Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't turn OFF proxy settings http=127.0.0.1:8080;https=127.0.0.1:8080


  • Please log in to reply
7 replies to this topic

#1 dnbejays

dnbejays

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 18 April 2018 - 04:52 AM

Hy,

I have a problem with proxy settings on my computer Windows 10 Home. Can't remove proxy settings (ProxyServer: http=127.0.0.1:8080;https=127.0.0.1:8080 and ProxyOverride = <-loopback> from Network settings, probably a troyan virus was after Eset Smart security and cleaned it. The problem was discussed here in forum and my problem is the same as CHUCKMAN as described in the topic below:

 

https://www.bleepingcomputer.com/forums/t/531194/cannot-turn-off-proxy-use/  

 

but the topic is locked. The settings I can change, but it doesn't save here. The solution is only with OTL software. I scaned with OTL and I will copy/paste logs OTL.txt and extras.txt. Could anybody help me pls?!

Attached Files



BC AdBot (Login to Remove)

 


#2 dnbejays

dnbejays
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 18 April 2018 - 04:55 AM

OTL.txt

 

 

OTL logfile created on: 18.04.2018 12:11:46 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\nadia\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000418 | Country: România | Language: ROM | Date Format: dd.MM.yyyy
 
3,85 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 46,37% Memory free
8,35 Gb Paging File | 6,22 Gb Available in Paging File | 74,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 891,64 Gb Total Space | 829,40 Gb Free Space | 93,02% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 16,56 Gb Free Space | 66,25% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-A4POVFE | User Name: nadia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2018.04.18 11:12:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nadia\Desktop\OTL.exe
PRC - [2018.04.05 10:39:33 | 001,570,976 | ---- | M] (Microsoft Corporation) -- C:\Users\nadia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2018.04.03 13:32:22 | 009,949,424 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
PRC - [2018.04.03 13:32:21 | 044,815,512 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\TeamViewer.exe
PRC - [2018.04.03 13:32:21 | 011,293,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2018.04.03 12:12:40 | 000,185,072 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\tv_w32.exe
PRC - [2018.03.02 08:40:24 | 000,068,336 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
PRC - [2018.02.09 18:02:50 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2018.01.01 15:03:39 | 000,650,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2017.05.16 06:15:04 | 000,267,328 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
PRC - [2016.06.01 09:28:54 | 000,320,584 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2016.06.01 09:28:54 | 000,017,992 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2016.03.23 04:06:04 | 001,210,352 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
PRC - [2016.03.22 11:44:38 | 000,666,608 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2018.03.02 08:40:24 | 000,068,336 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe -- (ImControllerService)
SRV:64bit: - [2018.03.02 05:59:44 | 000,956,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:64bit: - [2018.03.01 10:17:39 | 000,519,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:64bit: - [2018.03.01 08:54:52 | 001,296,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2018.03.01 08:47:13 | 000,484,352 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2018.03.01 08:39:06 | 002,222,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2018.02.10 09:06:57 | 000,824,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2018.02.10 09:06:48 | 004,486,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2018.02.10 07:50:14 | 001,313,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:64bit: - [2018.02.10 07:44:46 | 000,208,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2018.02.10 07:44:07 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2018.02.10 07:42:20 | 000,813,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2018.02.10 07:41:59 | 000,820,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2018.02.10 07:40:58 | 001,234,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:64bit: - [2018.02.10 07:38:59 | 001,228,800 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:64bit: - [2018.02.10 07:38:18 | 003,169,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2018.02.10 07:38:09 | 000,699,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2018.02.10 07:37:32 | 000,308,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2018.02.10 07:36:01 | 000,685,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2018.02.10 07:35:01 | 000,667,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2018.01.18 01:05:52 | 000,108,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\osrss.dll -- (osrss)
SRV:64bit: - [2018.01.01 15:46:23 | 000,898,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2018.01.01 14:19:37 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:64bit: - [2018.01.01 14:19:13 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2018.01.01 14:19:02 | 000,795,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:64bit: - [2018.01.01 14:18:39 | 000,588,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2018.01.01 14:18:31 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2018.01.01 14:17:36 | 000,791,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2018.01.01 14:17:32 | 000,555,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2018.01.01 14:15:16 | 001,245,184 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2018.01.01 14:15:08 | 000,951,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2018.01.01 14:12:30 | 002,633,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2018.01.01 14:12:14 | 001,573,376 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2017.12.14 02:39:16 | 000,654,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2017.12.14 02:39:16 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:64bit: - [2017.12.14 02:39:16 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2017.12.14 02:39:16 | 000,227,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:64bit: - [2017.10.10 17:54:14 | 002,648,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Security\ekrn.exe -- (ekrn)
SRV:64bit: - [2017.09.29 16:43:11 | 000,636,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2017.09.29 16:43:11 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2017.09.29 16:42:08 | 001,346,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:64bit: - [2017.09.29 16:42:07 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:64bit: - [2017.09.29 16:42:07 | 000,421,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:64bit: - [2017.09.29 16:42:07 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2017.09.29 16:42:06 | 000,889,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2017.09.29 16:42:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2017.09.29 16:42:05 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2017.09.29 16:42:03 | 000,213,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:64bit: - [2017.09.29 16:42:01 | 000,302,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2017.09.29 16:42:01 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2017.09.29 16:41:58 | 001,288,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2017.09.29 16:41:57 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:64bit: - [2017.09.29 16:41:57 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2017.09.29 16:41:56 | 000,542,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2017.09.29 16:41:47 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2017.09.29 16:41:45 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2017.09.29 16:41:45 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2017.09.29 16:41:44 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2017.09.29 16:41:44 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2017.09.29 16:41:43 | 000,779,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2017.09.29 16:41:43 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_69533)
SRV:64bit: - [2017.09.29 16:41:43 | 000,048,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_69533)
SRV:64bit: - [2017.09.29 16:41:38 | 000,696,320 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:64bit: - [2017.09.29 16:41:38 | 000,194,560 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2017.09.29 16:41:35 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2017.09.29 16:41:33 | 001,345,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2017.09.29 16:41:33 | 000,702,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2017.09.29 16:41:33 | 000,456,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2017.09.29 16:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:64bit: - [2017.09.29 16:41:33 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2017.09.29 16:41:31 | 001,082,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2017.09.29 16:41:31 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2017.09.29 16:41:31 | 000,374,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2017.09.29 16:41:31 | 000,363,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2017.09.29 16:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2017.09.29 16:41:31 | 000,284,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2017.09.29 16:41:31 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2017.09.29 16:41:31 | 000,086,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2017.09.29 16:41:31 | 000,072,704 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2017.09.29 16:41:31 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2017.09.29 16:41:31 | 000,046,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2017.09.29 16:41:31 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2017.09.29 16:41:30 | 000,561,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2017.09.29 16:41:28 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:64bit: - [2017.09.29 16:41:27 | 001,272,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2017.09.29 16:41:27 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:64bit: - [2017.09.29 16:41:27 | 000,059,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xbgmsvc.exe -- (xbgm)
SRV:64bit: - [2017.09.29 16:41:26 | 001,107,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2017.09.29 16:41:26 | 000,696,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2017.09.29 16:41:26 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2017.09.29 16:41:26 | 000,096,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2017.09.29 16:41:26 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2017.09.29 16:41:25 | 001,143,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2017.09.29 16:41:25 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2017.09.29 16:41:25 | 000,059,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2017.09.29 16:41:23 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:64bit: - [2017.09.29 16:41:23 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2017.09.29 16:41:14 | 001,827,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2017.09.29 16:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2017.09.29 16:41:14 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2017.09.29 16:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2017.09.29 16:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2017.09.29 16:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2017.09.29 16:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2017.09.29 16:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2017.09.29 16:41:14 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2017.09.29 16:41:08 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2017.09.29 16:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2017.05.16 06:15:04 | 000,267,328 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
SRV:64bit: - [2016.12.16 06:35:28 | 000,301,536 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHeciSvc.exe -- (cphs)
SRV:64bit: - [2016.12.16 06:35:24 | 000,480,232 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHDCPSvc.exe -- (cplspcon)
SRV:64bit: - [2016.12.16 06:33:48 | 000,341,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:64bit: - [2016.09.02 16:20:36 | 000,133,648 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe -- (TPHKLOAD)
SRV:64bit: - [2016.08.24 18:02:04 | 000,117,264 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2016.06.26 00:57:00 | 000,355,760 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2016.06.01 09:28:54 | 000,017,992 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2018.04.15 10:49:21 | 004,633,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17613.18039-0\NisSrv.exe -- (WdNisSvc)
SRV - [2018.04.15 10:49:20 | 000,104,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17613.18039-0\MsMpEng.exe -- (WinDefend)
SRV - [2018.04.03 13:32:21 | 011,293,936 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2018.02.10 08:08:02 | 003,980,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2018.02.10 07:46:37 | 001,008,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2018.02.10 07:36:38 | 000,915,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2018.02.09 18:02:50 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2018.01.01 15:03:36 | 000,566,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2018.01.01 14:16:35 | 000,966,656 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2017.09.29 16:42:22 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2017.09.29 16:42:11 | 000,516,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017.09.29 16:42:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2017.09.29 16:40:59 | 002,896,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2016.12.16 06:35:28 | 000,301,536 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016.12.16 06:35:24 | 000,480,232 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHDCPSvc.exe -- (cplspcon)
SRV - [2016.12.16 06:33:48 | 000,341,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2016.03.23 04:06:04 | 001,210,352 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe -- (GDCAgent)
SRV - [2016.03.22 11:44:38 | 000,666,608 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe -- (CCSDK)
SRV - [2015.12.02 11:24:58 | 000,042,424 | ---- | M] (Lenovo) [Auto | Running] -- C:\ProgramData\LenovoTransition\Server\x64\ymc.exe -- (ymc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2018.04.15 11:54:16 | 000,015,872 | ---- | M] (ESET) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\eelam.sys -- (eelam)
DRV:64bit: - [2018.04.15 10:49:21 | 000,311,848 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2018.04.15 10:49:21 | 000,060,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2018.04.15 10:49:21 | 000,046,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2018.03.30 15:59:47 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2018.03.01 10:14:45 | 000,147,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2018.03.01 08:51:55 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2018.03.01 08:50:59 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2018.03.01 08:46:03 | 000,770,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2018.02.22 05:10:34 | 000,285,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2018.02.22 05:08:17 | 000,571,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2018.02.22 05:02:49 | 000,149,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2018.02.22 04:54:20 | 000,437,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2018.02.22 04:52:26 | 000,103,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2018.02.22 04:51:38 | 000,045,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2018.02.22 04:51:35 | 000,555,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2018.02.22 04:51:00 | 000,097,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2018.02.22 04:50:42 | 000,229,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2018.02.22 03:31:14 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2018.02.22 03:30:17 | 000,192,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2018.02.10 09:13:19 | 000,373,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2018.02.10 07:49:33 | 000,385,536 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:64bit: - [2018.02.10 07:46:38 | 000,225,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:64bit: - [2018.01.01 15:51:59 | 000,059,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:64bit: - [2018.01.01 15:27:26 | 000,163,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2017.12.14 02:39:16 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2017.12.14 02:39:16 | 000,060,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2017.10.05 09:36:16 | 000,180,088 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2017.09.30 17:36:25 | 000,037,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2017.09.30 17:36:23 | 000,056,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:64bit: - [2017.09.30 17:36:21 | 000,030,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2017.09.29 16:42:05 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2017.09.29 16:42:05 | 000,081,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2017.09.29 16:41:56 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2017.09.29 16:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2017.09.29 16:41:56 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2017.09.29 16:41:51 | 000,240,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2017.09.29 16:41:47 | 000,087,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2017.09.29 16:41:44 | 000,034,200 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2017.09.29 16:41:43 | 000,225,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2017.09.29 16:41:43 | 000,132,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2017.09.29 16:41:43 | 000,055,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2017.09.29 16:41:41 | 001,849,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2017.09.29 16:41:41 | 000,209,304 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2017.09.29 16:41:41 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdnsfltr.sys -- (wdnsfltr)
DRV:64bit: - [2017.09.29 16:41:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2017.09.29 16:41:40 | 000,936,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2017.09.29 16:41:33 | 000,266,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2017.09.29 16:41:33 | 000,154,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2017.09.29 16:41:33 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2017.09.29 16:41:33 | 000,081,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2017.09.29 16:41:33 | 000,079,872 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2017.09.29 16:41:33 | 000,074,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2017.09.29 16:41:33 | 000,071,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2017.09.29 16:41:33 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2017.09.29 16:41:33 | 000,039,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2017.09.29 16:41:33 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2017.09.29 16:41:31 | 000,169,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2017.09.29 16:41:31 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:64bit: - [2017.09.29 16:41:25 | 000,124,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2017.09.29 16:41:25 | 000,073,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2017.09.29 16:41:25 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2017.09.29 16:41:23 | 000,056,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2017.09.29 16:41:23 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2017.09.29 16:41:17 | 000,030,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2017.09.29 16:41:14 | 000,227,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2017.09.29 16:41:14 | 000,127,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2017.09.29 16:41:14 | 000,123,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2017.09.29 16:41:14 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2017.09.29 16:41:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2017.09.29 16:41:14 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2017.09.29 16:41:14 | 000,039,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:64bit: - [2017.09.29 16:41:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2017.09.29 16:41:14 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:64bit: - [2017.09.29 16:41:08 | 000,281,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2017.09.29 16:41:08 | 000,140,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2017.09.29 16:41:08 | 000,107,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2017.09.29 16:41:08 | 000,097,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2017.09.29 16:41:08 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bthl2cap.sys -- (bthl2cap)
DRV:64bit: - [2017.09.29 16:41:08 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:64bit: - [2017.09.29 16:41:08 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2017.09.29 16:41:08 | 000,050,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2017.09.29 16:41:08 | 000,049,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2017.09.29 16:41:08 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2017.09.29 16:41:08 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2017.09.29 16:41:08 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2017.09.29 16:41:08 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2017.09.29 16:41:08 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2017.09.29 16:41:08 | 000,027,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2017.09.29 16:41:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2017.09.29 16:41:08 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2017.09.29 16:41:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2017.09.29 16:41:08 | 000,018,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2017.09.29 16:41:04 | 000,075,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2017.09.29 16:41:04 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2017.09.29 16:41:04 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2017.09.29 16:41:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2017.09.29 16:41:04 | 000,033,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:64bit: - [2017.09.29 16:41:04 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2017.09.29 16:41:04 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2017.09.29 16:41:04 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2017.09.29 16:41:04 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2017.09.29 16:41:03 | 000,674,200 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2017.09.29 16:41:03 | 000,505,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:64bit: - [2017.09.29 16:41:03 | 000,118,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2017.09.29 16:41:03 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:64bit: - [2017.09.29 16:41:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimmn.sys -- (nvdimmn)
DRV:64bit: - [2017.09.29 16:41:03 | 000,079,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2017.09.29 16:41:03 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2017.09.29 16:41:03 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2017.09.29 16:41:03 | 000,055,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:64bit: - [2017.09.29 16:41:03 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vnvdimm.sys -- (vnvdimm)
DRV:64bit: - [2017.09.29 16:41:03 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\invdimm.sys -- (invdimm)
DRV:64bit: - [2017.09.29 16:41:03 | 000,037,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:64bit: - [2017.09.29 16:41:03 | 000,028,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2017.09.29 16:41:03 | 000,015,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2017.09.29 16:41:03 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2017.09.29 16:41:03 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2017.09.29 16:41:02 | 001,723,288 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2017.09.29 16:41:02 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2017.09.29 16:41:02 | 000,842,648 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2017.09.29 16:41:02 | 000,526,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2017.09.29 16:41:02 | 000,357,272 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2017.09.29 16:41:02 | 000,305,560 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2017.09.29 16:41:02 | 000,258,592 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2017.09.29 16:41:02 | 000,123,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2017.09.29 16:41:02 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2017.09.29 16:41:02 | 000,108,952 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2017.09.29 16:41:02 | 000,107,416 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2017.09.29 16:41:02 | 000,103,320 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2017.09.29 16:41:02 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2017.09.29 16:41:02 | 000,082,840 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2017.09.29 16:41:02 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2017.09.29 16:41:02 | 000,063,896 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2017.09.29 16:41:02 | 000,063,520 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2017.09.29 16:41:02 | 000,063,520 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2017.09.29 16:41:02 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2017.09.29 16:41:02 | 000,058,776 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2017.09.29 16:41:02 | 000,032,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2017.09.29 16:41:02 | 000,031,128 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2017.09.29 16:41:02 | 000,027,032 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2017.09.29 16:41:02 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2017.09.29 16:41:02 | 000,009,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2017.09.29 16:41:01 | 003,419,032 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2017.09.29 16:41:01 | 000,533,912 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2017.09.29 16:41:01 | 000,130,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2017.09.29 16:41:01 | 000,103,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:64bit: - [2017.09.29 16:41:01 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2017.09.29 16:41:01 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:64bit: - [2017.09.29 16:40:59 | 002,344,448 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Qcamain10x64.sys -- (Qcamain10x64)
DRV:64bit: - [2017.09.29 16:40:59 | 000,174,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:64bit: - [2017.09.29 16:40:59 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2017.09.29 16:40:59 | 000,118,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2017.09.29 16:40:59 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2017.09.29 16:40:59 | 000,091,648 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2017.09.29 16:40:59 | 000,088,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:64bit: - [2017.09.29 16:40:59 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2017.09.29 16:40:59 | 000,060,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:64bit: - [2017.09.29 16:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2017.09.29 16:40:59 | 000,036,864 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2017.09.14 13:02:22 | 000,102,160 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2017.09.08 11:56:18 | 000,132,848 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2017.05.16 06:14:58 | 000,912,960 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2017.05.07 22:18:16 | 000,337,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2017.04.25 13:19:02 | 000,107,344 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2017.04.25 13:19:02 | 000,078,192 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2017.04.25 13:19:02 | 000,050,752 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ekbdflt.sys -- (ekbdflt)
DRV:64bit: - [2016.12.16 06:33:06 | 011,039,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igdkmd64.sys -- (igfx)
DRV:64bit: - [2016.10.26 20:47:34 | 000,051,304 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2016.10.07 08:25:26 | 000,822,248 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2016.06.26 00:57:00 | 000,610,656 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2016.06.01 12:36:16 | 003,119,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2016.06.01 09:28:54 | 000,791,560 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2016.04.21 04:45:18 | 000,936,192 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:64bit: - [2016.04.14 12:37:54 | 000,202,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:64bit: - [2015.07.29 14:20:50 | 000,042,328 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2014.08.08 19:31:10 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ptun0901.sys -- (ptun0901)
DRV:64bit: - [2012.06.14 03:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV - [2017.09.29 16:40:59 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys -- (CompositeBus)
DRV - [2016.12.16 06:33:06 | 011,039,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igdkmd64.sys -- (igfx)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.lenovo.com [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 80 14 F6 D0 50 D6 D3 01  [binary data]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A303EBF2-9F8F-49C4-83BD-33F26237AF73}
IE:64bit: - HKLM\..\SearchScopes\{A303EBF2-9F8F-49C4-83BD-33F26237AF73}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A303EBF2-9F8F-49C4-83BD-33F26237AF73}
IE - HKLM\..\SearchScopes\{A303EBF2-9F8F-49C4-83BD-33F26237AF73}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 32 C5 06 D1 50 D6 D3 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2018.04.18 11:39:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Security\ecmds.exe (ESET)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LenovoUtility] C:\Program Files\Lenovo\LenovoUtility\utility.exe ()
O4:64bit: - HKLM..\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVBg_LENOVO_MICPKEY] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKCU..\Run: [OneDrive] C:\Users\nadia\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: eset.com ([help] http in Trusted sites)
O15 - HKLM\..Trusted Domains: eset.com ([help] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.231.252.1 213.154.124.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{cc2a6281-6348-48b6-9ef8-b4b68c33af8d}: DhcpNameServer = 193.231.252.1 213.154.124.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2018.04.18 11:15:43 | 000,000,000 | ---D | C] -- C:\RegBackup
[2018.04.18 11:15:21 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2018.04.18 11:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2018.04.18 11:11:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nadia\Desktop\OTL.exe
[2018.04.18 11:05:42 | 005,766,144 | ---- | C] (Tweaking.com) -- C:\Users\nadia\Desktop\tweaking.com_registry_backup_setup.exe
[2018.04.17 17:03:52 | 007,256,272 | ---- | C] (Malwarebytes) -- C:\Users\nadia\Desktop\AdwCleaner.exe
[2018.04.17 17:00:19 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\SysNative\drivers\01898893.sys
[2018.04.17 16:23:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2018.04.17 10:39:49 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\PrimoPDF
[2018.04.17 10:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
[2018.04.17 10:36:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
[2018.04.17 09:33:07 | 000,000,000 | ---D | C] -- C:\Users\nadia\Documents\Custom Office Templates
[2018.04.15 12:05:32 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\ESET
[2018.04.15 11:42:26 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\ESET
[2018.04.15 11:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2018.04.15 11:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2018.04.15 11:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2018.04.15 11:31:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2018.04.15 10:49:22 | 000,311,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2018.04.15 10:49:22 | 000,060,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2018.04.15 10:49:22 | 000,046,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2018.04.15 10:26:02 | 000,000,000 | -H-D | C] -- C:\$SysReset
[2018.04.15 08:25:12 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Diagnostics
[2018.04.09 13:41:05 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\DBG
[2018.04.07 20:11:55 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\0D18C730-26DB-4215-7C40-35DF906FD1A6
[2018.04.05 20:03:20 | 000,000,000 | ---D | C] -- C:\Users\nadia\Desktop\poze
[2018.04.05 18:21:13 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\PlaceholderTileLogoFolder
[2018.04.05 11:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2018.04.05 11:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2018.04.05 11:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2018.04.05 11:01:34 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Adobe
[2018.04.02 17:41:27 | 000,835,064 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2018.04.02 17:41:27 | 000,179,704 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2018.04.02 10:35:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\wd
[2018.04.02 10:16:41 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dusmsvc.dll
[2018.04.02 10:16:40 | 002,633,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2018.04.02 10:16:39 | 017,085,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2018.04.02 10:16:36 | 017,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2018.04.02 10:16:36 | 007,384,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2018.04.02 10:16:36 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcSpecfc.dll
[2018.04.02 10:16:36 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2018.04.02 10:16:35 | 013,704,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2018.04.02 10:16:35 | 002,393,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll
[2018.04.02 10:16:35 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2018.04.02 10:16:34 | 006,480,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2018.04.02 10:16:34 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2018.04.02 10:16:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCShellCommonProxyStub.dll
[2018.04.02 10:16:33 | 018,922,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2018.04.02 10:16:32 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2018.04.02 10:16:32 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2018.04.02 10:16:32 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2018.04.02 10:16:32 | 000,437,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2018.04.02 10:16:32 | 000,187,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2018.04.02 10:16:30 | 002,902,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2018.04.02 10:16:30 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2018.04.02 10:16:30 | 000,662,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\evr.dll
[2018.04.02 10:16:30 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2018.04.02 10:16:29 | 001,954,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2018.04.02 10:16:29 | 000,555,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2018.04.02 10:16:29 | 000,471,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2018.04.02 10:16:29 | 000,373,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2018.04.02 10:16:29 | 000,285,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2018.04.02 10:16:29 | 000,149,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2018.04.02 10:16:29 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcSpecfc.dll
[2018.04.02 10:16:28 | 000,045,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storufs.sys
[2018.04.02 10:16:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys
[2018.04.02 10:16:27 | 000,147,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2018.04.02 10:16:27 | 000,129,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2018.04.02 10:16:26 | 006,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2018.04.02 10:16:26 | 004,745,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2018.04.02 10:16:26 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2018.04.02 10:16:25 | 004,249,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2018.04.02 10:16:25 | 001,149,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2018.04.02 10:16:25 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2018.04.02 10:16:25 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\evr.dll
[2018.04.02 10:16:25 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2018.04.02 10:16:25 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FSClient.dll
[2018.04.02 10:16:24 | 003,010,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2018.04.02 10:16:24 | 002,464,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2018.04.02 10:16:24 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2018.04.02 10:16:24 | 000,603,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2018.04.02 10:16:24 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2018.04.02 10:16:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UcmUcsi.sys
[2018.04.02 10:16:23 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2018.04.02 10:16:23 | 001,498,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll
[2018.04.02 10:16:23 | 000,739,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2018.04.02 10:16:22 | 008,602,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2018.04.02 10:16:22 | 003,664,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2018.04.02 10:16:22 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll
[2018.04.02 10:16:21 | 008,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2018.04.02 10:16:21 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2018.04.02 10:16:21 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2018.04.02 10:16:19 | 001,558,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2018.04.02 10:16:19 | 001,055,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2018.04.02 10:16:19 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2018.04.02 10:16:18 | 012,687,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2018.04.02 10:16:18 | 006,014,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2018.04.02 10:16:18 | 001,426,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2018.04.02 10:16:18 | 001,254,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2018.04.02 10:16:17 | 004,670,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2018.04.02 10:16:17 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2018.04.02 10:16:17 | 001,524,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2018.04.02 10:16:17 | 001,057,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2018.04.02 10:16:17 | 000,571,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2018.04.02 10:16:17 | 000,559,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2018.04.02 10:16:17 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2018.04.02 10:16:16 | 007,831,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2018.04.02 10:16:16 | 001,170,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2018.04.02 10:16:15 | 000,813,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2018.04.02 10:16:15 | 000,615,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2018.04.02 10:16:15 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2018.04.02 10:16:14 | 002,857,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2018.04.02 10:16:14 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2018.04.02 10:16:13 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2018.04.02 10:16:13 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2018.04.02 10:16:09 | 013,657,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2018.04.02 10:16:09 | 001,694,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2018.04.02 10:16:09 | 001,206,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2018.04.02 10:16:08 | 006,791,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2018.04.02 10:16:08 | 004,815,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2018.04.02 10:16:07 | 025,251,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2018.04.02 10:16:07 | 004,506,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2018.04.02 10:16:07 | 001,779,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2018.04.02 10:16:07 | 001,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2018.04.02 10:16:05 | 001,167,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2018.04.02 10:16:05 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicExtensions.dll
[2018.04.02 10:16:05 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2018.04.02 10:16:05 | 000,404,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2018.04.02 10:16:05 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2018.04.02 10:16:04 | 005,905,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2018.04.02 10:16:04 | 004,384,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2018.04.02 10:16:04 | 002,976,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2018.04.02 10:16:04 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2018.04.02 10:16:03 | 007,675,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2018.04.02 10:16:03 | 006,466,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2018.04.02 10:16:03 | 003,485,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2018.04.02 10:16:03 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2018.04.02 10:16:03 | 000,264,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2018.04.02 10:16:02 | 004,772,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2018.04.02 10:16:02 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2018.04.02 10:16:01 | 007,545,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2018.04.02 10:16:01 | 003,904,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2018.04.02 10:16:01 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2018.04.02 10:16:01 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2018.04.02 10:16:01 | 000,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2018.04.02 10:16:00 | 006,092,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2018.04.02 10:15:52 | 001,296,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2018.04.02 10:15:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2018.04.02 10:15:51 | 000,374,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vac.exe
[2018.04.02 10:15:43 | 003,578,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2018.04.02 10:15:42 | 003,169,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2018.04.02 10:15:42 | 002,859,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2018.04.02 10:15:42 | 002,209,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2018.04.02 10:15:42 | 001,495,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2018.04.02 10:15:42 | 000,570,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2018.04.02 10:15:40 | 004,592,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2018.04.02 10:15:40 | 001,425,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2018.04.02 10:15:38 | 003,121,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Profiles.Gatt.dll
[2018.04.02 10:15:34 | 002,447,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2018.04.02 10:15:33 | 002,338,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2018.04.02 10:15:32 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2018.04.02 10:15:32 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2018.04.02 10:15:32 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2018.04.02 10:15:32 | 000,705,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2018.04.02 10:15:32 | 000,525,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2018.04.02 10:15:31 | 001,568,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2018.04.02 10:15:31 | 000,749,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2018.04.02 10:15:31 | 000,664,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2018.04.02 10:15:31 | 000,270,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2018.04.02 10:15:30 | 004,959,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtmpltfm.dll
[2018.04.02 10:15:30 | 004,113,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2018.04.02 10:15:29 | 008,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2018.04.02 10:15:29 | 002,741,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2018.04.02 10:15:28 | 004,486,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2018.04.02 10:15:28 | 003,405,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2018.04.02 10:15:27 | 001,619,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2018.04.02 10:15:27 | 001,313,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2018.04.02 10:15:27 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2018.04.02 10:15:26 | 004,498,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2018.04.02 10:15:25 | 001,145,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ucrtbase.dll
[2018.04.02 10:15:24 | 003,980,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2018.04.02 10:15:24 | 002,677,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2018.04.02 10:15:24 | 002,184,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2018.04.02 10:15:24 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2018.04.02 10:15:23 | 002,983,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmcndmgr.dll
[2018.04.02 10:15:23 | 000,780,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2018.04.02 10:15:23 | 000,749,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2018.04.02 10:15:22 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2018.04.02 10:15:22 | 002,406,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2018.04.02 10:15:22 | 001,002,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase.dll
[2018.04.02 10:15:22 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2018.04.02 10:15:22 | 000,711,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2018.04.02 10:15:21 | 005,195,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2018.04.02 10:15:21 | 001,353,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2018.04.02 10:15:21 | 001,230,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2018.04.02 10:15:21 | 000,650,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2018.04.02 10:15:21 | 000,592,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2018.04.02 10:15:21 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2018.04.02 10:15:20 | 003,125,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2018.04.02 10:15:20 | 001,759,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2018.04.02 10:15:20 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2018.04.02 10:15:20 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2018.04.02 10:15:20 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2018.04.02 10:15:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2018.04.02 10:15:19 | 002,890,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2018.04.02 10:15:19 | 002,427,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmcndmgr.dll
[2018.04.02 10:15:18 | 001,669,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2018.04.02 10:15:18 | 001,415,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2018.04.02 10:15:18 | 001,209,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2018.04.02 10:15:18 | 000,609,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2018.04.02 10:15:18 | 000,138,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompatTelRunner.exe
[2018.04.02 10:15:17 | 006,575,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2018.04.02 10:15:17 | 001,936,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2018.04.02 10:15:17 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2018.04.02 10:15:17 | 000,436,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2018.04.02 10:15:17 | 000,354,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2018.04.02 10:15:16 | 002,255,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2018.04.02 10:15:16 | 001,416,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3D12.dll
[2018.04.02 10:15:16 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2018.04.02 10:15:16 | 000,614,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2018.04.02 10:15:16 | 000,519,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2018.04.02 10:15:15 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2018.04.02 10:15:15 | 002,349,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2018.04.02 10:15:15 | 001,002,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2018.04.02 10:15:15 | 000,527,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2018.04.02 10:15:14 | 003,903,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtmpltfm.dll
[2018.04.02 10:15:13 | 001,488,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe
[2018.04.02 10:15:13 | 001,343,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifinetworkmanager.dll
[2018.04.02 10:15:13 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2018.04.02 10:15:12 | 001,573,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataService.dll
[2018.04.02 10:15:12 | 001,123,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3D12.dll
[2018.04.02 10:15:12 | 000,939,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2018.04.02 10:15:12 | 000,722,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2018.04.02 10:15:12 | 000,319,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2018.04.02 10:15:11 | 002,222,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2018.04.02 10:15:11 | 000,943,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.BackgroundMediaPlayback.dll
[2018.04.02 10:15:11 | 000,837,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2018.04.02 10:15:10 | 001,384,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVP9DEC.dll
[2018.04.02 10:15:10 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.MediaPlayer.dll
[2018.04.02 10:15:10 | 000,898,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2018.04.02 10:15:10 | 000,594,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2018.04.02 10:15:10 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2018.04.02 10:15:10 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FSClient.dll
[2018.04.02 10:15:09 | 001,234,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtmpal.dll
[2018.04.02 10:15:09 | 001,029,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efscore.dll
[2018.04.02 10:15:09 | 000,885,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2018.04.02 10:15:09 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2018.04.02 10:15:09 | 000,695,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2018.04.02 10:15:09 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2018.04.02 10:15:09 | 000,246,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2018.04.02 10:15:08 | 001,133,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVP9DEC.dll
[2018.04.02 10:15:08 | 000,699,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2018.04.02 10:15:08 | 000,687,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2018.04.02 10:15:07 | 001,250,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2018.04.02 10:15:07 | 000,849,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2018.04.02 10:15:07 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2018.04.02 10:15:07 | 000,048,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2018.04.02 10:15:06 | 001,474,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2018.04.02 10:15:06 | 001,313,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2018.04.02 10:15:06 | 000,824,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2018.04.02 10:15:06 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2018.04.02 10:15:06 | 000,273,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2018.04.02 10:15:05 | 001,597,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2018.04.02 10:15:05 | 001,234,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SEMgrSvc.dll
[2018.04.02 10:15:05 | 000,939,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2018.04.02 10:15:05 | 000,461,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcntel.dll
[2018.04.02 10:15:05 | 000,070,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32appinventorycsp.dll
[2018.04.02 10:15:04 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2018.04.02 10:15:04 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.MediaPlayer.dll
[2018.04.02 10:15:04 | 000,389,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2018.04.02 10:15:03 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2018.04.02 10:15:03 | 001,336,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2018.04.02 10:15:03 | 001,193,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2018.04.02 10:15:03 | 001,002,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtmcodecs.dll
[2018.04.02 10:15:03 | 000,688,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2018.04.02 10:15:03 | 000,621,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.BackgroundMediaPlayback.dll
[2018.04.02 10:15:03 | 000,213,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aepic.dll
[2018.04.02 10:15:02 | 001,430,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2018.04.02 10:15:02 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2018.04.02 10:15:02 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2018.04.02 10:15:02 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2018.04.02 10:15:02 | 000,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2018.04.02 10:15:01 | 004,839,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2018.04.02 10:15:01 | 001,657,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2018.04.02 10:15:01 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Vpn.dll
[2018.04.02 10:15:01 | 001,166,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2018.04.02 10:15:01 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2018.04.02 10:15:00 | 002,523,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2018.04.02 10:15:00 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll
[2018.04.02 10:15:00 | 000,543,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2018.04.02 10:15:00 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2018.04.02 10:14:59 | 002,514,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2018.04.02 10:14:59 | 000,792,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2018.04.02 10:14:59 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2018.04.02 10:14:59 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2018.04.02 10:14:59 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2018.04.02 10:14:58 | 001,245,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2018.04.02 10:14:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2018.04.02 10:14:58 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2018.04.02 10:14:58 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2018.04.02 10:14:58 | 000,382,360 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2018.04.02 10:14:57 | 002,413,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2018.04.02 10:14:56 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2018.04.02 10:14:56 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2018.04.02 10:14:56 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2018.04.02 10:14:56 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll
[2018.04.02 10:14:56 | 000,339,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkBindingEngineMigPlugin.dll
[2018.04.02 10:14:56 | 000,059,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bam.sys
[2018.04.02 10:14:55 | 002,003,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2018.04.02 10:14:55 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2018.04.02 10:14:55 | 000,422,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2018.04.02 10:14:55 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupSvc.dll
[2018.04.02 10:14:55 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2018.04.02 10:14:54 | 003,287,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncCenter.dll
[2018.04.02 10:14:54 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2018.04.02 10:14:54 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2018.04.02 10:14:54 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2018.04.02 10:14:54 | 000,699,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2018.04.02 10:14:54 | 000,535,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2018.04.02 10:14:54 | 000,461,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifitask.exe
[2018.04.02 10:14:54 | 000,311,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2018.04.02 10:14:53 | 000,756,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2018.04.02 10:14:53 | 000,755,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl
[2018.04.02 10:14:53 | 000,654,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditionUpgradeManagerObj.dll
[2018.04.02 10:14:53 | 000,628,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp_win.dll
[2018.04.02 10:14:53 | 000,542,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2018.04.02 10:14:53 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2018.04.02 10:14:53 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDec.dll
[2018.04.02 10:14:53 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2018.04.02 10:14:52 | 001,173,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2018.04.02 10:14:52 | 001,092,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2018.04.02 10:14:52 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2018.04.02 10:14:52 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2018.04.02 10:14:52 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2018.04.02 10:14:52 | 000,524,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2018.04.02 10:14:52 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2018.04.02 10:14:52 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2018.04.02 10:14:51 | 006,722,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe
[2018.04.02 10:14:51 | 000,820,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netlogon.dll
[2018.04.02 10:14:51 | 000,718,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingWinRT.dll
[2018.04.02 10:14:51 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2018.04.02 10:14:50 | 004,537,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2018.04.02 10:14:50 | 004,050,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2018.04.02 10:14:50 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2018.04.02 10:14:50 | 000,706,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeManagerObj.dll
[2018.04.02 10:14:50 | 000,599,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2018.04.02 10:14:50 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2018.04.02 10:14:50 | 000,551,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2018.04.02 10:14:49 | 001,661,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2018.04.02 10:14:49 | 000,924,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2018.04.02 10:14:49 | 000,849,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingWinRT.dll
[2018.04.02 10:14:49 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2018.04.02 10:14:49 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2018.04.02 10:14:48 | 000,921,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtmpal.dll
[2018.04.02 10:14:48 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2018.04.02 10:14:48 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sud.dll
[2018.04.02 10:14:48 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe
[2018.04.02 10:14:48 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreCommonProxyStub.dll
[2018.04.02 10:14:47 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2018.04.02 10:14:47 | 000,624,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2018.04.02 10:14:47 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.BackgroundMediaPlayer.dll
[2018.04.02 10:14:47 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Payments.dll
[2018.04.02 10:14:46 | 005,105,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthFWSnapin.dll
[2018.04.02 10:14:46 | 005,105,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthFWSnapin.dll
[2018.04.02 10:14:46 | 002,082,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2018.04.02 10:14:46 | 001,470,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2018.04.02 10:14:46 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hgcpl.dll
[2018.04.02 10:14:46 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2018.04.02 10:14:46 | 000,479,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ucrtbase_enclave.dll
[2018.04.02 10:14:46 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\APHostService.dll
[2018.04.02 10:14:46 | 000,193,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsensorgroup.dll
[2018.04.02 10:14:45 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DbgModel.dll
[2018.04.02 10:14:45 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sud.dll
[2018.04.02 10:14:45 | 000,491,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2018.04.02 10:14:45 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2018.04.02 10:14:45 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2018.04.02 10:14:45 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboutSettingsHandlers.dll
[2018.04.02 10:14:45 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tetheringservice.dll
[2018.04.02 10:14:44 | 002,013,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2018.04.02 10:14:44 | 000,649,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\advapi32.dll
[2018.04.02 10:14:44 | 000,505,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp_win.dll
[2018.04.02 10:14:44 | 000,484,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2018.04.02 10:14:44 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVSENCD.DLL
[2018.04.02 10:14:44 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EncDec.dll
[2018.04.02 10:14:44 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MicrosoftAccountWAMExtension.dll
[2018.04.02 10:14:44 | 000,096,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbrand.dll
[2018.04.02 10:14:43 | 005,500,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2018.04.02 10:14:43 | 003,367,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2018.04.02 10:14:43 | 001,282,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVPXENC.dll
[2018.04.02 10:14:43 | 001,097,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpbase.dll
[2018.04.02 10:14:43 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2018.04.02 10:14:43 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edputil.dll
[2018.04.02 10:14:43 | 000,083,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winbrand.dll
[2018.04.02 10:14:42 | 000,710,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2018.04.02 10:14:42 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_User.dll
[2018.04.02 10:14:42 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2018.04.02 10:14:42 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVSENCD.DLL
[2018.04.02 10:14:42 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2018.04.02 10:14:42 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2018.04.02 10:14:42 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2018.04.02 10:14:42 | 000,163,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2018.04.02 10:14:41 | 001,664,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2018.04.02 10:14:41 | 000,854,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtmcodecs.dll
[2018.04.02 10:14:41 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2018.04.02 10:14:41 | 000,398,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2018.04.02 10:14:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edputil.dll
[2018.04.02 10:14:41 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2018.04.02 10:14:40 | 000,795,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NaturalAuth.dll
[2018.04.02 10:14:40 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncController.dll
[2018.04.02 10:14:40 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2018.04.02 10:14:40 | 000,212,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2018.04.02 10:14:40 | 000,074,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2018.04.02 10:14:38 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcomapi.dll
[2018.04.02 10:14:38 | 000,260,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2018.04.02 10:14:37 | 000,568,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msra.exe
[2018.04.02 10:14:37 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PsmServiceExtHost.dll
[2018.04.02 10:14:37 | 000,408,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2018.04.02 10:14:37 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\shsetup.dll
[2018.04.02 10:14:36 | 000,566,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2018.04.02 10:14:36 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2018.04.02 10:14:36 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\P2P.dll
[2018.04.02 10:14:36 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreCommonProxyStub.dll
[2018.04.02 10:14:36 | 000,191,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2018.04.02 10:14:36 | 000,129,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2018.04.02 10:14:36 | 000,098,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FsIso.exe
[2018.04.02 10:14:36 | 000,097,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2018.04.02 10:14:35 | 001,286,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVPXENC.dll
[2018.04.02 10:14:35 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2018.04.02 10:14:35 | 000,413,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2018.04.02 10:14:35 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Payments.dll
[2018.04.02 10:14:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shsetup.dll
[2018.04.02 10:14:34 | 002,814,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themeui.dll
[2018.04.02 10:14:34 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpbase.dll
[2018.04.02 10:14:34 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2018.04.02 10:14:34 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2018.04.02 10:14:34 | 000,189,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2018.04.02 10:14:34 | 000,154,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2018.04.02 10:14:34 | 000,098,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceReactivation.dll
[2018.04.02 10:14:33 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2018.04.02 10:14:33 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmcbase.dll
[2018.04.02 10:14:33 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Feedback.Analog.dll
[2018.04.02 10:14:33 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2018.04.02 10:14:33 | 000,123,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2018.04.02 10:14:33 | 000,087,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2018.04.02 10:14:33 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys
[2018.04.02 10:14:33 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshhttp.dll
[2018.04.02 10:14:33 | 000,035,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceCensus.exe
[2018.04.02 10:14:32 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\timedate.cpl
[2018.04.02 10:14:32 | 000,356,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2018.04.02 10:14:32 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MicrosoftAccountWAMExtension.dll
[2018.04.02 10:14:32 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2018.04.02 10:14:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wificonnapi.dll
[2018.04.02 10:14:32 | 000,103,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2018.04.02 10:14:32 | 000,100,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2018.04.02 10:14:32 | 000,089,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2018.04.02 10:14:32 | 000,077,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2018.04.02 10:14:31 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll
[2018.04.02 10:14:31 | 000,128,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinelsa.dll
[2018.04.02 10:14:31 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2018.04.02 10:14:31 | 000,070,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2018.04.02 10:14:31 | 000,061,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2018.04.02 10:14:31 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2018.04.02 10:14:30 | 000,250,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2018.04.02 10:14:30 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2018.04.02 10:14:29 | 000,574,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2018.04.02 10:14:28 | 000,791,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneService.dll
[2018.04.02 10:14:28 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2018.04.02 10:14:28 | 000,617,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2018.04.02 10:14:28 | 000,504,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2018.04.02 10:14:28 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2018.04.02 10:14:28 | 000,221,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinesam.dll
[2018.04.02 10:14:28 | 000,115,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinelsa.dll
[2018.04.02 10:14:27 | 000,892,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ortcengine.dll
[2018.04.02 10:14:27 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedPCCSP.dll
[2018.04.02 10:14:27 | 000,075,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2018.04.02 10:14:26 | 000,649,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ortcengine.dll
[2018.04.02 10:14:26 | 000,386,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2018.04.02 10:14:26 | 000,229,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2018.04.02 10:14:26 | 000,194,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ataport.sys
[2018.04.02 10:14:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2018.04.02 10:14:26 | 000,077,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudNotifications.exe
[2018.04.02 10:14:26 | 000,065,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtmmvrortc.dll
[2018.04.02 10:14:26 | 000,054,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtmmvrortc.dll
[2018.04.02 10:14:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshhttp.dll
[2018.04.02 10:14:26 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2018.04.02 10:14:25 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2018.04.02 10:14:25 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2018.04.02 10:14:25 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2018.04.02 10:14:25 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll
[2018.04.02 10:14:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2018.04.02 10:14:25 | 000,093,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2018.04.02 10:14:25 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2018.04.02 10:14:25 | 000,079,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceReactivation.dll
[2018.04.02 10:14:25 | 000,066,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2018.04.02 10:14:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCShellCommonProxyStub.dll
[2018.04.02 10:14:24 | 000,549,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2018.04.02 10:14:24 | 000,450,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2018.04.02 10:14:24 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2018.04.02 10:14:24 | 000,367,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2018.04.02 10:14:24 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserexport.exe
[2018.04.02 10:14:24 | 000,292,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2018.04.02 10:14:24 | 000,289,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2018.04.02 10:14:24 | 000,258,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2018.04.02 10:14:24 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2018.04.02 10:14:24 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FontProvider.dll
[2018.04.02 10:14:24 | 000,081,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys
[2018.04.02 10:14:24 | 000,038,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys
[2018.04.02 10:14:23 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themeui.dll
[2018.04.02 10:14:23 | 002,490,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\themecpl.dll
[2018.04.02 10:14:23 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authz.dll
[2018.04.02 10:14:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svf.dll
[2018.04.02 10:14:23 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2018.04.02 10:14:23 | 000,113,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2018.04.02 10:14:23 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cldapi.dll
[2018.04.02 10:14:22 | 005,388,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2018.04.02 10:14:22 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srchadmin.dll
[2018.04.02 10:14:22 | 000,340,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2018.04.02 10:14:22 | 000,311,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeveloperOptionsSettingsHandlers.dll
[2018.04.02 10:14:22 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloShellRuntime.dll
[2018.04.02 10:14:22 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2018.04.02 10:14:22 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cldapi.dll
[2018.04.02 10:14:21 | 003,756,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bootux.dll
[2018.04.02 10:14:21 | 000,940,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Vpn.dll
[2018.04.02 10:14:21 | 000,748,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2018.04.02 10:14:21 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmrdvcore.dll
[2018.04.02 10:14:21 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2018.04.02 10:14:21 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2018.04.02 10:14:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcnfs.sys
[2018.04.02 10:14:21 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\regsvr32.exe
[2018.04.02 10:14:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\regsvr32.exe
[2018.04.02 10:14:20 | 000,965,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontext.dll
[2018.04.02 10:14:20 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2018.04.02 10:14:20 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2018.04.02 10:14:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2018.04.02 10:14:20 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setup16.exe
[2018.04.02 10:14:18 | 001,485,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2018.04.02 10:14:18 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll
[2018.04.02 10:14:17 | 000,908,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontext.dll
[2018.04.02 10:14:14 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2018.04.02 10:14:14 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2018.04.02 10:14:14 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2018.04.02 10:14:14 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\P2P.dll
[2018.04.02 10:14:13 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll
[2018.04.02 10:14:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msoert2.dll
[2018.04.02 10:14:13 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2018.04.02 10:14:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2018.04.02 10:14:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2018.04.02 10:14:12 | 000,421,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2018.04.02 10:14:12 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2018.04.02 10:14:12 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twext.dll
[2018.04.02 10:14:11 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll
[2018.04.02 10:14:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2018.04.02 10:14:10 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkDesktopSettings.dll
[2018.04.02 10:14:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpstorport.sys
[2018.04.02 10:14:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscproxystub.dll
[2018.04.02 10:14:09 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winsku.dll
[2018.04.02 10:14:09 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PimIndexMaintenance.dll
[2018.04.02 10:14:09 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockScreenContent.dll
[2018.04.02 10:14:08 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rshx32.dll
[2018.04.02 10:14:08 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmclr.sys
[2018.04.02 10:14:06 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hgcpl.dll
[2018.04.02 10:14:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe
[2018.04.02 10:14:06 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RfxVmt.sys
[2018.04.02 10:14:05 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HeadTrackerStorage.dll
[2018.04.02 10:14:05 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sendmail.dll
[2018.04.02 10:14:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2018.04.02 10:14:03 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2018.04.02 10:14:03 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
[2018.04.02 10:14:03 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IdCtrls.dll
[2018.04.02 10:14:03 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2018.04.02 10:14:02 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2018.04.02 10:14:02 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2018.04.02 10:14:02 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\timedate.cpl
[2018.04.02 10:14:02 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2018.04.02 10:14:02 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeHelper.dll
[2018.04.02 10:14:02 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2018.04.02 10:14:02 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscproxystub.dll
[2018.04.02 10:14:01 | 002,462,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\themecpl.dll
[2018.04.02 10:14:01 | 000,966,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Unistore.dll
[2018.04.02 10:14:01 | 000,301,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmcbase.dll
[2018.04.02 10:14:01 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2018.04.02 10:14:01 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2018.04.02 10:14:01 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twext.dll
[2018.04.02 10:14:01 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\racpldlg.dll
[2018.04.02 10:14:01 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Playback.ProxyStub.dll
[2018.04.02 10:14:01 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Playback.ProxyStub.dll
[2018.04.02 10:14:00 | 006,532,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2018.04.02 10:14:00 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2018.04.02 10:14:00 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fwpolicyiomgr.dll
[2018.04.02 10:14:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EnterpriseAppMgmtClient.dll
[2018.04.02 10:13:59 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SmsRouterSvc.dll
[2018.04.02 10:13:59 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srchadmin.dll
[2018.04.02 10:13:59 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsku.dll
[2018.04.02 10:13:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2018.04.02 10:13:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2018.04.02 10:13:59 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2018.04.02 10:13:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2018.04.02 10:13:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2018.04.02 10:13:59 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2018.04.02 10:13:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2018.04.02 10:13:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2018.04.02 10:13:59 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmApplicationHealthMonitorProxy.dll
[2018.04.02 10:13:58 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditionUpgradeHelper.dll
[2018.04.02 10:13:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2018.04.02 10:13:58 | 000,038,912 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2018.04.02 10:13:57 | 000,047,104 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2018.04.02 10:13:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msisip.dll
[2018.04.02 10:13:57 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msisip.dll
[2018.04.02 10:13:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\user.exe
[2018.04.02 10:13:22 | 000,000,000 | ---D | C] -- C:\Users\nadia\Documents\Outlook Files
[2018.04.02 09:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2018.04.02 09:54:15 | 000,000,000 | -H-D | C] -- C:\Users\nadia\MicrosoftEdgeBackups
[2018.04.02 09:52:45 | 000,000,000 | R--D | C] -- C:\Users\nadia\3D Objects
[2018.04.02 09:51:14 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\ConnectedDevicesPlatform
[2018.03.31 23:21:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2018.03.31 23:20:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2018.03.31 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2018.03.31 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2018.03.31 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2018.03.31 23:11:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2018.03.31 23:11:21 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2018.03.31 23:11:21 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2018.03.31 23:11:21 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2018.03.31 23:11:19 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2018.03.31 23:11:19 | 000,124,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2018.03.31 23:11:19 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2018.03.31 23:07:29 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2018.03.31 23:07:29 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2018.03.31 23:07:29 | 000,417,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2018.03.31 23:07:29 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2018.03.31 23:07:29 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifiprofilessettinghandler.dll
[2018.03.31 23:07:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2018.03.31 23:07:29 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2018.03.31 23:07:29 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrowserSettingSync.dll
[2018.03.31 23:07:29 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BrowserSettingSync.dll
[2018.03.31 23:07:29 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2018.03.31 22:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2018.03.31 22:36:16 | 000,000,000 | --SD | C] -- C:\Users\nadia\AppData\Roaming\Microsoft
[2018.03.31 22:36:16 | 000,000,000 | R--D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2018.03.31 22:36:16 | 000,000,000 | R--D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2018.03.31 22:36:16 | 000,000,000 | R--D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2018.03.31 22:36:16 | 000,000,000 | R--D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2018.03.31 22:36:16 | 000,000,000 | -H-D | C] -- C:\Users\nadia\AppData
[2018.03.31 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Temp
[2018.03.31 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Microsoft
[2018.03.31 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2018.03.31 22:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Atheros
[2018.03.31 22:31:10 | 002,241,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2018.03.31 22:30:58 | 000,113,680 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2018.03.31 22:30:58 | 000,104,464 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2018.03.31 22:29:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Firmware
[2018.03.31 22:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2018.03.31 22:28:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2018.03.31 20:26:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2018.03.30 18:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
[2018.03.30 18:15:22 | 000,090,112 | ---- | C] (Vestris Inc.) -- C:\WINDOWS\SysNative\Vestris.ResourceLib.dll
[2018.03.30 18:10:16 | 000,000,000 | ---D | C] -- C:\ProgramData\KMSAutoS
[2018.03.30 17:39:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
[2018.03.30 17:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2018.03.30 17:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2018.03.30 17:38:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2018.03.30 17:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2018.03.30 17:36:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2018.03.30 17:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2018.03.30 17:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2018.03.30 17:36:21 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Microsoft Help
[2018.03.30 17:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2018.03.30 17:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2018.03.30 17:36:14 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2018.03.30 17:19:06 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\PowerISO
[2018.03.30 16:43:28 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\uTorrent
[2018.03.30 16:27:50 | 000,000,000 | -H-D | C] -- C:\$GetCurrent
[2018.03.30 16:27:42 | 000,000,000 | ---D | C] -- C:\Windows10Upgrade
[2018.03.30 16:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\UpdateAssistant
[2018.03.30 15:59:47 | 000,270,912 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2018.03.30 15:47:21 | 000,000,000 | ---D | C] -- C:\Program Files\KMSpico
[2018.03.30 15:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2018.03.30 15:46:58 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Programs
[2018.03.30 15:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2018.03.30 15:41:36 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\CEF
[2018.03.30 15:28:27 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\OfficeBSCache-MyComputer
[2018.03.30 15:11:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2018.03.30 15:11:39 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Google
[2018.03.30 15:10:27 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2018.03.29 11:54:27 | 000,000,000 | ---D | C] -- C:\Users\nadia\Documents\acte din descarcari
[2018.03.29 10:39:09 | 000,000,000 | ---D | C] -- C:\Users\nadia\Documents\acte diverse
[2018.03.28 23:34:42 | 000,027,136 | ---- | C] (The OpenVPN Project) -- C:\WINDOWS\SysNative\drivers\ptun0901.sys
[2018.03.28 23:32:27 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\MSfree Inc
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin
[2018.03.28 22:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Data
[2018.03.28 22:14:27 | 000,103,664 | ---- | C] (Lenovo Group Limited.) -- C:\WINDOWS\SysNative\ImController.CoInstaller.dll
[2018.03.28 22:14:18 | 000,425,200 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\iMDriverHelper.dll
[2018.03.28 22:14:18 | 000,246,208 | ---- | C] (CodePlex Community) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Microsoft.Win32.TaskScheduler.dll
[2018.03.28 22:14:18 | 000,200,992 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86\Lenovo.Modern.CoreTypes.dll
[2018.03.28 22:14:18 | 000,200,992 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64\Lenovo.Modern.CoreTypes.dll
[2018.03.28 22:14:18 | 000,200,944 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.CoreTypes.dll
[2018.03.28 22:14:18 | 000,200,944 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.CoreTypes.dll
[2018.03.28 22:14:18 | 000,200,944 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.CoreTypes.dll
[2018.03.28 22:14:18 | 000,176,368 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.Shared.dll
[2018.03.28 22:14:18 | 000,176,368 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.Shared.dll
[2018.03.28 22:14:18 | 000,176,368 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.Shared.dll
[2018.03.28 22:14:18 | 000,163,096 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86\GenericCorePlugin.dll
[2018.03.28 22:14:18 | 000,162,584 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64\GenericCorePlugin.dll
[2018.03.28 22:14:18 | 000,109,344 | ---- | C] (LENOVO INCORPORATED.) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64\SMBiosInformationRetriever.dll
[2018.03.28 22:14:18 | 000,106,784 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86\Lenovo.Modern.Utilities.dll
[2018.03.28 22:14:18 | 000,106,776 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64\Lenovo.Modern.Utilities.dll
[2018.03.28 22:14:18 | 000,106,736 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.Utilities.dll
[2018.03.28 22:14:18 | 000,106,736 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.Utilities.dll
[2018.03.28 22:14:18 | 000,106,736 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.Utilities.dll
[2018.03.28 22:14:18 | 000,106,224 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.EventManager.dll
[2018.03.28 22:14:18 | 000,103,664 | ---- | C] (Lenovo Group Limited.) -- C:\WINDOWS\SysNative\WudfUpdate_02000.dll
[2018.03.28 22:14:18 | 000,094,488 | ---- | C] (LENOVO INCORPORATED.) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86\SMBiosInformationRetriever.dll
[2018.03.28 22:14:18 | 000,087,328 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86\Lenovo.Modern.ImController.ImClient.dll
[2018.03.28 22:14:18 | 000,087,320 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64\Lenovo.Modern.ImController.ImClient.dll
[2018.03.28 22:14:18 | 000,075,504 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.ImClient.dll
[2018.03.28 22:14:18 | 000,075,504 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.ImClient.dll
[2018.03.28 22:14:18 | 000,075,496 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.ImClient.dll
[2018.03.28 22:14:18 | 000,072,432 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.UpdateManager.dll
[2018.03.28 22:14:18 | 000,068,336 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
[2018.03.28 22:14:18 | 000,062,192 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.PluginManager.dll
[2018.03.28 22:14:18 | 000,060,656 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.ImController.ContractBroker.dll
[2018.03.28 22:14:18 | 000,053,488 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\ImController.InfInstaller.exe
[2018.03.28 22:14:18 | 000,048,928 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x86\Lenovo.Modern.Utilities.SystemUtilities.dll
[2018.03.28 22:14:18 | 000,048,920 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\x64\Lenovo.Modern.Utilities.SystemUtilities.dll
[2018.03.28 22:14:18 | 000,048,880 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.Modern.Utilities.SystemUtilities.dll
[2018.03.28 22:14:18 | 000,048,880 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.Utilities.SystemUtilities.dll
[2018.03.28 22:14:18 | 000,048,880 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.Utilities.SystemUtilities.dll
[2018.03.28 22:14:18 | 000,046,320 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
[2018.03.28 22:14:18 | 000,046,320 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.exe
[2018.03.28 22:14:18 | 000,046,320 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
[2018.03.28 22:14:18 | 000,046,320 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
[2018.03.28 22:14:18 | 000,045,808 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
[2018.03.28 22:14:18 | 000,045,808 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
[2018.03.28 22:14:18 | 000,045,808 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
[2018.03.28 22:14:18 | 000,045,800 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
[2018.03.28 22:14:18 | 000,043,760 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Service\Lenovo.ImController.EventLogging.dll
[2018.03.28 22:14:18 | 000,043,760 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.ImController.EventLogging.dll
[2018.03.28 22:14:18 | 000,043,760 | ---- | C] (Lenovo Group Ltd.) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.ImController.EventLogging.dll
[2018.03.28 22:14:18 | 000,026,864 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.AppDomain.dll
[2018.03.28 22:14:18 | 000,026,352 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.AppDomain.dll
[2018.03.28 22:14:18 | 000,022,256 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.UnmanagedPluginShim.dll
[2018.03.28 22:14:18 | 000,021,736 | ---- | C] (Lenovo Group Limited) -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.UnmanagedPluginShim.dll
[2018.03.28 21:42:40 | 000,000,000 | ---D | C] -- C:\Users\nadia\Documents\acte firme
[2018.03.28 17:06:46 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\TeamViewer
[2018.03.28 15:34:48 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\TeamViewer
[2018.03.28 15:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2018.03.28 06:40:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2018.03.28 06:40:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2018.03.28 06:40:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2018.03.28 06:40:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2018.03.27 19:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\rempl
[2018.03.27 19:03:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2018.03.27 19:02:52 | 136,971,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2018.03.27 19:02:40 | 000,108,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osrss.dll
[2018.03.27 18:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\UNP
[2018.03.27 18:14:31 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\Macromedia
[2018.03.27 18:08:37 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\NetworkTiles
[2018.03.27 15:00:49 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\CyberLink
[2018.03.27 14:51:33 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\MicrosoftEdge
[2018.03.27 14:50:44 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Comms
[2018.03.27 14:49:22 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\Intel Corporation
[2018.03.27 14:48:44 | 000,000,000 | R--D | C] -- C:\Users\nadia\OneDrive
[2018.03.27 14:47:35 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\ActiveSync
[2018.03.27 14:46:23 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Publishers
[2018.03.27 14:45:50 | 000,000,000 | R--D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2018.03.27 14:45:50 | 000,000,000 | R--D | C] -- C:\Users\nadia\Searches
[2018.03.27 14:45:50 | 000,000,000 | R--D | C] -- C:\Users\nadia\Contacts
[2018.03.27 14:45:50 | 000,000,000 | R--D | C] -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2018.03.27 14:45:46 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Roaming\Adobe
[2018.03.27 14:45:45 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\VirtualStore
[2018.03.27 14:45:40 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Packages
[2018.03.27 14:45:40 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\Lenovo
[2018.03.27 14:45:37 | 000,000,000 | ---D | C] -- C:\Users\nadia\AppData\Local\TileDataLayer
[2018.03.27 14:45:36 | 000,000,000 | -HSD | C] -- C:\Users\nadia\IntelGraphicsProfiles
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Videos
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Saved Games
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Pictures
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Music
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Links
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Favorites
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Downloads
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Documents
[2018.03.27 14:44:40 | 000,000,000 | R--D | C] -- C:\Users\nadia\Desktop
[2018.03.27 14:38:17 | 000,000,000 | --SD | C] -- C:\WINDOWS\UpdateAssistantV2
 
========== Files - Modified Within 30 Days ==========
 
[2018.04.18 12:12:18 | 000,958,186 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2018.04.18 12:12:18 | 000,775,204 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2018.04.18 12:12:18 | 000,174,152 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2018.04.18 12:07:57 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2018.04.18 12:07:06 | 000,016,710 | ---- | M] () -- C:\WINDOWS\SysNative\InstallUtil.InstallLog
[2018.04.18 12:05:57 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2018.04.18 12:05:56 | 1652,101,120 | -HS- | M] () -- C:\hiberfil.sys
[2018.04.18 11:39:59 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts
[2018.04.18 11:15:48 | 000,000,207 | ---- | M] () -- C:\WINDOWS\tweaking.com-regbackup-DESKTOP-A4POVFE-Windows-10-Home-(64-bit).dat
[2018.04.18 11:15:34 | 000,002,254 | -H-- | M] () -- C:\Users\nadia\Documents\Default.rdp
[2018.04.18 11:15:21 | 000,002,315 | ---- | M] () -- C:\Users\nadia\Desktop\Tweaking.com - Registry Backup.lnk
[2018.04.18 11:12:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nadia\Desktop\OTL.exe
[2018.04.18 11:05:51 | 005,766,144 | ---- | M] (Tweaking.com) -- C:\Users\nadia\Desktop\tweaking.com_registry_backup_setup.exe
[2018.04.17 17:04:10 | 007,256,272 | ---- | M] (Malwarebytes) -- C:\Users\nadia\Desktop\AdwCleaner.exe
[2018.04.17 17:00:19 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\SysNative\drivers\01898893.sys
[2018.04.17 16:25:15 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2018.04.17 15:06:28 | 000,039,442 | ---- | M] () -- C:\Users\nadia\Desktop\1.pdf
[2018.04.17 15:04:25 | 011,530,443 | ---- | M] () -- C:\Users\nadia\Desktop\Folder comprimat (ZIP) nou.zip
[2018.04.17 14:58:12 | 002,501,663 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7843.JPG
[2018.04.17 14:58:05 | 002,505,149 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7842.JPG
[2018.04.17 14:57:59 | 002,508,329 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7841.JPG
[2018.04.17 14:57:54 | 002,433,214 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7840.JPG
[2018.04.17 14:57:49 | 002,533,008 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7839.JPG
[2018.04.17 14:57:44 | 002,213,014 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7838.JPG
[2018.04.17 14:57:37 | 002,245,342 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7837.JPG
[2018.04.17 14:57:32 | 002,360,521 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7836.JPG
[2018.04.17 14:57:18 | 002,340,119 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7835.JPG
[2018.04.17 14:57:10 | 002,380,644 | ---- | M] () -- C:\Users\nadia\Desktop\IMG_7834.JPG
[2018.04.17 12:22:00 | 000,092,084 | ---- | M] () -- C:\Users\nadia\Desktop\hotararea aga refacuta.pdf
[2018.04.17 10:40:55 | 000,106,013 | ---- | M] () -- C:\Users\nadia\Desktop\ACT CONSTITUTIV ACTUALIZAT.pdf
[2018.04.17 10:40:24 | 000,091,699 | ---- | M] () -- C:\Users\nadia\Desktop\HOTARARE AGA.pdf
[2018.04.17 10:36:50 | 000,001,231 | ---- | M] () -- C:\Users\Public\Desktop\PrimoPDF - Drop Files Here to Convert!.lnk
[2018.04.17 10:36:47 | 000,000,326 | ---- | M] () -- C:\WINDOWS\primopdf.ini
[2018.04.16 17:21:05 | 136,971,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MRT-KB890830.exe
[2018.04.15 11:54:16 | 000,015,872 | ---- | M] (ESET) -- C:\WINDOWS\SysNative\drivers\eelam.sys
[2018.04.15 11:00:43 | 000,003,969 | ---- | M] () -- C:\Users\nadia\Desktop\REMOTE.lnk
[2018.04.15 10:49:21 | 000,311,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2018.04.15 10:49:21 | 000,060,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2018.04.15 10:49:21 | 000,046,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2018.04.05 17:17:46 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2018.04.05 12:56:06 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 13.lnk
[2018.04.05 11:04:33 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2018.04.05 11:03:00 | 002,391,678 | ---- | M] () -- C:\Users\nadia\Desktop\AGA suspendare AEM stampilata.pdf
[2018.04.03 22:37:46 | 000,835,064 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2018.04.03 22:37:46 | 000,179,704 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2018.04.02 17:36:07 | 000,382,824 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018.04.02 10:23:24 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2018.04.02 10:23:14 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2018.03.31 23:15:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\scfilter.sys.mui
[2018.03.31 23:15:07 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\tcpip.sys.mui
[2018.03.31 23:15:07 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthport.sys.mui
[2018.03.31 23:15:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
[2018.03.31 23:15:07 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\NdisImPlatform.sys.mui
[2018.03.31 23:15:07 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\hidbth.sys.mui
[2018.03.31 23:15:07 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BthMini.SYS.mui
[2018.03.31 23:15:07 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\BTHUSB.SYS.mui
[2018.03.31 23:15:07 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\bthenum.sys.mui
[2018.03.31 23:15:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\en-US\SensorsCx.dll.mui
[2018.03.31 23:11:48 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\telnet.exe
[2018.03.31 23:07:29 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2018.03.31 23:07:29 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2018.03.31 23:07:29 | 000,417,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2018.03.31 23:07:29 | 000,402,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2018.03.31 23:07:29 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wifiprofilessettinghandler.dll
[2018.03.31 23:07:29 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingMonitor.dll
[2018.03.31 23:07:29 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingMonitor.dll
[2018.03.31 23:07:29 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BrowserSettingSync.dll
[2018.03.31 23:07:29 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BrowserSettingSync.dll
[2018.03.31 23:07:29 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2018.03.31 22:51:12 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2018.03.31 22:51:12 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2018.03.31 22:49:54 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2018.03.31 22:48:42 | 000,894,980 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2018.03.31 22:31:48 | 000,130,334 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\rtkhdasetting.zip
[2018.03.31 22:31:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\GfxValDisplayLog.bin
[2018.03.31 20:13:33 | 000,000,036 | ---- | M] () -- C:\WINDOWS\progress.ini
[2018.03.30 15:59:47 | 000,270,912 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2018.03.30 15:47:31 | 000,004,608 | ---- | M] () -- C:\WINDOWS\SECOH-QAD.exe
 
========== Files Created - No Company Name ==========
 
[2018.04.18 11:15:48 | 000,000,207 | ---- | C] () -- C:\WINDOWS\tweaking.com-regbackup-DESKTOP-A4POVFE-Windows-10-Home-(64-bit).dat
[2018.04.18 11:15:21 | 000,002,315 | ---- | C] () -- C:\Users\nadia\Desktop\Tweaking.com - Registry Backup.lnk
[2018.04.17 16:25:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job
[2018.04.17 15:06:24 | 000,039,442 | ---- | C] () -- C:\Users\nadia\Desktop\1.pdf
[2018.04.17 15:03:33 | 011,530,443 | ---- | C] () -- C:\Users\nadia\Desktop\Folder comprimat (ZIP) nou.zip
[2018.04.17 15:01:12 | 002,501,663 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7843.JPG
[2018.04.17 15:01:11 | 002,508,329 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7841.JPG
[2018.04.17 15:01:11 | 002,505,149 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7842.JPG
[2018.04.17 15:01:10 | 002,533,008 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7839.JPG
[2018.04.17 15:01:10 | 002,433,214 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7840.JPG
[2018.04.17 15:01:09 | 002,245,342 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7837.JPG
[2018.04.17 15:01:09 | 002,213,014 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7838.JPG
[2018.04.17 15:01:08 | 002,360,521 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7836.JPG
[2018.04.17 15:01:08 | 002,340,119 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7835.JPG
[2018.04.17 15:01:07 | 002,380,644 | ---- | C] () -- C:\Users\nadia\Desktop\IMG_7834.JPG
[2018.04.17 12:19:57 | 000,092,084 | ---- | C] () -- C:\Users\nadia\Desktop\hotararea aga refacuta.pdf
[2018.04.17 10:40:55 | 000,106,013 | ---- | C] () -- C:\Users\nadia\Desktop\ACT CONSTITUTIV ACTUALIZAT.pdf
[2018.04.17 10:40:23 | 000,091,699 | ---- | C] () -- C:\Users\nadia\Desktop\HOTARARE AGA.pdf
[2018.04.17 10:36:50 | 000,001,231 | ---- | C] () -- C:\Users\Public\Desktop\PrimoPDF - Drop Files Here to Convert!.lnk
[2018.04.17 10:36:48 | 000,095,008 | ---- | C] () -- C:\WINDOWS\SysNative\Primomonnt.dll
[2018.04.15 11:00:43 | 000,003,969 | ---- | C] () -- C:\Users\nadia\Desktop\REMOTE.lnk
[2018.04.05 17:17:46 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2018.04.05 11:04:33 | 000,002,457 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2018.04.05 11:04:33 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2018.04.05 11:03:00 | 002,391,678 | ---- | C] () -- C:\Users\nadia\Desktop\AGA suspendare AEM stampilata.pdf
[2018.04.02 10:15:27 | 000,097,792 | ---- | C] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2018.04.02 10:15:05 | 000,074,716 | ---- | C] () -- C:\WINDOWS\SysNative\FeatureToastHeroImg.jpg
[2018.04.02 10:14:06 | 000,037,888 | ---- | C] () -- C:\WINDOWS\SysNative\SpectrumSyncClient.dll
[2018.04.02 10:13:50 | 000,003,329 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2018.04.02 10:13:50 | 000,003,329 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2018.03.31 23:24:20 | 000,059,414 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2018.03.31 23:24:20 | 000,059,414 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2018.03.31 22:50:32 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2018.03.31 22:50:32 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2018.03.31 22:49:54 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2018.03.31 22:41:30 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2018.03.31 22:29:45 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2018.03.31 22:28:15 | 000,382,824 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2018.03.30 17:39:37 | 000,002,729 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
[2018.03.30 17:39:37 | 000,002,656 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
[2018.03.30 17:39:37 | 000,002,648 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
[2018.03.30 17:39:37 | 000,002,648 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
[2018.03.30 17:39:37 | 000,002,642 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
[2018.03.30 17:39:37 | 000,002,628 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
[2018.03.30 16:32:10 | 000,002,254 | -H-- | C] () -- C:\Users\nadia\Documents\Default.rdp
[2018.03.30 16:28:02 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2018.03.30 16:27:42 | 000,000,814 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistent de actualizare Windows 10.lnk
[2018.03.30 15:47:31 | 000,004,608 | ---- | C] () -- C:\WINDOWS\SECOH-QAD.exe
[2018.03.29 09:22:11 | 000,016,710 | ---- | C] () -- C:\WINDOWS\SysNative\InstallUtil.InstallLog
[2018.03.28 22:14:18 | 000,016,741 | ---- | C] () -- C:\WINDOWS\SysNative\iMDriver.inf
[2018.03.28 22:14:18 | 000,008,743 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Data\ImControllerEventManifest.man
[2018.03.28 22:14:18 | 000,004,233 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Plugins\GenericCorePlugin\PluginManifest.xml
[2018.03.28 22:14:18 | 000,003,778 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Data\ImControllerMonitorTask.xml
[2018.03.28 22:14:18 | 000,002,932 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\Lenovo\ImController\Data\ImControllerMaintenanceTask.xml
[2018.03.28 15:34:48 | 000,001,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
[2018.03.28 15:34:48 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 13.lnk
[2018.03.27 14:48:44 | 000,002,388 | ---- | C] () -- C:\Users\nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2017.12.14 02:39:21 | 002,491,112 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017.09.29 16:46:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017.09.29 16:46:49 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017.09.29 16:42:27 | 000,017,143 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2017.09.29 16:42:18 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017.09.29 16:42:14 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017.09.29 16:42:13 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017.09.29 16:42:11 | 000,149,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017.09.29 16:42:09 | 003,383,296 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017.09.29 16:42:09 | 000,309,248 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017.09.29 16:42:09 | 000,193,024 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017.09.29 16:42:09 | 000,092,160 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017.09.29 16:42:09 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017.09.29 16:42:09 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2017.09.29 16:42:08 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017.09.29 16:42:00 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017.09.29 16:41:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016.12.16 06:36:54 | 000,112,144 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv2.dll
[2016.12.16 06:36:48 | 000,101,392 | ---- | C] () -- C:\WINDOWS\SysWow64\libGLESv1_CM.dll
[2016.12.16 06:36:44 | 000,141,328 | ---- | C] () -- C:\WINDOWS\SysWow64\libEGL.dll
[2016.09.17 17:50:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2016.09.17 17:47:20 | 000,894,980 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2016.09.17 16:34:50 | 000,000,118 | ---- | C] () -- C:\WINDOWS\PEIS_PreloadData.ini
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2018.03.01 10:14:32 | 007,675,784 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2018.03.01 09:29:08 | 006,092,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017.09.29 16:42:05 | 000,964,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017.09.29 16:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018.02.10 07:35:43 | 000,506,368 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2018.04.15 12:05:32 | 000,000,000 | ---D | M] -- C:\Users\nadia\AppData\Roaming\ESET
[2018.03.30 17:19:06 | 000,000,000 | ---D | M] -- C:\Users\nadia\AppData\Roaming\PowerISO
[2018.04.17 15:06:30 | 000,000,000 | ---D | M] -- C:\Users\nadia\AppData\Roaming\PrimoPDF
[2018.03.28 23:21:06 | 000,000,000 | ---D | M] -- C:\Users\nadia\AppData\Roaming\TeamViewer
[2018.03.30 18:05:44 | 000,000,000 | ---D | M] -- C:\Users\nadia\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2018.03.28 23:20:32 | 000,000,000 | ---D | M](C:\Users\nadia\Documents\Fi?iere Outlook) -- C:\Users\nadia\Documents\Fișiere Outlook
[2018.03.28 23:20:32 | 000,000,000 | ---D | C](C:\Users\nadia\Documents\Fi?iere Outlook) -- C:\Users\nadia\Documents\Fișiere Outlook
 
< End of report >


#3 dnbejays

dnbejays
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 18 April 2018 - 04:56 AM

Extras.txt

 

 

OTL Extras logfile created on: 18.04.2018 12:11:46 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\nadia\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000418 | Country: România | Language: ROM | Date Format: dd.MM.yyyy
 
3,85 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 46,37% Memory free
8,35 Gb Paging File | 6,22 Gb Available in Paging File | 74,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 891,64 Gb Total Space | 829,40 Gb Free Space | 93,02% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 16,56 Gb Free Space | 66,25% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-A4POVFE | User Name: nadia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 35 63 5D B1 29 C9 D3 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel® Management Engine Components
"{2B8D577D-4E81-4F0B-A63D-0A4D5C897B5A}" = Intel® Management Engine Components
"{3AE6FD56-D431-4B53-94F0-95E844206ADF}" = Intel® Chipset Device Software
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}" = Qualcomm Atheros Bluetooth Installer (64)
"{90160000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2016
"{90160000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2016
"{90160000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2016
"{90160000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2016
"{90160000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2016
"{90160000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2016
"{90160000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2016
"{90160000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2016 - English
"{90160000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2016 de Microsoft Office - Français
"{90160000-001F-0C0A-1000-0000000FF1CE}" = Herramientas de corrección de Microsoft Office 2016: español
"{90160000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2016
"{90160000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2016
"{90160000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2016
"{90160000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2016
"{90160000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2016
"{90160000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2016
"{90160000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2016
"{90160000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2016
"{90160000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2016
"{90160000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2016
"{90160000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2016
"{90160000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2016
"{90160000-012B-0409-1000-0000000FF1CE}" = Microsoft Skype for Business MUI (English) 2016
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{958B0D39-70C4-4C0A-A09C-2DBC9DF499FF}" = Intel® Serial IO
"{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}" = Intel® Serial IO
"{A09B06A6-49FF-43A7-8968-CDF150D72F4A}" = ESET Smart Security
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B0169E83-757B-EF66-E2F0-391944D785BC}" = Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)
"{F27C3D77-86D1-4AB6-B4D8-43E4515B5261}" = NativeDesktopMediaService
"{F2DA805F-3FBD-4A4E-970F-5EE7027107EB}" = Audio By Harman
"{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}" = UpdateAssistant
"{FBE0EFD3-4A1F-4E28-A26B-6FAD2DD1AAE4}" = Intel® Rapid Storage Technology
"Office16.PROPLUS" = Microsoft Office Professional Plus 2016
"OnScreenDisplay" = Lenovo On Screen Display
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20CA507E-24AA-4741-87CF-CC1B250790B7}" = Qualcomm Atheros 11ac Wireless LAN Installer
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}" = LenovoUtility
"{7042D952-EE42-4C09-A23D-E7AE4D047007}" = User Manuals
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}" = Intel® Chipset Device Software
"{AC76BA86-0804-1033-1959-001824265200}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1048-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Romanian
"{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1" = CCSDK Customer Engagement Service
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BC94C56A-3649-420C-8756-2ADEBE399D33}" = Lenovo Photo Master
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Asistent de actualizare Windows 10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}" = LenovoUtility
"InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}" = User Manuals
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"TeamViewer" = TeamViewer 13
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 18.04.2018 02:23:18 | Computer Name = DESKTOP-A4POVFE | Source = Application Error | ID = 1000
Description = Nume aplica?ie cu defecte: Lenovo.Modern.ImController.PluginHost.SettingsApp.exe,
 versiune: 1.1.14.0, marcaj temporal: 0x5a94db95  Nume modul cu defecte: unknown, 
versiune: 0.0.0.0, marcaj temporal: 0x00000000  Cod excep?ie: 0xc0000005  Deplasare 
defect: 0x00007ff7fa3d3226  ID proces defect: 0x3e0  Oră de început aplica?ie cu defecte:
 0x01d3d6ddb71614dd  Cale aplica?ie cu defecte: C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
Cale
 modul cu defecte: unknown  ID raport: a247fe9c-3ee1-4185-89ee-9b4661e28a55  Nume complet
 pachet cu defecte: ?  ID aplica?ie rudă pachet cu defecte: ?
 
Error - 18.04.2018 04:25:33 | Computer Name = DESKTOP-A4POVFE | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 18.04.2018 04:25:34 | Computer Name = DESKTOP-A4POVFE | Source = Application Error | ID = 1000
Description = Nume aplica?ie cu defecte: Lenovo.Modern.ImController.PluginHost.SettingsApp.exe,
 versiune: 1.1.14.0, marcaj temporal: 0x5a94db95  Nume modul cu defecte: unknown, 
versiune: 0.0.0.0, marcaj temporal: 0x00000000  Cod excep?ie: 0xc0000005  Deplasare 
defect: 0x00007ffa67ad3416  ID proces defect: 0x1798  Oră de început aplica?ie cu defecte:
 0x01d3d6eec7fbc151  Cale aplica?ie cu defecte: C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
Cale
 modul cu defecte: unknown  ID raport: 5275ed4e-aa7c-4192-8afa-e7be0b450302  Nume complet
 pachet cu defecte: ?  ID aplica?ie rudă pachet cu defecte: ?
 
Error - 18.04.2018 04:30:52 | Computer Name = DESKTOP-A4POVFE | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 018
 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error - 18.04.2018 04:42:38 | Computer Name = DESKTOP-A4POVFE | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 18.04.2018 04:42:39 | Computer Name = DESKTOP-A4POVFE | Source = Application Error | ID = 1000
Description = Nume aplica?ie cu defecte: Lenovo.Modern.ImController.PluginHost.SettingsApp.exe,
 versiune: 1.1.14.0, marcaj temporal: 0x5a94db95  Nume modul cu defecte: unknown, 
versiune: 0.0.0.0, marcaj temporal: 0x00000000  Cod excep?ie: 0xc0000005  Deplasare 
defect: 0x00007ffe3bda3416  ID proces defect: 0x1724  Oră de început aplica?ie cu defecte:
 0x01d3d6f12c9d3ba7  Cale aplica?ie cu defecte: C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
Cale
 modul cu defecte: unknown  ID raport: 324491ee-9e1a-44cc-892d-bb73b9c6d734  Nume complet
 pachet cu defecte: ?  ID aplica?ie rudă pachet cu defecte: ?
 
Error - 18.04.2018 04:48:07 | Computer Name = DESKTOP-A4POVFE | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 018
 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error - 18.04.2018 05:06:49 | Computer Name = DESKTOP-A4POVFE | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 18.04.2018 05:06:49 | Computer Name = DESKTOP-A4POVFE | Source = Application Error | ID = 1000
Description = Nume aplica?ie cu defecte: Lenovo.Modern.ImController.PluginHost.SettingsApp.exe,
 versiune: 1.1.14.0, marcaj temporal: 0x5a94db95  Nume modul cu defecte: unknown, 
versiune: 0.0.0.0, marcaj temporal: 0x00000000  Cod excep?ie: 0xc0000005  Deplasare 
defect: 0x00007ffda7e037d6  ID proces defect: 0x2398  Oră de început aplica?ie cu defecte:
 0x01d3d6f48d263f5b  Cale aplica?ie cu defecte: C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
Cale
 modul cu defecte: unknown  ID raport: 4c61a07f-0774-4847-aa01-cdd39d2bc7c8  Nume complet
 pachet cu defecte: ?  ID aplica?ie rudă pachet cu defecte: ?
 
Error - 18.04.2018 05:12:18 | Computer Name = DESKTOP-A4POVFE | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 018
 language ID. The first DWORD in the Data section contains the Win32 error code.
 
[ System Events ]
Error - 18.04.2018 04:29:58 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 04:39:57 | Computer Name = DESKTOP-A4POVFE | Source = Service Control Manager | ID = 7034
Description = Serviciul Adobe Acrobat Update Service s-a oprit în mod nea?teptat.
 Aceasta s-a întâmplat de 1 ori.
 
Error - 18.04.2018 04:40:05 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 04:42:12 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 04:42:12 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 04:42:53 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 04:57:13 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 05:06:21 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 05:06:21 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2018 05:07:04 | Computer Name = DESKTOP-A4POVFE | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 AM

Posted 18 April 2018 - 07:20 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

The OTL program is no longer being updated and is obsolete.
You can remove or delete it.
Use the Farbar program to report problems for now on.
You will find the instructions below.
===

:step1:
Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

:step2:
Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs for my review.

Wait for further instructions.

#5 dnbejays

dnbejays
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 19 April 2018 - 06:59 AM

Thank you Nasdaq,

 

MBAM works!!! It was some malware in registry and MBAM found it...below I'll post scan report. Thank you and have a nice day!!! :bounce:  :clapping:


Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 4/19/18
Scan Time: 2:28 PM
Log File: c1e7d3ea-43c4-11e8-b110-ccb0dab6a252.json
Administrator: Yes
 
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4792
License: Trial
 
-System Information-
OS: Windows 10 (Build 16299.309)
CPU: x64
File System: NTFS
User: DESKTOP-A4POVFE\nadia
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 303657
Threats Detected: 42
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 6 min, 41 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 15
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6FF0065-F25C-1387-F5E8-20DBB5433314}, No Action By User, [6611], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D46379D-8BBE-4896-A4B1-18AA9913B21F}, No Action By User, [6611], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D46379D-8BBE-4896-A4B1-18AA9913B21F}, No Action By User, [6611], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\CONSOLE\TASKENG.EXE, No Action By User, [6611], [425125],1.0.4792
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5BD8B6E5-A0BA-42C6-AFEC-E578FE1A2104}, No Action By User, [3827], [328818],1.0.4792
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, No Action By User, [3827], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, No Action By User, [6611], [425124],1.0.4792
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F0B4981C-6E68-4705-AE2E-E44AC0E43E7D}, No Action By User, [3827], [261682],1.0.4792
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F27C3D77-86D1-4AB6-B4D8-43E4515B5261}, No Action By User, [895], [509084],1.0.4792
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\32DCE848-4723-9CA6-2814-30F304041E54, No Action By User, [10701], [508595],1.0.4792
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{52A543C7-1557-4096-9631-1E4007BB92CE}, No Action By User, [10701], [508595],1.0.4792
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{52A543C7-1557-4096-9631-1E4007BB92CE}, No Action By User, [10701], [508595],1.0.4792
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{A6FF0065-F25C-1387-F5E8-20DBB5433314}, No Action By User, [8087], [506330],1.0.4792
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5D46379D-8BBE-4896-A4B1-18AA9913B21F}, No Action By User, [8087], [506330],1.0.4792
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5D46379D-8BBE-4896-A4B1-18AA9913B21F}, No Action By User, [8087], [506330],1.0.4792
 
Registry Value: 22
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, No Action By User, [6611], [425126],1.0.4792
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, No Action By User, [6611], [425125],1.0.4792
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5BD8B6E5-A0BA-42C6-AFEC-E578FE1A2104}|PATH, No Action By User, [3827], [328818],1.0.4792
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, No Action By User, [3827], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSETTINGSPERUSER, No Action By User, [3827], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-3824636975-1854983044-936970124-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, No Action By User, [6611], [425124],1.0.4792
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F0B4981C-6E68-4705-AE2E-E44AC0E43E7D}|PATH, No Action By User, [3827], [261682],1.0.4792
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 5
PUP.Optional.PSScriptLoad.ACMB3, C:\WINDOWS\SYSTEM32\TASKS\{A6FF0065-F25C-1387-F5E8-20DBB5433314}, No Action By User, [6611], [-1],0.0.0
Adware.Adposhel.Generic, C:\WINDOWS\SYSTEM32\TASKS\32DCE848-4723-9CA6-2814-30F304041E54, No Action By User, [10701], [508595],1.0.4792
Adware.Adposhel, C:\WINDOWS\SYSTEM32\TASKS\{A6FF0065-F25C-1387-F5E8-20DBB5433314}, No Action By User, [8087], [506330],1.0.4792
Generic.Malware/Suspicious, C:\USERS\NADIA\DOWNLOADS\KMSPICO_FOR_OFFICE2016.ZIP, No Action By User, [0], [392686],1.0.4792
Generic.Malware/Suspicious, C:\USERS\NADIA\DOWNLOADS\KMSPICO_FOR_OFFICE2016 (1).ZIP, No Action By User, [0], [392686],1.0.4792
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 AM

Posted 19 April 2018 - 12:23 PM

Hi,

Did you delete all items reported by MBAM

Is the computer running well?

#7 dnbejays

dnbejays
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 PM

Posted 20 April 2018 - 03:52 AM

Hi,

Now my computer works well...it was a problem with this proxy which I can't disable it. Only browsers didn't work...

All items reported by MBAM i put them in quarantine..

Thanks again!



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 AM

Posted 20 April 2018 - 06:45 AM

Hi,

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users