft Corporation -> Microsoft Corporation)BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-05-07] (Microsoft Corporation -> Microsoft Corporation)BHO-x32: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program Files (x86)Javajre1.8.0_291binssv.dll [2021-04-22] (Oracle America, Inc. -> Oracle Corporation)BHO-x32: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program Files (x86)Javajre1.8.0_291binjp2ssv.dll [2021-04-22] (Oracle America, Inc. -> Oracle Corporation)Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-07] (Microsoft Corporation -> Microsoft Corporation)Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-05-07] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-04-21 06:35 – 2021-04-28 22:34 – 000000852 _____ C:Windowssystem32driversetchosts 2021-04-26 16:56 – 2021-05-07 21:00 – 000000444 _____ C:Windowssystem32driversetchosts.ics172.27.224.1 DESKTOP-4SAGV8L.mshome.net # 2026 5 4 7 3 0 40 410 ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSHHKUS-1-5-21-2960236716-1891352181-3316826821-1001Control PanelDesktop\Wallpaper -> C:WindowswebwallpaperWindowsimg0.jpgDNS Servers: 192.168.43.1HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [B5930461-F240-4B82-9A33-0D11DF8DA6B5] => (Block) C:program files (x86)microsoftedgeapplicationmsedge.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [8688D1DA-29AA-4D67-97AF-4C210C61671F] => (Block) C:program files (x86)microsoftedgeapplicationmsedge.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [TCP Query UserABE58D33-69DD-4EEE-9BEE-7F2CF945C26DC:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exeFirewallRules: [UDP Query UserC278E9CB-78A8-43CE-9E04-9C00CC272E44C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exeFirewallRules: [C6485E7D-702D-4C2F-AB54-87CEB3218860] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [A70D72BB-25DE-43A0-86B7-25E62C9F2762] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [CF78B257-EA12-42E2-B772-095B1F4C2901] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [CFEEEA89-DB3B-4B7F-AE78-C65DC897953B] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [535823C3-7096-4634-BE28-BAB080F14720] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [9EFBFB31-34F1-4F99-8053-C509FDFA5346] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [B0BBE320-DD95-4285-B3C5-BFCBF98D21C8] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [53214EE9-69ED-497C-B7CB-A4E5825AFA3F] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.158.820.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)FirewallRules: [TCP Query UserD28C3BB1-529F-4BF2-8CB4-EAA016124605C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exeFirewallRules: [UDP Query UserB07A2F91-6D4A-4178-B257-35F7EA21A89AC:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exeFirewallRules: [045DD892-13DB-44D5-AB1F-33703CD84AE7] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [569008B7-AF71-4109-97E0-F434C21BBB68] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [FFBCFB7E-314F-4A70-8843-B5A44977448C] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [1D572820-EDA0-4EB2-83AF-2FA68D1F89D2] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)FirewallRules: [9EF8144A-436B-4438-8D74-7EBD4A844883] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 06-05-2021 19:31:51 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============ Name: Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)Description: Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)Class Guid: 4d36e972-e325-11ce-bfc1-08002be10318Manufacturer: Qualcomm AtherosService: L1CProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors:==================Error: (05/07/2021 10:59:23 AM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.. Error: (05/07/2021 10:59:23 AM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress] Error: (05/07/2021 10:47:51 AM) (Source: SideBySide) (EventID: 35) (User: )Description: Activation context generation failed for "C:Program Files (x86)Microsoft OfficerootOffice16lync.exe.Manifest".Error in manifest or policy file "C:Program Files (x86)Microsoft OfficerootOffice16UccApi.DLL" on line 1.Component identity found in manifest does not match the identity of the component requested.Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".Please use sxstrace.exe for detailed diagnosis. Error: (05/07/2021 10:44:00 AM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress] Error: (05/02/2021 12:21:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )Description: The storage optimizer couldn't complete retrim on DATA-1TB (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A) Error: (04/29/2021 10:08:20 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.. Error: (04/29/2021 10:08:20 PM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress] Error: (04/29/2021 09:58:20 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.. System errors:=============Error: (05/07/2021 08:17:33 PM) (Source: BTHUSB) (EventID: 17) (User: )Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (05/07/2021 07:04:44 PM) (Source: BTHUSB) (EventID: 17) (User: )Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (05/07/2021 05:57:28 PM) (Source: BTHUSB) (EventID: 17) (User: )Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (05/07/2021 03:24:38 PM) (Source: BTHUSB) (EventID: 17) (User: )Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (05/07/2021 01:08:35 PM) (Source: BTHUSB) (EventID: 17) (User: )Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (05/07/2021 11:44:36 AM) (Source: BTHUSB) (EventID: 17) (User: )Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (05/07/2021 10:59:42 AM) (Source: BTHUSB) (EventID: 5) (User: )Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it. Error: (05/07/2021 10:44:24 AM) (Source: BTHUSB) (EventID: 5) (User: )Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it. Windows Defender:================Date: 2021-05-07 18:31:11Description:Microsoft Defender Antivirus has detected malware or other potentially unwanted software.For more information please see the following:https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:BAT/AutoKms!MTB&threatid=2147764693&enterprise=0Name: HackTool:BAT/AutoKms!MTBSeverity: HighCategory: ToolPath: file:_E:Office2019.cmdDetection Origin: Local machineDetection Type: ConcreteDetection Source: Real-Time ProtectionProcess Name: C:Windowsexplorer.exeSecurity intelligence Version: AV: 1.337.654.0, AS: 1.337.654.0, NIS: 1.337.654.0Engine Version: AM: 1.1.18100.5, NIS: 1.1.18100.5 Date: 2021-05-07 17:59:37Description:Microsoft Defender Antivirus has detected malware or other potentially unwanted software.For more information please see the following:https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:BAT/AutoKms!MTB&threatid=2147764693&enterprise=0Name: HackTool:BAT/AutoKms!MTBSeverity: HighCategory: ToolPath: file:_C:UsersAdminDocumentsOffice2019.cmdDetection Origin: Local machineDetection Type: ConcreteDetection Source: UserProcess Name: UnknownSecurity intelligence Version: AV: 1.337.654.0, AS: 1.337.654.0, NIS: 1.337.654.0Engine Version: AM: 1.1.18100.5, NIS: 1.1.18100.5 Date: 2021-05-06 19:13:19Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick Scan Date: 2021-04-25 23:20:35Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick Scan Date: 2021-04-23 13:02:34Description:Microsoft Defender Antivirus scan has been stopped before completion.Scan Type: AntimalwareScan Parameters: Quick Scan Date: 2021-05-07 18:17:19Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.337.654.0Update Source: Microsoft Update ServerSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.18100.5Error code: 0x80070102Error description: The wait operation timed out. Date: 2021-05-07 18:17:19Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.337.654.0Update Source: Microsoft Update ServerSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.18100.5Error code: 0x80070102Error description: The wait operation timed out. Date: 2021-05-07 10:44:00Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.337.654.0Update Source: Microsoft Update ServerSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.18100.5Error code: 0x80240022Error description: The program can't check for definition updates. Date: 2021-05-07 10:44:00Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.337.654.0Update Source: Microsoft Update ServerSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.18100.5Error code: 0x80240022Error description: The program can't check for definition updates. Date: 2021-05-06 18:37:50Description:Microsoft Defender Antivirus has encountered an error trying to update security intelligence.New security intelligence Version:Previous security intelligence Version: 1.337.654.0Update Source: Microsoft Update ServerSecurity intelligence Type: AntiVirusUpdate Type: FullCurrent Engine Version:Previous Engine Version: 1.1.18100.5Error code: 0x80070643Error description: Fatal error during installation. CodeIntegrity:===============Date: 2021-04-21 08:34:39Description:Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2021-04-21 08:34:39Description:Code Integrity is unable to verify the image integrity of the file DeviceHarddiskVolume2WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: LENOVO 6BCN42WW(V2.02) 02/08/2013Motherboard: LENOVO INVALIDProcessor: Intel® Core™ i7-3630QM CPU @ 2.40GHzPercentage of memory in use: 28%Total physical RAM: 16334.36 MBAvailable physical RAM: 11645.06 MBTotal Virtual: 18766.36 MBAvailable Virtual: 12743.74 MB ==================== Drives ================================ Drive c: (BOOT-mSata) (Fixed) (Total:118.29 GB) (Free:58.69 GB) NTFSDrive d: (DATA-1TB) (Fixed) (Total:931.39 GB) (Free:931.26 GB) NTFS \?Volumef06fe991-0000-0000-0000-100000000000 (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS\?Volumef06fe991-0000-0000-0000-e0981d000000 () (Fixed) (Total:0.85 GB) (Free:0.31 GB) NTFS ==================== MBR & Partition Table ==================== ==========================================================Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: F06FE991)Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)Partition 2: (Not Active) – (Size=118.3 GB) – (Type=07 NTFS)Partition 3: (Not Active) – (Size=873 MB) – (Type=27) ==========================================================Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================

Edited by Oh My!, Yesterday, 12:19 PM.

Click to rate this post! [Total: 0 Average: 0]