Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I believe I have a persistent Kernel rootkit


  • This topic is locked This topic is locked
12 replies to this topic

#1 phibonacci

phibonacci

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 08 August 2018 - 09:48 AM

Hello,

 

I believe I have a rootkit. I have done a clean install and partitioned my drives and run numerous antivirus programs. I still get the following issues:

 

My permissions won't change without lots of work and then they change back

CMD prompt doesnt work at all (ie: I type commands ex:"/?" and it says that is a invalid command...)

It changes my administrator privileges and I can't access certain things

RootkitRevealer says "access is denied" upon starting

Tons of Event viewer logs that are related to blocking software, VM, registry and some unknown users that I didn't set up

lots Users and computer names that I didn't set up

Some files are inaccessible even after changing permissions.

It "acted" like it was reinstalling windows but it didn't. Old files were still there and it was too fast for a real clean install

GMER wouldn't run

new files keep popping up out of nowhere.

I watched the mouse move and take control of my computer when I wasn't touching it.

My amazon and gmail were hacked. I created new ones and those were hacked immediately.

smartscreen.exe uses half of my 16gb of ram

tons of svcnhosts.exes processes

lots of weird processes

and many, MANY more strange things.

 

My roommates and I share this computer and both game on it. He has been on it a lot and I have some weird files were downloaded. There is also a facebook link that supposedly downloaded a virus on our computer. I'd like to do a clean install but it wont let me.

 

I am semi-knowledgeable(being nice to myself) with computers and this is frustrating as heck, I would love to learn from you geniuses on how to stop these types of threats for my family and loved ones. Thank you in advance, Phibonacci

 

Logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by b (ATTENTION: The user is not administrator) on DESKTOP-97DUDUE (08-08-2018 07:33:36)
Running from C:\Users\b\Desktop
Loaded Profiles: PC & b (Available Profiles: PC & B)
Platform: Windows 10 Pro Version 1803 17134.137 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> winlogon.exe
Failed to access process -> fontdrvhost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> NVDisplay.Container.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> NVDisplay.Container.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> AvastSvc.exe
Failed to access process -> wlanext.exe
Failed to access process -> conhost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> vpnclient_x64.exe
Failed to access process -> LogiRegistryService.exe
Failed to access process -> SecurityHealthService.exe
Failed to access process -> svchost.exe
Failed to access process -> dasHost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> aswidsagenta.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Failed to access process -> unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
Failed to access process -> svchost.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> SgrmBroker.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(F-Secure Corporation) C:\Users\b\AppData\Local\FSDART\f008f8cc-c28d-4726-9f80-fd7f9b96c2e4\fssos.exe
(F-Secure Corporation) C:\Users\b\AppData\Local\FSDART\f008f8cc-c28d-4726-9f80-fd7f9b96c2e4\fssos_admin_helper.exe
Failed to access process -> fsorsp64.exe
Failed to access process -> fshoster64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> SearchProtocolHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198080 2017-02-05] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-20] (AVAST Software)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2018-06-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2850893678-3308694845-315594102-1002\...\RunOnce: [Uninstall 18.111.0603.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\b\AppData\Local\Microsoft\OneDrive\18.111.0603.0006\amd64"
HKU\S-1-5-21-2850893678-3308694845-315594102-1002\...\RunOnce: [Uninstall 18.111.0603.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\b\AppData\Local\Microsoft\OneDrive\18.111.0603.0006"
HKU\S-1-5-21-2850893678-3308694845-315594102-1002\...\RunOnce: [RemovalTool] => C:\Users\b\AppData\Local\FSDART\f008f8cc-c28d-4726-9f80-fd7f9b96c2e4\fssos.exe [2953696 2018-08-08] (F-Secure Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-06-07]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ae7a1205-9871-4e30-9937-fe069d9cbe5f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
URLSearchHook: [S-1-5-21-2850893678-3308694845-315594102-1001] ATTENTION => Default URLSearchHook is missing
FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\b\AppData\Local\Google\Chrome\User Data\Default [2018-08-08]
CHR Extension: (Slides) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06]
CHR Extension: (Docs) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06]
CHR Extension: (Google Drive) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06]
CHR Extension: (YouTube) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06]
CHR Extension: (Sheets) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-14]
CHR Extension: (Avast Online Security) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-05-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Gmail) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\b\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-20] (AVAST Software)
R2 fsulhoster; C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe [574944 2018-08-08] (F-Secure Corporation)
R2 fsulorsp; C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe [78304 2018-08-08] (F-Secure Corporation)
R3 lmhosts; C:\WINDOWS\System32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.)
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2018-06-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-20] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-15] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-15] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-15] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-15] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-20] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-20] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-20] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-20] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-20] (AVAST Software)
R3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\AE2500w764.sys [2576632 2016-12-03] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-08] ()
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-11] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2017-04-05] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2017-04-05] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-05] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2017-04-05] (Logitech Inc.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2018-06-07] (SoftEther Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2018-06-07] (SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-08 07:33 - 2018-08-08 07:33 - 000018261 _____ C:\Users\b\Desktop\FRST.txt
2018-08-08 07:33 - 2018-08-08 07:33 - 000000000 ____D C:\FRST
2018-08-08 07:32 - 2018-08-08 07:32 - 002412544 _____ (Farbar) C:\Users\b\Desktop\FRST64.exe
2018-08-08 07:26 - 2018-08-08 07:26 - 000464491 _____ C:\Users\b\Downloads\RootRepeal.zip
2018-08-08 07:21 - 2018-08-08 07:21 - 000065872 _____ C:\WINDOWS\system32\Drivers\fsbts.sys
2018-08-08 07:20 - 2018-08-08 07:26 - 000000000 ____D C:\ProgramData\F-Secure
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Users\b\AppData\Local\F-Secure
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Users\b\AppData\Local\FSDART
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Program Files\F-Secure
2018-08-08 07:09 - 2018-08-08 07:09 - 000000000 ____D C:\Users\b\Documents\AccessChk
2018-08-08 07:08 - 2018-08-08 07:08 - 000378512 _____ C:\Users\b\Documents\AccessChk.zip
2018-08-08 07:02 - 2018-08-08 07:02 - 000000000 ____D C:\Users\b\Documents\Sysmon (1)
2018-08-08 07:02 - 2018-08-08 06:39 - 001463899 _____ C:\Users\b\Documents\Sysmon (1).zip
2018-08-08 07:01 - 2018-08-08 07:01 - 000000000 ____D C:\Users\b\Documents\RootkitRevealer (1)
2018-08-08 06:47 - 2018-08-08 06:47 - 000000000 ____D C:\Users\b\Downloads\gimmerdemo-win32-x64-0.1.7
2018-08-08 06:47 - 2018-08-08 06:47 - 000000000 ____D C:\Users\b\AppData\Roaming\Gimmer Demo
2018-08-08 06:19 - 2018-08-08 06:25 - 699400192 _____ C:\Users\b\Downloads\bitdefender-rescue-cd.iso
2018-08-08 06:16 - 2018-08-08 07:05 - 1953349632 _____ C:\Users\b\Downloads\ubuntu-18.04.1-desktop-amd64.iso
2018-08-08 03:36 - 2018-08-08 03:39 - 175065824 _____ (Microsoft Corporation) C:\Users\b\Downloads\msert.exe
2018-08-08 03:27 - 2018-08-08 03:27 - 286785970 _____ C:\Users\b\Documents\123.reg
2018-08-08 03:25 - 2018-08-08 03:25 - 000000000 ___HD C:\OneDriveTemp
2018-08-08 03:22 - 2018-08-08 03:24 - 000000000 ____D C:\Users\b\AppData\Local\D3DSCache
2018-08-08 03:21 - 2018-08-08 03:21 - 000234292 _____ C:\WINDOWS\ntbtlog.txt
2018-07-10 05:20 - 2018-07-10 05:20 - 000000765 _____ C:\Users\b\Downloads\5 SITES (1).txt
2018-07-10 05:18 - 2018-07-10 05:18 - 000000765 _____ C:\Users\b\Downloads\5 SITES.txt
2018-07-10 01:52 - 2018-07-10 01:52 - 000002055 _____ C:\Users\b\Downloads\CHECKCVVANDBALANCE.txt
2018-07-10 01:49 - 2018-07-10 01:49 - 000006238 _____ C:\Users\b\Downloads\how to bypass screen lock.txt
2018-07-10 01:46 - 2018-07-10 05:18 - 000008192 _____ C:\Users\b\Downloads\ktlh_flash_ff (3).dll
2018-07-10 01:46 - 2018-07-10 05:18 - 000008192 _____ C:\Users\b\Downloads\ktlh_flash_ff (2).dll
2018-07-10 01:46 - 2018-07-10 05:18 - 000000047 _____ C:\Users\b\Downloads\mms (2).cfg
2018-07-10 01:46 - 2018-07-10 01:47 - 019478528 _____ C:\Users\b\Downloads\NPSWF32_22_0_0_209.dll
2018-07-10 01:46 - 2018-07-10 01:47 - 000000047 _____ C:\Users\b\Downloads\mms (3).cfg
2018-07-10 01:46 - 2018-07-10 01:46 - 003446976 _____ (Adobe Systems, Inc.) C:\Users\b\Downloads\FlashPlayerPlugin_22_0_0_209.exe
2018-07-10 01:46 - 2018-07-10 01:46 - 003446976 _____ (Adobe Systems, Inc.) C:\Users\b\Downloads\FlashPlayerPlugin_21_0_0_197.exe
2018-07-10 01:46 - 2018-07-10 01:46 - 001210560 _____ (Adobe Systems Incorporated) C:\Users\b\Downloads\FlashUtil32_22_0_0_209_Plugin.exe
2018-07-10 01:46 - 2018-07-10 01:46 - 001164992 _____ (Adobe Systems Incorporated) C:\Users\b\Downloads\FlashUtil32_21_0_0_197_Plugin.exe
2018-07-10 01:46 - 2018-07-10 01:46 - 000442439 _____ C:\Users\b\Downloads\plugin (3).vch
2018-07-10 01:46 - 2018-07-10 01:46 - 000440627 _____ C:\Users\b\Downloads\plugin (2).vch
2018-07-10 01:46 - 2018-07-10 01:46 - 000000856 _____ C:\Users\b\Downloads\flashplayer (3).xpt
2018-07-10 01:46 - 2018-07-10 01:46 - 000000856 _____ C:\Users\b\Downloads\flashplayer (2).xpt
2018-07-10 01:46 - 2018-07-10 01:46 - 000000856 _____ C:\Users\b\Downloads\flashplayer (1).xpt
2018-07-10 01:45 - 2018-07-10 01:45 - 442512337 _____ C:\Users\b\Downloads\antidetect7.cc
2018-07-10 01:45 - 2018-07-10 01:45 - 003446976 _____ (Adobe Systems, Inc.) C:\Users\b\Downloads\FlashPlayerPlugin_21_0_0_182.exe
2018-07-10 01:45 - 2018-07-10 01:45 - 003442368 _____ (Adobe Systems, Inc.) C:\Users\b\Downloads\FlashPlayerPlugin_20_0_0_306.exe
2018-07-10 01:45 - 2018-07-10 01:45 - 001164992 _____ (Adobe Systems Incorporated) C:\Users\b\Downloads\FlashUtil32_21_0_0_182_Plugin.exe
2018-07-10 01:45 - 2018-07-10 01:45 - 001163968 _____ (Adobe Systems Incorporated) C:\Users\b\Downloads\FlashUtil32_20_0_0_306_Plugin.exe
2018-07-10 01:45 - 2018-07-10 01:45 - 000440631 _____ C:\Users\b\Downloads\plugin (1).vch
2018-07-10 01:45 - 2018-07-10 01:45 - 000401547 _____ C:\Users\b\Downloads\plugin.vch
2018-07-10 01:45 - 2018-07-10 01:45 - 000026576 _____ C:\Users\b\Downloads\jsoverrider (5).json
2018-07-10 01:45 - 2018-07-10 01:45 - 000026072 _____ C:\Users\b\Downloads\userContent (2).css
2018-07-10 01:45 - 2018-07-10 01:45 - 000014287 _____ C:\Users\b\Downloads\jsoverrider (4).json
2018-07-10 01:45 - 2018-07-10 01:45 - 000013130 _____ C:\Users\b\Downloads\userContent (4).css
2018-07-10 01:45 - 2018-07-10 01:45 - 000013044 _____ C:\Users\b\Downloads\userContent (5).css
2018-07-10 01:45 - 2018-07-10 01:45 - 000009836 _____ C:\Users\b\Downloads\jsoverrider (3).json
2018-07-10 01:45 - 2018-07-10 01:45 - 000006084 _____ C:\Users\b\Downloads\jsoverrider (1).json
2018-07-10 01:45 - 2018-07-10 01:45 - 000005825 _____ C:\Users\b\Downloads\userContent (3).css
2018-07-10 01:45 - 2018-07-10 01:45 - 000005748 _____ C:\Users\b\Downloads\jsoverrider.json
2018-07-10 01:45 - 2018-07-10 01:45 - 000002767 _____ C:\Users\b\Downloads\jsoverrider (2).json
2018-07-10 01:45 - 2018-07-10 01:45 - 000001804 _____ C:\Users\b\Downloads\userContent (1).css
2018-07-10 01:45 - 2018-07-10 01:45 - 000001239 _____ C:\Users\b\Downloads\userContent.css
2018-07-10 01:45 - 2018-07-10 01:45 - 000000856 _____ C:\Users\b\Downloads\flashplayer.xpt
2018-07-10 01:45 - 2018-07-10 01:45 - 000000629 _____ C:\Users\b\Downloads\modifyheaders.conf
2018-07-10 01:45 - 2018-07-10 01:45 - 000000629 _____ C:\Users\b\Downloads\modifyheaders (1).conf
2018-07-10 01:45 - 2018-07-10 01:45 - 000000621 _____ C:\Users\b\Downloads\modifyheaders (4).conf
2018-07-10 01:45 - 2018-07-10 01:45 - 000000612 _____ C:\Users\b\Downloads\modifyheaders (5).conf
2018-07-10 01:45 - 2018-07-10 01:45 - 000000605 _____ C:\Users\b\Downloads\modifyheaders (2).conf
2018-07-10 01:45 - 2018-07-10 01:45 - 000000583 _____ C:\Users\b\Downloads\modifyheaders (3).conf
2018-07-10 01:44 - 2018-07-10 01:44 - 013767776 _____ (Microsoft Corporation) C:\Users\b\Downloads\vc_redist.x86.exe
2018-07-10 01:44 - 2018-07-10 01:44 - 011277312 _____ C:\Users\b\Downloads\Antidetect 7_Cracked.exe
2018-07-10 01:44 - 2018-07-10 01:44 - 000668389 _____ C:\Users\b\Downloads\manual_russian_7.pdf
2018-07-10 01:44 - 2018-07-10 01:44 - 000632778 _____ C:\Users\b\Downloads\overrider.xpi
2018-07-10 01:44 - 2018-07-10 01:44 - 000591953 _____ C:\Users\b\Downloads\manual_english_7.pdf
2018-07-10 01:44 - 2018-07-10 01:44 - 000000633 _____ C:\Users\b\Downloads\README (1).txt
2018-07-10 01:44 - 2018-07-10 01:44 - 000000046 _____ C:\Users\b\Downloads\ANTIDETECT7PASSWORD.txt
2018-07-10 01:44 - 2018-07-10 01:44 - 000000036 _____ C:\Users\b\Downloads\ANTIDETECT7 CC FILE PASSWORD.txt
2018-07-10 01:43 - 2018-07-10 01:43 - 442512337 _____ C:\Users\b\Downloads\ad7.cc
2018-07-10 01:40 - 2018-07-10 01:40 - 000195185 _____ C:\Users\b\Downloads\config_78480_55329_77394_78556_38262_77590_22808_78613_78568_78631_40063_72457_70355_61738_76927_58973_21632_73401_22365_74276.zip
2018-07-10 01:32 - 2018-07-10 01:32 - 000015324 _____ C:\Users\b\Downloads\MASTERTHEARTOFCARDINGBEGINNERSGUIDE.txt
2018-07-10 01:31 - 2018-07-10 01:31 - 000001425 _____ C:\Users\b\Downloads\simple APPLE carding tutorial.txt
2018-07-10 01:21 - 2018-07-10 01:21 - 000000132 _____ C:\Users\b\Downloads\Buy Bitcoin VIDEO TUTORIAL.txt
2018-07-10 00:21 - 2018-07-10 00:21 - 000000000 ____D C:\ProgramData\Apple
2018-07-10 00:06 - 2018-08-08 03:27 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-10 00:06 - 2018-07-10 00:06 - 000000000 ____D C:\ProgramData\Apple Computer
2018-07-10 00:05 - 2018-07-10 00:19 - 000000000 ____D C:\ProgramData\Packages
2018-07-10 00:04 - 2018-07-10 05:44 - 000000000 ____D C:\Users\b\AppData\Local\PlaceholderTileLogoFolder
2018-07-10 00:04 - 2018-07-10 00:04 - 000001417 _____ C:\Users\b\Desktop\Microsoft Edge.lnk
2018-07-10 00:04 - 2018-07-10 00:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-07-10 00:03 - 2018-07-10 00:03 - 000000000 ___RD C:\Users\b\3D Objects
2018-07-10 00:03 - 2018-07-10 00:03 - 000000000 ___HD C:\Users\b\MicrosoftEdgeBackups
2018-07-10 00:02 - 2018-07-10 00:02 - 000000432 __RSH C:\Users\b\ntuser.pol
2018-07-10 00:02 - 2018-07-10 00:02 - 000000020 ___SH C:\Users\b\ntuser.ini
2018-07-10 00:01 - 2018-08-08 03:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-10 00:01 - 2018-07-10 00:01 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-07-10 00:01 - 2018-07-10 00:01 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-07-10 00:01 - 2018-07-10 00:01 - 000000000 ____D C:\ProgramData\USOShared
2018-07-10 00:01 - 2018-04-11 16:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-07-10 00:00 - 2018-07-10 00:00 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-07-09 23:58 - 2018-08-08 03:25 - 000002404 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-09 23:58 - 2018-07-10 02:14 - 000000000 ____D C:\Users\PC
2018-07-09 23:58 - 2018-07-10 00:03 - 000000000 ____D C:\Users\b
2018-07-09 23:58 - 2018-07-09 23:58 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-07-09 23:57 - 2018-07-09 23:57 - 000002141 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2018-07-09 23:57 - 2018-07-09 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-09 23:57 - 2018-07-09 23:57 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-07-09 23:57 - 2017-11-09 05:43 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-07-09 23:57 - 2017-10-27 09:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-07-09 23:57 - 2017-09-13 16:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-07-09 23:57 - 2017-09-13 16:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-07-09 23:57 - 2017-09-13 16:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-07-09 23:57 - 2017-09-13 16:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-07-09 23:56 - 2018-07-27 04:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-09 23:56 - 2018-07-09 23:58 - 000233856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-09 23:23 - 2018-05-20 21:07 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-07-09 23:23 - 2018-05-20 21:07 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-07-09 23:23 - 2018-05-20 21:07 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-07-09 23:23 - 2018-03-15 01:13 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-07-09 23:23 - 2018-03-15 01:13 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-07-09 23:23 - 2018-03-15 01:13 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-07-09 23:23 - 2018-03-15 01:13 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-07-09 23:22 - 2018-07-09 23:23 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-07-09 23:21 - 2018-07-09 23:21 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-07-09 23:21 - 2018-07-09 23:21 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 022714368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 022003712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 002266016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 002193920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-09 23:20 - 2018-07-09 23:20 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-09 23:20 - 2018-07-09 23:20 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001981384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001538976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-09 23:20 - 2018-07-09 23:20 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001360384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001175056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-09 23:20 - 2018-07-09 23:20 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-09 23:20 - 2018-07-09 23:20 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-07-09 23:20 - 2018-07-09 23:20 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-07-09 23:20 - 2018-07-09 23:20 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000826776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-07-09 23:20 - 2018-07-09 23:20 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000709848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-07-09 23:20 - 2018-07-09 23:20 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000652184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-07-09 23:20 - 2018-07-09 23:20 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-07-09 23:20 - 2018-07-09 23:20 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000541600 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000482472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000399768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-07-09 23:20 - 2018-07-09 23:20 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000183712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000148896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000040864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-07-09 23:20 - 2018-07-09 23:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-07-09 23:20 - 2018-07-09 23:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000019872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-07-09 23:20 - 2018-07-09 23:20 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-07-09 23:20 - 2018-07-09 23:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-09 23:17 - 2018-04-11 06:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-07-09 23:17 - 2018-04-11 06:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-07-09 23:17 - 2018-04-11 06:41 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-07-09 23:17 - 2018-04-11 05:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-07-09 23:17 - 2018-04-11 05:12 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-07-09 23:17 - 2018-04-11 05:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-07-09 23:17 - 2017-10-29 18:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-07-09 23:17 - 2017-10-29 16:42 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-07-09 23:16 - 2018-07-09 23:16 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2018-07-09 23:16 - 2018-07-09 23:16 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2018-07-09 23:16 - 2018-07-09 23:16 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-09 23:01 - 2018-07-10 00:03 - 000000000 ___DC C:\WINDOWS\Panther
2018-07-09 23:00 - 2018-07-09 23:01 - 000000036 _____ C:\WINDOWS\progress.ini
2018-07-09 22:53 - 2018-07-09 23:00 - 000000000 ___HD C:\$GetCurrent
2018-07-09 22:53 - 2018-07-09 22:59 - 000000000 ____D C:\Windows10Upgrade
2018-07-09 22:53 - 2018-07-09 22:53 - 000000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-08 07:15 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-08 03:27 - 2018-04-11 16:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-08 03:25 - 2018-02-15 21:25 - 000000000 ___RD C:\Users\b\OneDrive
2018-08-08 03:24 - 2018-06-07 05:56 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2018-08-08 03:24 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-08 03:24 - 2018-02-15 21:58 - 000000000 ____D C:\ProgramData\Logishrd
2018-08-08 03:24 - 2018-02-11 15:03 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-08 03:16 - 2018-04-11 16:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-08 03:05 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-17 12:02 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-17 12:02 - 2018-04-11 16:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-14 03:55 - 2018-03-20 09:58 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-07-14 03:55 - 2018-03-20 09:58 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-14 03:55 - 2018-03-20 09:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-10 05:47 - 2018-05-22 09:26 - 000000000 ____D C:\Users\b\AppData\LocalLow\Mozilla
2018-07-10 05:44 - 2018-02-15 21:25 - 000000000 ____D C:\Users\b\AppData\Local\Packages
2018-07-10 03:14 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-07-10 02:14 - 2018-02-15 21:57 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-10 00:56 - 2018-06-07 05:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2018-07-10 00:56 - 2018-04-11 16:41 - 000000000 ____D C:\WINDOWS\Setup
2018-07-10 00:56 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-07-10 00:56 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-07-10 00:56 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-10 00:56 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\Help
2018-07-10 00:56 - 2018-03-02 19:46 - 000000000 ____D C:\Users\b\AppData\Local\Comms
2018-07-10 00:56 - 2018-02-15 21:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-07-10 00:56 - 2018-02-11 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2018-07-10 00:56 - 2018-02-11 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-07-10 00:56 - 2018-02-11 15:02 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-07-10 00:56 - 2018-02-10 18:35 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-07-10 00:56 - 2018-02-10 18:35 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-07-10 00:19 - 2018-04-11 16:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-07-10 00:04 - 2018-02-15 21:25 - 000000000 ____D C:\Users\b\AppData\Local\ConnectedDevicesPlatform
2018-07-10 00:03 - 2018-02-11 13:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-10 00:01 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\Registration
2018-07-10 00:01 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-07-10 00:01 - 2018-03-06 10:23 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-10 00:01 - 2018-03-06 10:23 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-10 00:00 - 2018-04-11 16:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-09 23:59 - 2018-06-07 05:43 - 000000000 ____D C:\Users\b\Downloads\VPNS
2018-07-09 23:59 - 2018-04-11 16:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-07-09 23:57 - 2018-02-11 15:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-09 23:57 - 2018-02-11 15:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-09 23:57 - 2018-02-10 23:04 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-07-09 23:57 - 2018-02-10 23:04 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-07-09 23:57 - 2018-02-10 23:04 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-07-09 23:57 - 2018-02-10 23:04 - 000000000 ____D C:\ProgramData\Audyssey Labs
2018-07-09 23:23 - 2018-02-10 23:04 - 000000000 ____D C:\Program Files\Realtek
2018-07-09 23:21 - 2018-04-12 02:37 - 000000000 ____D C:\WINDOWS\Containers
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-07-09 23:21 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-07-09 23:21 - 2018-04-11 16:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-07-09 23:21 - 2018-04-11 14:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-07-09 23:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-07-09 23:17 - 2018-04-11 16:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-07-09 23:17 - 2018-04-11 16:33 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
Some files in TEMP:
====================
2018-08-08 07:01 - 2018-08-08 07:01 - 000383872 _____ (Sysinternals - www.sysinternals.com) C:\Users\b\AppData\Local\Temp\PSZLPIRP.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================

 

 

 

Addition log:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by b (08-08-2018 07:33:57)
Running from C:\Users\b\Desktop
Windows 10 Pro Version 1803 17134.137 (X64) (2018-07-10 07:01:33)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2850893678-3308694845-315594102-500 - Administrator - Disabled)
b (S-1-5-21-2850893678-3308694845-315594102-1002 - Limited - Enabled) => C:\Users\b
DefaultAccount (S-1-5-21-2850893678-3308694845-315594102-503 - Limited - Disabled)
Guest (S-1-5-21-2850893678-3308694845-315594102-501 - Limited - Disabled)
PC (S-1-5-21-2850893678-3308694845-315594102-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-2850893678-3308694845-315594102-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2850893678-3308694845-315594102-1002\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-20] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-20] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-20] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-20] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job =>
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2018-04-11 16:34 - 2018-04-11 16:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-10-19 20:02 - 2017-10-19 20:02 - 000077824 _____ () C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll
2017-10-19 20:02 - 2017-10-19 20:02 - 000144896 _____ () C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll
2018-07-10 00:05 - 2018-07-10 00:05 - 000088888 _____ () C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\zlib1.dll
2018-07-10 00:05 - 2018-07-10 00:05 - 001356088 _____ () C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-10 18:35 - 2018-02-10 18:34 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2850893678-3308694845-315594102-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\b\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\scinotesperiodictablebbg.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0C65F788-6BA3-4D66-A7E3-A09D9A9C5A92}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{3C7AC4D2-155A-4048-8FB9-1BD77AC230A9}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BBD6D78A-C088-4D5D-88A7-A330C11CFBCC}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{380BA2AB-3E4C-41CE-BF4E-FED041AAD82C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{19E4DB58-790E-4749-AEDE-F1F1731CC820}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{93133A4A-DD4B-4902-A864-64C6A77D892E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{5C7F3DAA-3456-45CC-8EE4-DD5AEB963A25}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{54527764-3F37-4F6F-A880-DC6062A17D9F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{794926FE-2B1F-4E1C-9CDB-A3BA4098FF0E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [UDP Query User{F08B7E4F-4724-4BB4-AFBD-09AC0D372532}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9DB77AC6-C519-4C04-8B46-6AB8353B9F0C}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{A9D7166E-5C15-4ACA-89E2-677877F70492}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{5AEF48E7-6FF6-401A-89E4-2411AF1A9179}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{805F94B0-6139-447F-A814-8A836B6DD0A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{A857F0BB-7417-44B4-B7F3-9B992CF32399}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{671DDAB2-F348-4FC2-8DB1-AA1393C1DD7A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{F99B2405-A848-4144-A5BF-71ADC55220DA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{BF229DC9-9E62-4797-B68D-7FDCD2F0C4B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{FEE56551-1BF8-4596-AA4B-39ADC1990853}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{071812AC-6CC7-41F4-9D78-1D5F60E5B67C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1B471531-000C-48FF-AD4A-5A8F6CBAAE16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1810B806-C41D-4548-8DC8-2DC64A669A82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{728A0280-1FE5-43C8-BC46-01A52C0D036C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{91842C5B-9B8B-47B4-AB1E-D35AB70BC2AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{100C4F22-CF8D-4854-8EAD-2684FF35D54A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FE602DCC-1251-4F22-ACAB-EFC935B403E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FFE2B68F-B085-4D91-B235-0A3613B95E30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [TCP Query User{7F67AA3D-09BC-4C32-908C-06118023E53A}C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe] => (Allow) C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe
FirewallRules: [UDP Query User{4948AF34-3D83-4183-95E3-60A86FAD8298}C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe] => (Allow) C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (08/08/2018 07:18:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17134.137, time stamp: 0x5b234384
Faulting module name: edgehtml.dll, version: 11.0.17134.137, time stamp: 0x19e0b525
Exception code: 0xc0000005
Fault offset: 0x000000000037ad5a
Faulting process id: 0x15bc
Faulting application start time: 0x01d42f21d96bcd99
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\edgehtml.dll
Report Id: f22ecb0a-2aae-4447-bd33-0ff8a20c22dc
Faulting package full name: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (08/08/2018 07:01:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x3d2c
Faulting application start time: 0x01d42f204e43252e
Faulting application path: C:\Users\b\Documents\RootkitRevealer (1)\RootkitRevealer.exe
Faulting module path: C:\Users\b\Documents\RootkitRevealer (1)\RootkitRevealer.exe
Report Id: 553ff179-3abd-437f-9214-d4e192e5bf6b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/08/2018 06:29:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x356c
Faulting application start time: 0x01d42f1bdca0a482
Faulting application path: C:\Users\b\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RootkitRevealer (1)\RootkitRevealer.exe
Faulting module path: C:\Users\b\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RootkitRevealer (1)\RootkitRevealer.exe
Report Id: 2bc213d8-683c-4f02-b170-5fdcf29861e4
Faulting package full name:
Faulting package-relative application ID:
Error: (08/08/2018 05:05:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17134.137, time stamp: 0x5b234384
Faulting module name: EdgeContent.dll, version: 11.0.17134.137, time stamp: 0x2fd4aae0
Exception code: 0xc0000409
Fault offset: 0x00000000000ace9a
Faulting process id: 0xdd0
Faulting application start time: 0x01d42f020debcddf
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\EdgeContent.dll
Report Id: b3c95c5e-6348-4555-a500-7232ce0854e3
Faulting package full name: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (08/08/2018 03:10:56 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (08/08/2018 03:10:56 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected
Error: (07/10/2018 12:00:02 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (07/09/2018 11:59:15 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

System errors:
=============
Error: (08/08/2018 03:23:57 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (08/08/2018 03:23:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (08/08/2018 03:23:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (08/08/2018 03:23:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (08/08/2018 03:23:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (08/08/2018 03:23:53 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (08/08/2018 03:23:53 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service InstallService with arguments "Unavailable" in order to run the server:
WindowsUpdate.Internal.InstallControl
Error: (08/08/2018 03:23:53 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess

Windows Defender:
===================================
Date: 2018-07-10 00:01:32.755
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80070006
Error description: The handle is invalid.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2018-07-10 00:01:30.691
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80070006
Error description: The handle is invalid.
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
==================== Memory info ===========================
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 58%
Total physical RAM: 8147.16 MB
Available physical RAM: 3340.51 MB
Total Virtual: 13727.03 MB
Available Virtual: 5632.06 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:220.73 GB) (Free:128.87 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1844.39 GB) (Free:1835.55 GB) NTFS
\\?\Volume{2f352ad6-1b95-4475-a1c1-334c53bf5ec9}\ (Recovery) (Fixed) (Total:2.23 GB) (Free:1.85 GB) NTFS
\\?\Volume{d0f19c50-0000-0000-0000-f018cd010000}\ (Recovery) (Fixed) (Total:18.63 GB) (Free:18.21 GB) NTFS
\\?\Volume{ae4d3fe4-7e83-4347-a0f5-5608b2080749}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================

Attached Files


Edited by phibonacci, 08 August 2018 - 10:05 AM.
Took out user's note about duplicate topic and this being the one to save


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 09 August 2018 - 07:21 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

The Farbar program must be run in an Administrator account.

If you cannot run it in Normal Mode run the program in Safe Moded with Internet connection.

Post fresh logs for my review.

#3 phibonacci

phibonacci
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 10 August 2018 - 06:27 PM

Thank you for your help nasdaq.
 
I did as you asked and I think have added the correct administrator farbar scan.  Sorry in advance for my ignorance. :smash:  Thank you.
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by PC (administrator) on DESKTOP-97DUDUE (10-08-2018 16:23:34)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC & b (Available Profiles: PC & B)
Platform: Windows 10 Pro Version 1803 17134.137 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198080 2017-02-05] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-10] (AVAST Software)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2018-06-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2850893678-3308694845-315594102-1001\...\RunOnce: [Uninstall 17.3.7294.0108\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64"
HKU\S-1-5-21-2850893678-3308694845-315594102-1001\...\RunOnce: [Uninstall 17.3.7294.0108] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.7294.0108"
HKU\S-1-5-21-2850893678-3308694845-315594102-1002\...\RunOnce: [RemovalTool] => C:\Users\b\AppData\Local\FSDART\f008f8cc-c28d-4726-9f80-fd7f9b96c2e4\fssos.exe [2953696 2018-08-08] (F-Secure Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-06-07]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ae7a1205-9871-4e30-9937-fe069d9cbe5f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-10] (AVAST Software)
R2 fsulhoster; C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe [574944 2018-08-08] (F-Secure Corporation)
R2 fsulorsp; C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe [78304 2018-08-08] (F-Secure Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2018-06-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-10] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-10] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-10] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-10] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-10] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-10] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-10] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-08-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-10] (AVAST Software)
R3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\AE2500w764.sys [2576632 2016-12-03] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-08] ()
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-11] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2017-04-05] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2017-04-05] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-05] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2017-04-05] (Logitech Inc.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2018-06-07] (SoftEther Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2018-06-07] (SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-10 16:23 - 2018-08-10 16:23 - 000011803 _____ C:\Users\PC\Desktop\FRST.txt
2018-08-10 16:20 - 2018-08-10 16:20 - 000026999 _____ C:\Users\PC\Downloads\Addition.txt
2018-08-10 16:19 - 2018-08-10 16:20 - 000024861 _____ C:\Users\PC\Downloads\FRST.txt
2018-08-10 16:19 - 2018-08-10 16:19 - 002412544 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2018-08-10 16:19 - 2018-08-10 16:19 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2018-08-10 16:15 - 2018-08-10 16:15 - 000001417 _____ C:\Users\PC\Desktop\Microsoft Edge.lnk
2018-08-10 16:15 - 2018-08-10 16:15 - 000000000 ___HD C:\Users\PC\MicrosoftEdgeBackups
2018-08-10 16:15 - 2018-08-10 16:15 - 000000000 ____D C:\Users\PC\AppData\Local\Logitech
2018-08-10 16:14 - 2018-08-10 16:14 - 000000432 __RSH C:\Users\PC\ntuser.pol
2018-08-10 16:14 - 2018-08-10 16:14 - 000000000 ___RD C:\Users\PC\3D Objects
2018-08-10 16:14 - 2018-08-10 16:14 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2018-08-10 16:02 - 2018-08-10 16:02 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-10 16:02 - 2018-08-10 16:02 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-08 07:33 - 2018-08-10 16:23 - 000000000 ____D C:\FRST
2018-08-08 07:33 - 2018-08-08 07:34 - 000123366 _____ C:\Users\b\Desktop\FRST.txt
2018-08-08 07:33 - 2018-08-08 07:34 - 000022099 _____ C:\Users\b\Desktop\Addition.txt
2018-08-08 07:32 - 2018-08-08 07:32 - 002412544 _____ (Farbar) C:\Users\b\Desktop\FRST64.exe
2018-08-08 07:26 - 2018-08-08 07:26 - 000464491 _____ C:\Users\b\Downloads\RootRepeal.zip
2018-08-08 07:21 - 2018-08-08 07:21 - 000065872 _____ C:\WINDOWS\system32\Drivers\fsbts.sys
2018-08-08 07:20 - 2018-08-08 07:26 - 000000000 ____D C:\ProgramData\F-Secure
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Users\b\AppData\Local\F-Secure
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Users\b\AppData\Local\FSDART
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Program Files\F-Secure
2018-08-08 07:09 - 2018-08-08 07:09 - 000000000 ____D C:\Users\b\Documents\AccessChk
2018-08-08 07:08 - 2018-08-08 07:08 - 000378512 _____ C:\Users\b\Documents\AccessChk.zip
2018-08-08 07:02 - 2018-08-08 07:02 - 000000000 ____D C:\Users\b\Documents\Sysmon (1)
2018-08-08 07:02 - 2018-08-08 06:39 - 001463899 _____ C:\Users\b\Documents\Sysmon (1).zip
2018-08-08 07:01 - 2018-08-08 07:01 - 000000000 ____D C:\Users\b\Documents\RootkitRevealer (1)
2018-08-08 06:47 - 2018-08-08 06:47 - 000000000 ____D C:\Users\b\Downloads\gimmerdemo-win32-x64-0.1.7
2018-08-08 06:47 - 2018-08-08 06:47 - 000000000 ____D C:\Users\b\AppData\Roaming\Gimmer Demo
2018-08-08 06:29 - 2018-08-08 06:29 - 000000000 ____D C:\Users\PC\AppData\Local\DBG
2018-08-08 06:19 - 2018-08-08 06:25 - 699400192 _____ C:\Users\b\Downloads\bitdefender-rescue-cd.iso
2018-08-08 06:16 - 2018-08-08 07:05 - 1953349632 _____ C:\Users\b\Downloads\ubuntu-18.04.1-desktop-amd64.iso
2018-08-08 03:36 - 2018-08-08 03:39 - 175065824 _____ (Microsoft Corporation) C:\Users\b\Downloads\msert.exe
2018-08-08 03:27 - 2018-08-08 03:27 - 286785970 _____ C:\Users\b\Documents\123.reg
2018-08-08 03:22 - 2018-08-08 03:24 - 000000000 ____D C:\Users\b\AppData\Local\D3DSCache
2018-08-08 03:21 - 2018-08-10 16:17 - 000410874 _____ C:\WINDOWS\ntbtlog.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-10 16:22 - 2018-07-10 00:06 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-10 16:22 - 2018-04-11 16:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-10 16:21 - 2018-07-10 00:01 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850893678-3308694845-315594102-1001
2018-08-10 16:21 - 2018-07-09 23:58 - 000002407 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-10 16:21 - 2018-02-11 13:56 - 000000000 ___RD C:\Users\PC\OneDrive
2018-08-10 16:20 - 2018-07-10 00:05 - 000000000 ____D C:\ProgramData\Packages
2018-08-10 16:20 - 2018-04-11 16:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-10 16:20 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-10 16:20 - 2018-02-11 13:55 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-08-10 16:18 - 2018-07-10 00:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-10 16:18 - 2018-07-09 23:56 - 000233856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-10 16:18 - 2018-06-07 05:56 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2018-08-10 16:18 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-10 16:18 - 2018-02-11 15:03 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-10 16:17 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-10 16:17 - 2018-04-11 16:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-08-10 16:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-08-10 16:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-10 16:17 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-10 16:17 - 2018-04-11 14:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-08-10 16:15 - 2018-07-09 23:58 - 000000000 ____D C:\Users\PC
2018-08-10 16:15 - 2018-02-11 13:55 - 000000000 ____D C:\Users\PC\AppData\Local\ConnectedDevicesPlatform
2018-08-10 16:14 - 2018-02-11 13:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-10 16:09 - 2018-07-09 23:58 - 000000000 ____D C:\Users\b
2018-08-10 16:09 - 2018-04-11 16:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-10 16:09 - 2018-02-15 21:58 - 000000000 ____D C:\ProgramData\Logishrd
2018-08-10 16:09 - 2018-02-15 21:25 - 000000000 ___RD C:\Users\b\OneDrive
2018-08-10 16:08 - 2018-03-20 09:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-10 16:07 - 2018-03-20 09:58 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-10 16:03 - 2018-07-09 23:23 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-10 16:03 - 2018-03-06 10:23 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 16:03 - 2018-03-06 10:23 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-10 16:02 - 2018-07-10 00:01 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-10 16:02 - 2018-07-09 23:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-10 16:02 - 2018-07-09 23:23 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-10 16:02 - 2018-04-11 16:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-10 16:02 - 2018-02-15 21:27 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-08 06:40 - 2018-06-12 07:35 - 000002070 _____ C:\Users\PC\Desktop\Rkill.txt
2018-08-08 03:25 - 2018-07-10 00:01 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850893678-3308694845-315594102-1002
2018-08-08 03:25 - 2018-07-09 23:58 - 000002404 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-08 03:05 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-17 12:02 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-14 03:55 - 2018-03-20 09:58 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
Some files in TEMP:
====================
2018-08-08 07:01 - 2018-08-08 07:01 - 000383872 _____ (Sysinternals - www.sysinternals.com) C:\Users\b\AppData\Local\Temp\PSZLPIRP.exe
2018-08-08 06:29 - 2018-08-08 06:29 - 000367488 _____ (Sysinternals - www.sysinternals.com) C:\Users\PC\AppData\Local\Temp\LRXBLZD.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-09 23:56
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by PC (10-08-2018 16:23:52)
Running from C:\Users\PC\Desktop
Windows 10 Pro Version 1803 17134.137 (X64) (2018-07-10 07:01:33)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2850893678-3308694845-315594102-500 - Administrator - Disabled)
b (S-1-5-21-2850893678-3308694845-315594102-1002 - Limited - Enabled) => C:\Users\b
DefaultAccount (S-1-5-21-2850893678-3308694845-315594102-503 - Limited - Disabled)
Guest (S-1-5-21-2850893678-3308694845-315594102-501 - Limited - Disabled)
PC (S-1-5-21-2850893678-3308694845-315594102-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-2850893678-3308694845-315594102-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2850893678-3308694845-315594102-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2850893678-3308694845-315594102-1002\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {178BECB7-6807-4B50-AA27-460E022F59C3} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {2C8E402B-E617-4EDD-A963-B3BE52D1FEA9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-10] (AVAST Software)
Task: {64467370-736D-4ABD-A2ED-620408B6077A} - System32\Tasks\S-1-5-21-2850893678-3308694845-315594102-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {7F59BE51-C72D-4AD8-82DE-9B926680EA70} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2850893678-3308694845-315594102-1002
Task: {86B1E90E-FBAA-46AA-AC3C-FBD41715B70B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-06] (Google Inc.)
Task: {C14BE46E-39C6-4941-88F0-1AF2CEC27311} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {C7933DA5-9542-4534-B82D-DFCF382B5140} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-06] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2018-08-08 07:21 - 2018-08-08 07:21 - 000418784 _____ () C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\daas2_x64.dll
2018-08-08 07:21 - 2018-08-08 07:21 - 000319968 _____ () C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\senddump_fshoster_plugin64.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-09 23:20 - 2018-07-09 23:20 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-03-15 01:13 - 2018-03-15 01:13 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-10 16:02 - 2018-08-10 16:02 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-10 16:02 - 2018-08-10 16:02 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-10 18:35 - 2018-02-10 18:34 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2850893678-3308694845-315594102-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2850893678-3308694845-315594102-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\b\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\scinotesperiodictablebbg.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{3C7AC4D2-155A-4048-8FB9-1BD77AC230A9}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BBD6D78A-C088-4D5D-88A7-A330C11CFBCC}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{380BA2AB-3E4C-41CE-BF4E-FED041AAD82C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{19E4DB58-790E-4749-AEDE-F1F1731CC820}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{93133A4A-DD4B-4902-A864-64C6A77D892E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{5C7F3DAA-3456-45CC-8EE4-DD5AEB963A25}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{54527764-3F37-4F6F-A880-DC6062A17D9F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{794926FE-2B1F-4E1C-9CDB-A3BA4098FF0E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [UDP Query User{F08B7E4F-4724-4BB4-AFBD-09AC0D372532}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9DB77AC6-C519-4C04-8B46-6AB8353B9F0C}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{A9D7166E-5C15-4ACA-89E2-677877F70492}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{5AEF48E7-6FF6-401A-89E4-2411AF1A9179}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{805F94B0-6139-447F-A814-8A836B6DD0A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{A857F0BB-7417-44B4-B7F3-9B992CF32399}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{671DDAB2-F348-4FC2-8DB1-AA1393C1DD7A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{F99B2405-A848-4144-A5BF-71ADC55220DA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{BF229DC9-9E62-4797-B68D-7FDCD2F0C4B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{FEE56551-1BF8-4596-AA4B-39ADC1990853}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{071812AC-6CC7-41F4-9D78-1D5F60E5B67C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1B471531-000C-48FF-AD4A-5A8F6CBAAE16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1810B806-C41D-4548-8DC8-2DC64A669A82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{728A0280-1FE5-43C8-BC46-01A52C0D036C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{91842C5B-9B8B-47B4-AB1E-D35AB70BC2AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{100C4F22-CF8D-4854-8EAD-2684FF35D54A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FE602DCC-1251-4F22-ACAB-EFC935B403E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FFE2B68F-B085-4D91-B235-0A3613B95E30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [TCP Query User{7F67AA3D-09BC-4C32-908C-06118023E53A}C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe] => (Allow) C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe
FirewallRules: [UDP Query User{4948AF34-3D83-4183-95E3-60A86FAD8298}C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe] => (Allow) C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe
FirewallRules: [{1B4F6DFC-E199-4E1D-AE6A-86DED4E8A626}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{9F752C14-6348-4A4D-BB34-6B07BFA6594D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{7FC786F3-F0AB-476B-B3B9-EF5D0DE06ED1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
10-07-2018 02:14:33 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
14-07-2018 03:55:17 Windows Update
24-07-2018 16:33:04 Scheduled Checkpoint
10-08-2018 16:07:42 Windows Update
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (08/08/2018 07:18:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17134.137, time stamp: 0x5b234384
Faulting module name: edgehtml.dll, version: 11.0.17134.137, time stamp: 0x19e0b525
Exception code: 0xc0000005
Fault offset: 0x000000000037ad5a
Faulting process id: 0x15bc
Faulting application start time: 0x01d42f21d96bcd99
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\edgehtml.dll
Report Id: f22ecb0a-2aae-4447-bd33-0ff8a20c22dc
Faulting package full name: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (08/08/2018 07:01:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x3d2c
Faulting application start time: 0x01d42f204e43252e
Faulting application path: C:\Users\b\Documents\RootkitRevealer (1)\RootkitRevealer.exe
Faulting module path: C:\Users\b\Documents\RootkitRevealer (1)\RootkitRevealer.exe
Report Id: 553ff179-3abd-437f-9214-d4e192e5bf6b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/08/2018 06:29:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x356c
Faulting application start time: 0x01d42f1bdca0a482
Faulting application path: C:\Users\b\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RootkitRevealer (1)\RootkitRevealer.exe
Faulting module path: C:\Users\b\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RootkitRevealer (1)\RootkitRevealer.exe
Report Id: 2bc213d8-683c-4f02-b170-5fdcf29861e4
Faulting package full name:
Faulting package-relative application ID:
Error: (08/08/2018 05:05:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17134.137, time stamp: 0x5b234384
Faulting module name: EdgeContent.dll, version: 11.0.17134.137, time stamp: 0x2fd4aae0
Exception code: 0xc0000409
Fault offset: 0x00000000000ace9a
Faulting process id: 0xdd0
Faulting application start time: 0x01d42f020debcddf
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\EdgeContent.dll
Report Id: b3c95c5e-6348-4555-a500-7232ce0854e3
Faulting package full name: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (08/08/2018 03:10:56 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (08/08/2018 03:10:56 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected
Error: (07/10/2018 12:00:02 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
Error: (07/09/2018 11:59:15 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

System errors:
=============
Error: (08/10/2018 04:18:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0923: 2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4338819).
Error: (08/10/2018 04:17:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error Code: 21
Error: (08/10/2018 04:16:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-97DUDUE)
Description: The server {D63B10C5-BB46-4990-A94F-E40B9D520160} did not register with DCOM within the required timeout.
Error: (08/10/2018 04:02:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:24:41 AM on ‎8/‎8/‎2018 was unexpected.
Error: (08/08/2018 08:28:34 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\b SID (S-1-5-21-2850893678-3308694845-315594102-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/08/2018 03:23:57 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (08/08/2018 03:23:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (08/08/2018 03:23:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess

Windows Defender:
===================================
Date: 2018-07-10 00:01:32.755
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80070006
Error description: The handle is invalid.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2018-07-10 00:01:30.691
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80070006
Error description: The handle is invalid.
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
==================== Memory info ===========================
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 33%
Total physical RAM: 8147.16 MB
Available physical RAM: 5397.33 MB
Total Virtual: 9427.16 MB
Available Virtual: 5706.94 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:220.73 GB) (Free:128.48 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1844.39 GB) (Free:1835.55 GB) NTFS
\\?\Volume{2f352ad6-1b95-4475-a1c1-334c53bf5ec9}\ (Recovery) (Fixed) (Total:2.23 GB) (Free:1.85 GB) NTFS
\\?\Volume{d0f19c50-0000-0000-0000-f018cd010000}\ (Recovery) (Fixed) (Total:18.63 GB) (Free:18.21 GB) NTFS
\\?\Volume{ae4d3fe4-7e83-4347-a0f5-5608b2080749}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 16F544A7)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D0F19C50)
Partition 1: (Not Active) - (Size=1844.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=18.6 GB) - (Type=27)
==================== End of Addition.txt ============================

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 11 August 2018 - 06:44 AM


Hi,

Error: (08/10/2018 04:18:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0923: 2018-07 Cumulative Upda

te for Windows 10 Version 1803 for x64-based Systems (KB4338819).

If you Search Google for KB4338819 you will see that you are not alone with this issue.

Let see if we can fix this issue.

Try this. Follow the instructions on each step.

Locate the CMD.EXE and run it as an Administrator.

At the DOS prompt execute this command in bold.

:step1: net stop wuauserv

:step2: Renames the C:\Windows\SoftwareDistribution folder to C:\Windows\SoftwareDistribution.old , essentially clearing the Windows Update download cache so that it can start over.

:step3: Restart the Windows Update service net start wuauserv

Restart the computer normally.

If the Windows Updates do not start do it your self.

How to:
https://venturebeat.com/2015/07/28/how-to-force-windows-to-start-downloading-the-windows-10-update-files/

How is it now?

<<<>>>

p.s
Let the Updates complete. Do not power off the computer it can cause problems.

#5 phibonacci

phibonacci
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 12 August 2018 - 02:49 PM

Thank you for the help.  I first searched Google for KB4338819 and found some similar issues.

 

1. I ran CMD as administrator and stopped windowsupdate via typing net stop wuauserv

 

2. I renamed C:\\Windows\SoftwareDistribution to C:\\Windows\SoftwareDistribtution.old 

 

3. I restarted windowsupdate by typing net start wuauserv

 

4. I restarted the comp normally

 

5. Windows Update didn't start automatically so I went into windows update from settings and it said it was already up to date.

 

I think I still have the same issues so I ran farbar again

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by PC (administrator) on DESKTOP-97DUDUE (12-08-2018 12:47:03)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & B)
Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198080 2017-02-05] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-08-10] (AVAST Software)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2018-06-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2850893678-3308694845-315594102-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-08] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-06-07]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ae7a1205-9871-4e30-9937-fe069d9cbe5f}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-08-12]
CHR Extension: (Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-10]
CHR Extension: (Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-12]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-12]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-12]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-08-10]
CHR Extension: (Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-10]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-12]
CHR Extension: (Avast Online Security) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-08-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-10]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-08-10] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-10] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-10] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-10] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6877224 2018-08-11] ()
R2 fsulhoster; C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe [574944 2018-08-08] (F-Secure Corporation)
R2 fsulorsp; C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe [78304 2018-08-08] (F-Secure Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2018-06-07] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-11] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-08-10] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-08-10] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-08-10] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-10] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-08-10] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-10] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-08-10] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-08-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-08-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-08-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-08-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467064 2018-08-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-08-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-08-10] (AVAST Software)
R3 BCMH43XX; C:\WINDOWS\system32\DRIVERS\AE2500w764.sys [2576632 2016-12-03] (Broadcom Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-08-08] ()
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-11] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2017-04-05] (Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2017-04-05] (Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-04-05] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2017-04-05] (Logitech Inc.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2018-06-07] (SoftEther Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2018-06-07] (SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-11 01:40 - 2018-08-11 01:40 - 000000000 ____D C:\Users\PC\AppData\Local\BattlEye
2018-08-11 01:40 - 2018-08-11 01:40 - 000000000 ____D C:\Users\PC\ansel
2018-08-10 22:49 - 2018-08-10 22:49 - 000000222 _____ C:\Users\PC\Desktop\The Elder Scrolls Online.url
2018-08-10 21:50 - 2018-08-10 21:50 - 000000000 ____D C:\Users\PC\AppData\Roaming\CC
2018-08-10 21:33 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2018-08-10 21:33 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2018-08-10 21:33 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2018-08-10 21:33 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2018-08-10 21:33 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2018-08-10 21:33 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2018-08-10 21:33 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2018-08-10 21:33 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2018-08-10 21:33 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2018-08-10 21:33 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2018-08-10 21:33 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2018-08-10 21:33 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2018-08-10 21:33 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2018-08-10 21:33 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2018-08-10 21:33 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2018-08-10 21:33 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2018-08-10 21:33 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2018-08-10 21:33 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2018-08-10 21:33 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2018-08-10 21:33 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2018-08-10 21:33 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2018-08-10 21:33 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2018-08-10 21:33 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2018-08-10 21:33 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2018-08-10 21:33 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2018-08-10 21:33 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2018-08-10 21:33 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2018-08-10 21:33 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2018-08-10 21:33 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2018-08-10 21:33 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2018-08-10 21:33 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2018-08-10 21:33 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2018-08-10 21:33 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2018-08-10 21:33 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2018-08-10 21:33 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2018-08-10 21:33 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2018-08-10 21:33 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2018-08-10 21:33 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2018-08-10 21:33 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2018-08-10 21:33 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2018-08-10 21:33 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2018-08-10 21:33 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2018-08-10 21:33 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2018-08-10 21:33 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2018-08-10 21:33 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2018-08-10 21:33 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2018-08-10 21:33 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2018-08-10 21:33 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2018-08-10 21:33 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2018-08-10 21:33 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2018-08-10 21:33 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2018-08-10 21:33 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2018-08-10 21:33 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2018-08-10 21:33 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2018-08-10 21:33 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2018-08-10 21:33 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2018-08-10 21:33 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2018-08-10 21:33 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2018-08-10 21:33 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2018-08-10 21:33 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2018-08-10 21:33 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2018-08-10 21:33 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2018-08-10 21:33 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2018-08-10 21:33 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2018-08-10 21:33 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2018-08-10 21:33 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2018-08-10 21:33 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2018-08-10 21:33 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2018-08-10 21:33 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2018-08-10 21:33 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2018-08-10 21:33 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2018-08-10 21:33 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2018-08-10 21:33 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2018-08-10 21:33 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2018-08-10 21:33 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2018-08-10 21:33 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2018-08-10 21:33 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2018-08-10 21:33 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2018-08-10 21:33 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2018-08-10 21:33 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2018-08-10 21:33 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2018-08-10 21:33 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2018-08-10 21:33 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2018-08-10 21:33 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2018-08-10 21:33 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2018-08-10 21:33 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2018-08-10 21:33 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2018-08-10 21:33 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2018-08-10 21:33 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2018-08-10 21:33 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2018-08-10 21:33 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2018-08-10 21:33 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2018-08-10 21:33 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2018-08-10 21:33 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2018-08-10 21:33 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2018-08-10 21:33 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2018-08-10 21:33 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2018-08-10 21:33 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2018-08-10 21:33 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2018-08-10 21:33 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2018-08-10 21:33 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2018-08-10 21:33 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2018-08-10 21:33 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2018-08-10 21:33 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2018-08-10 21:33 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2018-08-10 21:33 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2018-08-10 21:33 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2018-08-10 21:33 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2018-08-10 21:33 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2018-08-10 21:33 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2018-08-10 21:33 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2018-08-10 21:33 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2018-08-10 21:33 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2018-08-10 21:33 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2018-08-10 21:33 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2018-08-10 21:33 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2018-08-10 21:33 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2018-08-10 21:33 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2018-08-10 21:33 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2018-08-10 21:33 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2018-08-10 21:33 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2018-08-10 21:33 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2018-08-10 21:33 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2018-08-10 21:33 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2018-08-10 21:33 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2018-08-10 21:33 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2018-08-10 21:33 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2018-08-10 21:33 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2018-08-10 21:33 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2018-08-10 21:33 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2018-08-10 21:33 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2018-08-10 21:33 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2018-08-10 21:33 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2018-08-10 21:33 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2018-08-10 21:33 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2018-08-10 21:33 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2018-08-10 21:33 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2018-08-10 21:33 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2018-08-10 21:33 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2018-08-10 21:33 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2018-08-10 21:33 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2018-08-10 21:33 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2018-08-10 21:33 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2018-08-10 21:33 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2018-08-10 21:33 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2018-08-10 21:33 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2018-08-10 21:33 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2018-08-10 21:33 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2018-08-10 21:33 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2018-08-10 21:33 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2018-08-10 21:13 - 2018-08-11 00:08 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-08-10 17:12 - 2018-08-10 17:12 - 000003458 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-08-10 17:12 - 2018-08-10 17:12 - 000003334 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-08-10 17:12 - 2018-08-10 17:12 - 000002577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-10 17:12 - 2018-08-10 17:12 - 000002542 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-08-10 17:12 - 2018-08-10 17:12 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-08-10 17:11 - 2018-08-12 12:33 - 000000000 ____D C:\Program Files (x86)\Steam
2018-08-10 17:11 - 2018-08-10 17:11 - 001573568 _____ C:\Users\PC\Downloads\SteamSetup.exe
2018-08-10 17:11 - 2018-08-10 17:11 - 000001039 _____ C:\Users\Public\Desktop\Steam.lnk
2018-08-10 17:11 - 2018-08-10 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-08-10 16:32 - 2018-08-10 16:32 - 000000000 ____D C:\Users\PC\AppData\Local\Steam
2018-08-10 16:23 - 2018-08-12 12:47 - 000014570 _____ C:\Users\PC\Desktop\FRST.txt
2018-08-10 16:23 - 2018-08-12 12:46 - 000030578 _____ C:\Users\PC\Desktop\Addition.txt
2018-08-10 16:20 - 2018-08-10 16:20 - 000026999 _____ C:\Users\PC\Downloads\Addition.txt
2018-08-10 16:19 - 2018-08-10 20:53 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2018-08-10 16:19 - 2018-08-10 16:20 - 000024861 _____ C:\Users\PC\Downloads\FRST.txt
2018-08-10 16:19 - 2018-08-10 16:19 - 002412544 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2018-08-10 16:15 - 2018-08-10 16:15 - 000001417 _____ C:\Users\PC\Desktop\Microsoft Edge.lnk
2018-08-10 16:15 - 2018-08-10 16:15 - 000000000 ___HD C:\Users\PC\MicrosoftEdgeBackups
2018-08-10 16:15 - 2018-08-10 16:15 - 000000000 ____D C:\Users\PC\AppData\Local\Logitech
2018-08-10 16:14 - 2018-08-10 16:14 - 000000432 __RSH C:\Users\PC\ntuser.pol
2018-08-10 16:14 - 2018-08-10 16:14 - 000000000 ___RD C:\Users\PC\3D Objects
2018-08-10 16:14 - 2018-08-10 16:14 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2018-08-10 16:08 - 2018-07-06 07:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-08-10 16:08 - 2018-07-06 07:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-08-10 16:08 - 2018-07-06 07:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-08-10 16:08 - 2018-07-06 07:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-08-10 16:08 - 2018-07-06 07:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-08-10 16:08 - 2018-07-06 07:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-08-10 16:08 - 2018-07-06 07:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-08-10 16:08 - 2018-07-06 07:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-08-10 16:08 - 2018-07-06 07:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-08-10 16:08 - 2018-07-06 07:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-08-10 16:08 - 2018-07-06 07:15 - 002266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-08-10 16:08 - 2018-07-06 07:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-08-10 16:08 - 2018-07-06 06:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-10 16:08 - 2018-07-06 06:53 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2018-08-10 16:08 - 2018-07-06 06:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-08-10 16:08 - 2018-07-06 06:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-08-10 16:08 - 2018-07-06 06:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-08-10 16:08 - 2018-07-06 06:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-10 16:08 - 2018-07-06 06:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-08-10 16:08 - 2018-07-06 06:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-10 16:08 - 2018-07-06 06:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-10 16:08 - 2018-07-06 06:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-10 16:08 - 2018-07-06 06:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-10 16:08 - 2018-07-06 06:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-10 16:08 - 2018-07-06 06:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-10 16:08 - 2018-07-06 06:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-10 16:08 - 2018-07-06 05:12 - 001539000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-08-10 16:08 - 2018-07-06 05:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-08-10 16:08 - 2018-07-06 04:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-10 16:08 - 2018-07-06 04:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-10 16:08 - 2018-07-06 04:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-10 16:08 - 2018-07-06 04:53 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2018-08-10 16:08 - 2018-07-06 04:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-08-10 16:08 - 2018-07-06 04:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-10 16:08 - 2018-07-06 04:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-10 16:08 - 2018-07-06 04:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-10 16:08 - 2018-07-06 04:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-08-10 16:08 - 2018-07-06 04:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-10 16:08 - 2018-07-06 04:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-10 16:08 - 2018-07-06 04:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-10 16:08 - 2018-07-06 04:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-10 16:08 - 2018-07-06 00:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-08-10 16:08 - 2018-07-06 00:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-08-10 16:08 - 2018-07-06 00:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-08-10 16:08 - 2018-07-06 00:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-10 16:08 - 2018-07-06 00:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-10 16:08 - 2018-07-06 00:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-10 16:08 - 2018-07-06 00:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-10 16:08 - 2018-07-06 00:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-10 16:08 - 2018-07-06 00:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-10 16:08 - 2018-07-06 00:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-10 16:08 - 2018-07-06 00:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-10 16:08 - 2018-07-06 00:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-08-10 16:08 - 2018-07-06 00:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-10 16:08 - 2018-07-06 00:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-08-10 16:08 - 2018-07-06 00:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-10 16:08 - 2018-07-06 00:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-08-10 16:08 - 2018-07-06 00:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-10 16:08 - 2018-07-06 00:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-10 16:08 - 2018-07-06 00:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-10 16:08 - 2018-07-06 00:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-08-10 16:08 - 2018-07-06 00:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-08-10 16:08 - 2018-07-06 00:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-08-10 16:08 - 2018-07-06 00:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-08-10 16:08 - 2018-07-06 00:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-10 16:08 - 2018-07-06 00:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-10 16:08 - 2018-07-06 00:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-08-10 16:08 - 2018-07-06 00:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-10 16:08 - 2018-07-06 00:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-08-10 16:08 - 2018-07-06 00:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-10 16:08 - 2018-07-06 00:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-08-10 16:08 - 2018-07-06 00:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-10 16:08 - 2018-07-06 00:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-10 16:08 - 2018-07-06 00:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-10 16:08 - 2018-07-06 00:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-10 16:08 - 2018-07-06 00:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-10 16:08 - 2018-07-06 00:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-10 16:08 - 2018-07-06 00:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-10 16:08 - 2018-07-06 00:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-10 16:08 - 2018-07-06 00:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-08-10 16:08 - 2018-07-06 00:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-08-10 16:08 - 2018-07-06 00:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-08-10 16:08 - 2018-07-05 23:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-08-10 16:08 - 2018-07-05 23:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-08-10 16:08 - 2018-07-05 23:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-10 16:08 - 2018-07-05 23:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-10 16:08 - 2018-07-05 23:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-10 16:08 - 2018-07-05 23:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-08-10 16:08 - 2018-07-05 23:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-08-10 16:08 - 2018-07-05 23:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-08-10 16:08 - 2018-07-05 23:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-10 16:08 - 2018-07-05 23:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-10 16:08 - 2018-07-05 23:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-10 16:08 - 2018-07-05 23:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-10 16:08 - 2018-07-05 22:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-10 16:08 - 2018-06-28 21:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-10 16:08 - 2018-05-20 04:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-10 16:02 - 2018-08-10 16:02 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-10 16:02 - 2018-08-10 16:02 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-08 07:33 - 2018-08-12 12:47 - 000000000 ____D C:\FRST
2018-08-08 07:33 - 2018-08-08 07:34 - 000123366 _____ C:\Users\b\Desktop\FRST.txt
2018-08-08 07:33 - 2018-08-08 07:34 - 000022099 _____ C:\Users\b\Desktop\Addition.txt
2018-08-08 07:32 - 2018-08-08 07:32 - 002412544 _____ (Farbar) C:\Users\b\Desktop\FRST64.exe
2018-08-08 07:26 - 2018-08-08 07:26 - 000464491 _____ C:\Users\b\Downloads\RootRepeal.zip
2018-08-08 07:21 - 2018-08-08 07:21 - 000065872 _____ C:\WINDOWS\system32\Drivers\fsbts.sys
2018-08-08 07:20 - 2018-08-08 07:26 - 000000000 ____D C:\ProgramData\F-Secure
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Users\b\AppData\Local\F-Secure
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Users\b\AppData\Local\FSDART
2018-08-08 07:20 - 2018-08-08 07:20 - 000000000 ____D C:\Program Files\F-Secure
2018-08-08 07:09 - 2018-08-08 07:09 - 000000000 ____D C:\Users\b\Documents\AccessChk
2018-08-08 07:08 - 2018-08-08 07:08 - 000378512 _____ C:\Users\b\Documents\AccessChk.zip
2018-08-08 07:02 - 2018-08-08 07:02 - 000000000 ____D C:\Users\b\Documents\Sysmon (1)
2018-08-08 07:02 - 2018-08-08 06:39 - 001463899 _____ C:\Users\b\Documents\Sysmon (1).zip
2018-08-08 07:01 - 2018-08-08 07:01 - 000000000 ____D C:\Users\b\Documents\RootkitRevealer (1)
2018-08-08 06:47 - 2018-08-08 06:47 - 000000000 ____D C:\Users\b\Downloads\gimmerdemo-win32-x64-0.1.7
2018-08-08 06:47 - 2018-08-08 06:47 - 000000000 ____D C:\Users\b\AppData\Roaming\Gimmer Demo
2018-08-08 06:29 - 2018-08-08 06:29 - 000000000 ____D C:\Users\PC\AppData\Local\DBG
2018-08-08 06:19 - 2018-08-08 06:25 - 699400192 _____ C:\Users\b\Downloads\bitdefender-rescue-cd.iso
2018-08-08 06:16 - 2018-08-08 07:05 - 1953349632 _____ C:\Users\b\Downloads\ubuntu-18.04.1-desktop-amd64.iso
2018-08-08 03:36 - 2018-08-08 03:39 - 175065824 _____ (Microsoft Corporation) C:\Users\b\Downloads\msert.exe
2018-08-08 03:27 - 2018-08-08 03:27 - 286785970 _____ C:\Users\b\Documents\123.reg
2018-08-08 03:22 - 2018-08-08 03:24 - 000000000 ____D C:\Users\b\AppData\Local\D3DSCache
2018-08-08 03:21 - 2018-08-10 16:17 - 000410874 _____ C:\WINDOWS\ntbtlog.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-12 12:40 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-12 12:38 - 2018-07-10 00:06 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-12 12:38 - 2018-04-11 16:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-12 12:33 - 2018-06-07 05:56 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2018-08-12 12:32 - 2018-07-10 00:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-12 12:32 - 2018-04-11 14:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-08-12 12:32 - 2018-02-11 15:03 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-12 12:30 - 2018-07-09 22:53 - 000000000 ____D C:\Windows10Upgrade
2018-08-12 11:24 - 2018-07-09 23:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-12 05:06 - 2018-07-10 00:01 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850893678-3308694845-315594102-1001
2018-08-12 05:06 - 2018-07-09 23:58 - 000002407 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-12 05:06 - 2018-02-11 13:56 - 000000000 ___RD C:\Users\PC\OneDrive
2018-08-12 05:05 - 2018-07-09 23:56 - 000233856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-12 05:04 - 2018-04-12 02:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-12 05:04 - 2018-04-11 16:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-08-12 05:04 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-08-12 05:04 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-12 05:04 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-12 04:12 - 2018-04-11 16:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-11 01:41 - 2018-07-10 00:01 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-11 01:41 - 2018-07-10 00:01 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-11 01:41 - 2018-07-10 00:01 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2850893678-3308694845-315594102-1002
2018-08-11 01:41 - 2018-07-10 00:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-08-11 01:40 - 2018-07-09 23:58 - 000000000 ____D C:\Users\PC
2018-08-11 01:40 - 2018-04-11 16:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-08-11 01:40 - 2018-02-15 21:57 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-10 18:53 - 2018-02-11 13:55 - 000000000 ____D C:\Users\PC\AppData\Local\ConnectedDevicesPlatform
2018-08-10 16:38 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-10 16:20 - 2018-07-10 00:05 - 000000000 ____D C:\ProgramData\Packages
2018-08-10 16:20 - 2018-04-11 16:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-10 16:20 - 2018-02-11 13:55 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-08-10 16:14 - 2018-02-11 13:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-10 16:09 - 2018-07-09 23:58 - 000000000 ____D C:\Users\b
2018-08-10 16:09 - 2018-02-15 21:58 - 000000000 ____D C:\ProgramData\Logishrd
2018-08-10 16:09 - 2018-02-15 21:25 - 000000000 ___RD C:\Users\b\OneDrive
2018-08-10 16:08 - 2018-03-20 09:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-10 16:07 - 2018-03-20 09:58 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-10 16:03 - 2018-07-09 23:23 - 000467064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-10 16:03 - 2018-03-06 10:23 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 16:03 - 2018-03-06 10:23 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-10 16:02 - 2018-07-10 00:01 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-10 16:02 - 2018-07-09 23:23 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-10 16:02 - 2018-07-09 23:23 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-10 16:02 - 2018-04-11 16:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-10 16:02 - 2018-02-15 21:27 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-08 06:40 - 2018-06-12 07:35 - 000002070 _____ C:\Users\PC\Desktop\Rkill.txt
2018-08-08 03:25 - 2018-07-09 23:58 - 000002404 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-08 03:05 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-17 12:02 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-14 03:55 - 2018-03-20 09:58 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
Some files in TEMP:
====================
2018-08-08 07:01 - 2018-08-08 07:01 - 000383872 _____ (Sysinternals - www.sysinternals.com) C:\Users\b\AppData\Local\Temp\PSZLPIRP.exe
2018-08-08 06:29 - 2018-08-08 06:29 - 000367488 _____ (Sysinternals - www.sysinternals.com) C:\Users\PC\AppData\Local\Temp\LRXBLZD.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-09 23:56
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by PC (12-08-2018 12:47:22)
Running from C:\Users\PC\Desktop
Windows 10 Pro Version 1803 17134.165 (X64) (2018-07-10 07:01:33)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2850893678-3308694845-315594102-500 - Administrator - Disabled)
b (S-1-5-21-2850893678-3308694845-315594102-1002 - Limited - Enabled) => C:\Users\b
DefaultAccount (S-1-5-21-2850893678-3308694845-315594102-503 - Limited - Disabled)
Guest (S-1-5-21-2850893678-3308694845-315594102-501 - Limited - Disabled)
PC (S-1-5-21-2850893678-3308694845-315594102-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-2850893678-3308694845-315594102-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 67.1.664.99 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2850893678-3308694845-315594102-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8053 - Realtek Semiconductor Corp.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.22.9634 - SoftEther VPN Project)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-10] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {178BECB7-6807-4B50-AA27-460E022F59C3} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {2C8E402B-E617-4EDD-A963-B3BE52D1FEA9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-10] (AVAST Software)
Task: {64467370-736D-4ABD-A2ED-620408B6077A} - System32\Tasks\S-1-5-21-2850893678-3308694845-315594102-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {777083A3-C87B-4169-BCC2-B9AA23212570} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-10] (AVAST Software)
Task: {7F59BE51-C72D-4AD8-82DE-9B926680EA70} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2850893678-3308694845-315594102-1002
Task: {86B1E90E-FBAA-46AA-AC3C-FBD41715B70B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-06] (Google Inc.)
Task: {C14BE46E-39C6-4941-88F0-1AF2CEC27311} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {C7933DA5-9542-4534-B82D-DFCF382B5140} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-06] (Google Inc.)
Task: {FD7CDF13-9580-4145-A7E2-527D5E2AFEA7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-10] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============
2018-04-11 16:34 - 2018-04-11 16:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 16:34 - 2018-04-11 16:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-08 07:21 - 2018-08-08 07:21 - 000418784 _____ () C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\daas2_x64.dll
2018-08-08 07:21 - 2018-08-08 07:21 - 000319968 _____ () C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\senddump_fshoster_plugin64.dll
2018-08-10 16:08 - 2018-07-05 23:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-03-15 01:13 - 2018-03-15 01:13 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-10 16:02 - 2018-08-10 16:02 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-10 16:02 - 2018-08-10 16:02 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-08-10 17:11 - 2018-07-21 14:07 - 000854304 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-08-10 17:11 - 2016-08-31 18:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-08-10 17:11 - 2018-08-08 15:43 - 002644768 _____ () C:\Program Files (x86)\Steam\video.dll
2018-08-10 17:11 - 2016-08-31 18:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-08-10 17:11 - 2016-08-31 18:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-08-10 17:11 - 2017-12-19 18:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-08-10 17:11 - 2017-12-19 18:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-08-10 17:11 - 2017-12-19 18:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-08-10 17:11 - 2017-12-19 18:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-08-10 17:11 - 2017-12-19 18:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-08-10 17:11 - 2018-08-08 15:43 - 001015072 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-08-10 17:11 - 2016-07-04 15:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-08-10 17:11 - 2018-07-21 14:07 - 000854304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-08-10 17:11 - 2018-07-20 15:24 - 083524896 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-08-10 17:11 - 2018-07-20 15:24 - 003732256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libglesv2.dll
2018-08-10 17:11 - 2018-07-20 15:24 - 000086304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libegl.dll
2018-08-10 17:11 - 2018-07-03 14:58 - 000137504 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-10 18:35 - 2018-02-10 18:34 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2850893678-3308694845-315594102-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{3C7AC4D2-155A-4048-8FB9-1BD77AC230A9}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BBD6D78A-C088-4D5D-88A7-A330C11CFBCC}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{380BA2AB-3E4C-41CE-BF4E-FED041AAD82C}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{19E4DB58-790E-4749-AEDE-F1F1731CC820}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{93133A4A-DD4B-4902-A864-64C6A77D892E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{5C7F3DAA-3456-45CC-8EE4-DD5AEB963A25}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{54527764-3F37-4F6F-A880-DC6062A17D9F}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{794926FE-2B1F-4E1C-9CDB-A3BA4098FF0E}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [UDP Query User{F08B7E4F-4724-4BB4-AFBD-09AC0D372532}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9DB77AC6-C519-4C04-8B46-6AB8353B9F0C}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{A9D7166E-5C15-4ACA-89E2-677877F70492}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{5AEF48E7-6FF6-401A-89E4-2411AF1A9179}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{805F94B0-6139-447F-A814-8A836B6DD0A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{A857F0BB-7417-44B4-B7F3-9B992CF32399}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\iTunes.exe
FirewallRules: [{671DDAB2-F348-4FC2-8DB1-AA1393C1DD7A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{F99B2405-A848-4144-A5BF-71ADC55220DA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{BF229DC9-9E62-4797-B68D-7FDCD2F0C4B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{FEE56551-1BF8-4596-AA4B-39ADC1990853}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
FirewallRules: [{071812AC-6CC7-41F4-9D78-1D5F60E5B67C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1B471531-000C-48FF-AD4A-5A8F6CBAAE16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1810B806-C41D-4548-8DC8-2DC64A669A82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{728A0280-1FE5-43C8-BC46-01A52C0D036C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{91842C5B-9B8B-47B4-AB1E-D35AB70BC2AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{100C4F22-CF8D-4854-8EAD-2684FF35D54A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FE602DCC-1251-4F22-ACAB-EFC935B403E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{FFE2B68F-B085-4D91-B235-0A3613B95E30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.87.491.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [TCP Query User{7F67AA3D-09BC-4C32-908C-06118023E53A}C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe] => (Allow) C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe
FirewallRules: [UDP Query User{4948AF34-3D83-4183-95E3-60A86FAD8298}C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe] => (Allow) C:\users\b\downloads\gimmerdemo-win32-x64-0.1.7\gimmerdemo.exe
FirewallRules: [{1B4F6DFC-E199-4E1D-AE6A-86DED4E8A626}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{9F752C14-6348-4A4D-BB34-6B07BFA6594D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{7FC786F3-F0AB-476B-B3B9-EF5D0DE06ED1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{66A8FF4C-DCB0-4952-AAF0-53C7479AC6D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9A289D1D-4BEC-437A-804C-BAB460752E92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D0547EB2-5723-4FD8-9864-369F3412E093}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F2B04C96-0C5D-4892-9CC8-F61356EC2454}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{13B8A431-4B77-49D8-9D59-F75607B81492}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{582C24C6-D340-40E2-8A4C-EB1F6150BC19}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{62C41384-E294-4C6F-A19B-C889616F8A14}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{4FF1F336-4D1E-408F-B854-E0E49E3946C0}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A71CB776-35B3-48A1-BF18-718D40625242}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
==================== Restore Points =========================
24-07-2018 16:33:04 Scheduled Checkpoint
10-08-2018 16:07:42 Windows Update
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2018 04:31:25 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
Error: (08/08/2018 07:18:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17134.137, time stamp: 0x5b234384
Faulting module name: edgehtml.dll, version: 11.0.17134.137, time stamp: 0x19e0b525
Exception code: 0xc0000005
Fault offset: 0x000000000037ad5a
Faulting process id: 0x15bc
Faulting application start time: 0x01d42f21d96bcd99
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\edgehtml.dll
Report Id: f22ecb0a-2aae-4447-bd33-0ff8a20c22dc
Faulting package full name: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (08/08/2018 07:01:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x3d2c
Faulting application start time: 0x01d42f204e43252e
Faulting application path: C:\Users\b\Documents\RootkitRevealer (1)\RootkitRevealer.exe
Faulting module path: C:\Users\b\Documents\RootkitRevealer (1)\RootkitRevealer.exe
Report Id: 553ff179-3abd-437f-9214-d4e192e5bf6b
Faulting package full name:
Faulting package-relative application ID:
Error: (08/08/2018 06:29:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Faulting module name: RootkitRevealer.exe, version: 1.71.0.0, time stamp: 0x44e255aa
Exception code: 0xc0000005
Fault offset: 0x000040cd
Faulting process id: 0x356c
Faulting application start time: 0x01d42f1bdca0a482
Faulting application path: C:\Users\b\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RootkitRevealer (1)\RootkitRevealer.exe
Faulting module path: C:\Users\b\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RootkitRevealer (1)\RootkitRevealer.exe
Report Id: 2bc213d8-683c-4f02-b170-5fdcf29861e4
Faulting package full name:
Faulting package-relative application ID:
Error: (08/08/2018 05:05:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17134.137, time stamp: 0x5b234384
Faulting module name: EdgeContent.dll, version: 11.0.17134.137, time stamp: 0x2fd4aae0
Exception code: 0xc0000409
Fault offset: 0x00000000000ace9a
Faulting process id: 0xdd0
Faulting application start time: 0x01d42f020debcddf
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: C:\WINDOWS\SYSTEM32\EdgeContent.dll
Report Id: b3c95c5e-6348-4555-a500-7232ce0854e3
Faulting package full name: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (08/08/2018 03:10:56 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (08/08/2018 03:10:56 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected
Error: (07/10/2018 12:00:02 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

System errors:
=============
Error: (08/12/2018 12:33:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\PC SID (S-1-5-21-2850893678-3308694845-315594102-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/12/2018 12:29:46 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\PC SID (S-1-5-21-2850893678-3308694845-315594102-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/12/2018 11:48:10 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\PC SID (S-1-5-21-2850893678-3308694845-315594102-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/12/2018 11:25:50 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\PC SID (S-1-5-21-2850893678-3308694845-315594102-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/12/2018 05:05:44 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\PC SID (S-1-5-21-2850893678-3308694845-315594102-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/12/2018 05:03:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
This operation returned because the timeout period expired.
Error: (08/11/2018 04:24:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-97DUDUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-97DUDUE\PC SID (S-1-5-21-2850893678-3308694845-315594102-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (08/11/2018 02:08:44 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-97DUDUE)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_26ecd with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell

Windows Defender:
===================================
Date: 2018-07-10 00:01:32.755
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80070006
Error description: The handle is invalid.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2018-07-10 00:01:30.691
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80070006
Error description: The handle is invalid.
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
==================== Memory info ===========================
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 33%
Total physical RAM: 8147.16 MB
Available physical RAM: 5419.65 MB
Total Virtual: 9427.16 MB
Available Virtual: 5342.31 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:220.73 GB) (Free:36.35 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1844.39 GB) (Free:1768.92 GB) NTFS
\\?\Volume{2f352ad6-1b95-4475-a1c1-334c53bf5ec9}\ (Recovery) (Fixed) (Total:2.23 GB) (Free:1.85 GB) NTFS
\\?\Volume{d0f19c50-0000-0000-0000-f018cd010000}\ (Recovery) (Fixed) (Total:18.63 GB) (Free:18.21 GB) NTFS
\\?\Volume{ae4d3fe4-7e83-4347-a0f5-5608b2080749}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 16F544A7)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D0F19C50)
Partition 1: (Not Active) - (Size=1844.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=18.6 GB) - (Type=27)
==================== End of Addition.txt ============================
 

 

 

 

 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 13 August 2018 - 10:25 AM

Hi,

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
CloseProcesses:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

If the problem persists run these programs.

We will check your BIOS and Master boot record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  • ===

    Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
    • Click the "Scan" button to start scan.
    • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
    • Please paste the contents of that log in your next reply.
    There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
    ===

    Wait for further instructions.

    Please let me know what problem persists with this computer.



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 19 August 2018 - 07:44 AM

Are you still with me?

#8 phibonacci

phibonacci
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 22 August 2018 - 10:55 PM

Hello nasdaq,

 

I am still here and thank you for your time. I have had trouble with the last step and I attempted to post a reply and apparently the network issues I was having at the time thwarted my reponse. It bascially went like this though:

 

I saved the fixlist.txt file to the same place as farbar which is the desktop.

 

I ran "fix' and received the log pasted below below.

 

The problems did persist so I continued the instructions and ran TDSSkiller by following the steps. The log is also below.

 

This is where I encountered a previous problem with aswMBR and then again when I ran it this time.

 

My computer gives off the "blue screen of death" with the stop code: DRIVER_IRQL_NOT_LESS_OR_EQUAL , what failed: aswMBR.sys

 

This happened the last time I tried running aswMBR before I decided to start a topic cause I was in over my head.

 

Somehow I managed to get a mbar.dat file on my desktop either from the last time or this time and it is attached.(I had to attach the logs and mbar folder in 2 reply's and 2 zips because of the 9.47mb attachment limit and the length of post limit: mbarBleep1.zip and mblarBleep2.zip)

 

 

Problems that have happened and/or persisting.

 

  • Computer uses high amount of resources when idle. Varries
  • Unable to access certain Event viewer logs Like Security and other catergories
  • Lots of unknown users and certificates. Lot of VM and other networking events in Event viewer.
  • Unknown PC name changes and hidden networking that shows VM and other processes I never started
  • My gmail was hacked over and over and eventually locked out because of ISP activity in other countries.
  • My amazon was hacked. 1,000 dollars in unknown charges to some place I didn't know.
  • I made a new amazon account and it was hacked immediately.
  • My Credit card info was stolen and used for unknown purchases.
  • Can't run aswMBR or Gmer without my computer freezing or blue screen of death

 

I'll post more problems as I think of them. Thank you again for your help.

 

 

 

 

Fixlog

 

 

 
Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by PC (17-08-2018 16:31:09) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC & B)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Reboot:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully

The system needed a reboot.
==== End of Fixlog 16:31:17 ====
 
 
 
 
 

 

Attached Files



#9 phibonacci

phibonacci
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 22 August 2018 - 11:18 PM

Rest of the logs and mbar folder

 
 
TDSSkiller
 
(Nevemind I guess I can't upload the mbar zip folder
 
 
16:46:25.0639 7360  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:46:25.0639 7360  UEFI system
16:46:27.0644 7360  ============================================================
16:46:27.0644 7360  Current date / time: 2018/08/17 16:46:27.0644
16:46:27.0644 7360  SystemInfo:
16:46:27.0644 7360 
16:46:27.0644 7360  OS Version: 6.2.9200 ServicePack: 0.0
16:46:27.0644 7360  Product type: Workstation
16:46:27.0644 7360  ComputerName: DESKTOP-97DUDUE
16:46:27.0644 7360  UserName: PC
16:46:27.0644 7360  Windows directory: C:\WINDOWS
16:46:27.0644 7360  System windows directory: C:\WINDOWS
16:46:27.0644 7360  Running under WOW64
16:46:27.0644 7360  Processor architecture: Intel x64
16:46:27.0644 7360  Number of processors: 8
16:46:27.0644 7360  Page size: 0x1000
16:46:27.0644 7360  Boot type: Normal boot
16:46:27.0644 7360  ============================================================
16:46:27.0660 7360  BG loaded
16:46:27.0785 7360  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:46:27.0800 7360  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:46:27.0832 7360  ============================================================
16:46:27.0832 7360  \Device\Harddisk0\DR0:
16:46:27.0832 7360  GPT partitions:
16:46:27.0832 7360  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {AE4D3FE4-7E83-4347-A0F5-5608B2080749}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xF9800
16:46:27.0832 7360  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BCD406E9-9A6D-4B90-962D-71DD8B3BFDEF}, Name: Microsoft reserved partition, StartLBA 0xFA000, BlocksNum 0x40000
16:46:27.0832 7360  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {317B04FC-BD2E-4CD3-884E-B682C4854447}, Name: Basic data partition, StartLBA 0x13A000, BlocksNum 0x1B973800
16:46:27.0832 7360  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2F352AD6-1B95-4475-A1C1-334C53BF5EC9}, Name: Basic data partition, StartLBA 0x1BAAD800, BlocksNum 0x476800
16:46:27.0832 7360  MBR partitions:
16:46:27.0832 7360  \Device\Harddisk1\DR1:
16:46:27.0832 7360  MBR partitions:
16:46:27.0832 7360  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE68C6800
16:46:27.0832 7360  ============================================================
16:46:27.0832 7360  C: <-> \Device\Harddisk0\DR0\Partition3
16:46:27.0847 7360  D: <-> \Device\Harddisk1\DR1\Partition1
16:46:27.0847 7360  ============================================================
16:46:27.0847 7360  Initialize success
16:46:27.0847 7360  ============================================================
16:46:33.0068 8652  ============================================================
16:46:33.0068 8652  Scan started
16:46:33.0068 8652  Mode: Manual;
16:46:33.0068 8652  ============================================================
16:46:33.0162 8652  ================ Scan system memory ========================
16:46:33.0162 8652  System memory - ok
16:46:33.0162 8652  ================ Scan services =============================
16:46:33.0209 8652  [ 4B45A2D37CCE3CC0F161B7C7286081A6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:46:33.0209 8652  1394ohci - ok
16:46:33.0209 8652  [ F5E5BA493B7C497F1F769942E2EA4CE2 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:46:33.0225 8652  3ware - ok
16:46:33.0225 8652  Suspicious service (Hidden): 91874529
16:46:33.0225 8652  91874529 ( HiddenService.Multi.Generic ) - warning
16:46:33.0225 8652  91874529 - detected HiddenService.Multi.Generic (1)
16:46:33.0225 8652  [ CA51BB1B81F97E896E116C839B92D9D8 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:46:33.0240 8652  ACPI - ok
16:46:33.0240 8652  [ 75795E4B19BB3ED8D3C25A17CD15DC30 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
16:46:33.0240 8652  AcpiDev - ok
16:46:33.0240 8652  [ DDA0FC1400A24988A7D3E746AEDF2C0F ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:46:33.0240 8652  acpiex - ok
16:46:33.0256 8652  [ 1F2EC25DA23D1DF3ADA12FE5A26D321C ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:46:33.0256 8652  acpipagr - ok
16:46:33.0256 8652  [ 6AFFD57803BBB6FBCB483F983900A5C4 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:46:33.0256 8652  AcpiPmi - ok
16:46:33.0256 8652  [ 0FC8673FAFC7D78C1CDC000F892CAC64 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:46:33.0256 8652  acpitime - ok
16:46:33.0271 8652  [ A3D4CF2F3A433BE18CD4AD3E6665DC63 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:46:33.0271 8652  ADP80XX - ok
16:46:33.0287 8652  [ 4DCCC3E02A22ED4A4ADB11386F226071 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:46:33.0287 8652  AFD - ok
16:46:33.0287 8652  [ F267095A11A461BEF39FB180750BE801 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
16:46:33.0287 8652  afunix - ok
16:46:33.0303 8652  [ 0CD0F0C62414217DE9EA7EC8D425277E ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:46:33.0303 8652  ahcache - ok
16:46:33.0303 8652  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
16:46:33.0303 8652  AJRouter - ok
16:46:33.0303 8652  [ 9E9D78D1C179EB2E3E2282A1DC409D93 ] ALG             C:\WINDOWS\System32\alg.exe
16:46:33.0303 8652  ALG - ok
16:46:33.0318 8652  [ 6DF48AD26E6285FB137F11328B64A376 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:46:33.0318 8652  AmdK8 - ok
16:46:33.0318 8652  [ D8804032BCDE4077A6D8D431D12AC6CC ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:46:33.0318 8652  AmdPPM - ok
16:46:33.0318 8652  [ A88F5E24B65228FB25F2051B3408A0E4 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:46:33.0318 8652  amdsata - ok
16:46:33.0334 8652  [ AECD39E51DABC2BF045B2857F02FA2BD ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:46:33.0334 8652  amdsbs - ok
16:46:33.0334 8652  [ B4CC9943230CAEB05B46CC30C220E141 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:46:33.0334 8652  amdxata - ok
16:46:33.0334 8652  [ E4A18157BF5D8D714C05169A8A8D604C ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:46:33.0350 8652  AppID - ok
16:46:33.0350 8652  [ F1A04835C7FA75C8215961C1095D5EBF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:46:33.0350 8652  AppIDSvc - ok
16:46:33.0350 8652  [ 48EA4B4CCC920D130529A1EF85388B6A ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:46:33.0350 8652  Appinfo - ok
16:46:33.0350 8652  [ 769316CA5884FBBD02D45C28FE105922 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
16:46:33.0350 8652  applockerfltr - ok
16:46:33.0365 8652  [ 78548DB096DA7BA26BAA318FE9B0CEC1 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:46:33.0365 8652  AppMgmt - ok
16:46:33.0365 8652  [ 636575088044E7271088BB8CFA382B45 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:46:33.0381 8652  AppReadiness - ok
16:46:33.0381 8652  [ 39C180F07B002F3EE652E259F16547B4 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
16:46:33.0396 8652  AppVClient - ok
16:46:33.0396 8652  [ 5CD58F779237F533D5F30C294DA04C0E ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
16:46:33.0396 8652  AppvStrm - ok
16:46:33.0396 8652  [ A4354E3EF779E4CDC6C9D705FFBD3652 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
16:46:33.0396 8652  AppvVemgr - ok
16:46:33.0412 8652  [ 467021D15ED33D9B8CD313C7631A89B6 ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
16:46:33.0412 8652  AppvVfs - ok
16:46:33.0443 8652  [ 44F886F2595D02C41DE59C16F3B75E4D ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:46:33.0443 8652  AppXSvc - ok
16:46:33.0459 8652  [ 013E057DF3D13A4462AD912D7732E7E0 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:46:33.0459 8652  arcsas - ok
16:46:33.0459 8652  [ F3EB0301BED3C4586CEF27A2BA1C50B3 ] asmthub3        C:\WINDOWS\System32\drivers\asmthub3.sys
16:46:33.0459 8652  asmthub3 - ok
16:46:33.0475 8652  [ 3D1460D459048E469D4EE506833FF0DE ] asmtxhci        C:\WINDOWS\system32\DRIVERS\asmtxhci.sys
16:46:33.0475 8652  asmtxhci - ok
16:46:33.0475 8652  [ 44EDBC9E6F5823D2F529113C26368A9E ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
16:46:33.0490 8652  AssignedAccessManagerSvc - ok
16:46:33.0490 8652  [ 595363661DB3E50ACC4DE05B0215CC6F ] aswArPot        C:\WINDOWS\system32\drivers\aswArPot.sys
16:46:33.0490 8652  aswArPot - ok
16:46:33.0553 8652  [ 623F665A3CBB3211D6A331E64B358359 ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
16:46:33.0568 8652  aswbIDSAgent - ok
16:46:33.0584 8652  [ 9B2020670A0B5E2BD37F8D07EEB13E11 ] aswbidsdriver   C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
16:46:33.0584 8652  aswbidsdriver - ok
16:46:33.0584 8652  [ 654891030423368B3A321BB85090E65D ] aswbidsh        C:\WINDOWS\system32\drivers\aswbidsha.sys
16:46:33.0584 8652  aswbidsh - ok
16:46:33.0584 8652  [ 927D5F8EC23F1B634A38E3DD63488943 ] aswblog         C:\WINDOWS\system32\drivers\aswbloga.sys
16:46:33.0599 8652  aswblog - ok
16:46:33.0599 8652  [ 75B99DDDD07FEB4D4D2478CB549E797F ] aswbuniv        C:\WINDOWS\system32\drivers\aswbuniva.sys
16:46:33.0599 8652  aswbuniv - ok
16:46:33.0599 8652  [ 150708D6A0A29109DC16B3B2A38BC92E ] aswElam         C:\WINDOWS\system32\drivers\aswElam.sys
16:46:33.0599 8652  aswElam - ok
16:46:33.0615 8652  [ 776C7ACB23C0401A72C182271C57EE7F ] aswHdsKe        C:\WINDOWS\system32\drivers\aswHdsKe.sys
16:46:33.0615 8652  aswHdsKe - ok
16:46:33.0615 8652  [ E050175154823C8B0472C1E261E465C3 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
16:46:33.0615 8652  aswHwid - ok
16:46:33.0615 8652  [ B12FFF1893123C54CD625B2821EE0DB3 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:46:33.0615 8652  aswMonFlt - ok
16:46:33.0615 8652  [ 3ABF14B314E2D59D7CF8A51A8A1E2512 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
16:46:33.0615 8652  aswRdr - ok
16:46:33.0631 8652  [ 981BC841D6D685AB2D2D0B8570417A50 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
16:46:33.0631 8652  aswRvrt - ok
16:46:33.0631 8652  [ 284DF8EA5F144A1749FEA5599B1481A3 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
16:46:33.0646 8652  aswSnx - ok
16:46:33.0646 8652  [ EDACB2E87B20A35D0649129D1079EB90 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
16:46:33.0646 8652  aswSP - ok
16:46:33.0662 8652  [ 86061D0F15D35FB9D1750B7D91EC87AE ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
16:46:33.0662 8652  aswStm - ok
16:46:33.0662 8652  [ 4F48E2124DABBD0FBC0441B18185A653 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
16:46:33.0662 8652  aswVmm - ok
16:46:33.0678 8652  [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
16:46:33.0678 8652  AsyncMac - ok
16:46:33.0678 8652  [ 90AB4ED8EBD72A1C096A40CC35404B91 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:46:33.0678 8652  atapi - ok
16:46:33.0678 8652  [ 49C40F52EB06F9E9C8A14436F97AAEB8 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:46:33.0693 8652  AudioEndpointBuilder - ok
16:46:33.0709 8652  [ 50DE2E82D65B6006360660D085E80B8B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:46:33.0709 8652  Audiosrv - ok
16:46:33.0709 8652  [ D1E23027543E73F12084A34ABE0CA1B5 ] avast           C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
16:46:33.0709 8652  avast - ok
16:46:33.0724 8652  [ EDA0770FABB2A27615485BFF07D4E109 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:46:33.0724 8652  avast! Antivirus - ok
16:46:33.0724 8652  [ D1E23027543E73F12084A34ABE0CA1B5 ] avastm          C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
16:46:33.0724 8652  avastm - ok
16:46:33.0724 8652  [ D7BFD86F7A9ABE39351199869D093110 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:46:33.0724 8652  AxInstSV - ok
16:46:33.0740 8652  [ F10E4C9444A9FC6DCBAB2C42F6999FA1 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:46:33.0740 8652  b06bdrv - ok
16:46:33.0740 8652  [ 982FAA5686F67BFEF3E6094705C2621F ] bam             C:\WINDOWS\system32\drivers\bam.sys
16:46:33.0740 8652  bam - ok
16:46:33.0756 8652  [ FA4973E379E872C61D0CF4E39F807833 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:46:33.0756 8652  BasicDisplay - ok
16:46:33.0756 8652  [ F024B80EA0076A318598DAB795F9C3D0 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:46:33.0756 8652  BasicRender - ok
16:46:33.0771 8652  [ 9C56ECDD63D4427B93E886947D2ADB38 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
16:46:33.0771 8652  BcastDVRUserService - ok
16:46:33.0787 8652  [ 739D089777D2B66DBE7201E5EA4BA2D7 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:46:33.0787 8652  bcmfn2 - ok
16:46:33.0803 8652  [ 30DDBB55A8301A5DFE6CDC7EF604C4C9 ] BCMH43XX        C:\WINDOWS\system32\DRIVERS\AE2500w764.sys
16:46:33.0818 8652  BCMH43XX - ok
16:46:33.0822 8652  [ 255D1EA1F4EDA1B7B28A88581F12A1CE ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:46:33.0822 8652  BDESVC - ok
16:46:33.0822 8652  [ 9B068DF7B7B3DDF768D06DFD69B49FD0 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:46:33.0822 8652  Beep - ok
16:46:33.0869 8652  [ 4ACBF7E00249EF75CDF7DFA778FE85F6 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
16:46:33.0901 8652  BEService - ok
16:46:33.0916 8652  [ 0B9B6D7A2F31FBD63301D19B1B08238E ] BFE             C:\WINDOWS\System32\bfe.dll
16:46:33.0916 8652  BFE - ok
16:46:33.0932 8652  [ BC1E5F20251E0AFDB955E7D91093B619 ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
16:46:33.0932 8652  bindflt - ok
16:46:33.0947 8652  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8 ] BITS            C:\WINDOWS\System32\qmgr.dll
16:46:33.0963 8652  BITS - ok
16:46:33.0979 8652  [ 30D75769E23CCFBE13DB41FC54243BB1 ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
16:46:33.0979 8652  BluetoothUserService - ok
16:46:33.0979 8652  [ 00C33AC3096BB64BACD5554A55025F8F ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:46:33.0979 8652  bowser - ok
16:46:33.0994 8652  [ 0E1A0E81EF4B33FFDE8EDA46EE38F0D4 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:46:33.0994 8652  BrokerInfrastructure - ok
16:46:33.0994 8652  [ 3E4BF0145201239E0BBD0A937431C14C ] Browser         C:\WINDOWS\System32\browser.dll
16:46:34.0010 8652  Browser - ok
16:46:34.0010 8652  [ 85F5808D19879E1803E46405090F29C8 ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
16:46:34.0010 8652  BTAGService - ok
16:46:34.0026 8652  [ 063E91CD2CB1C372459FD6FBC02509E7 ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
16:46:34.0026 8652  BthAvctpSvc - ok
16:46:34.0026 8652  [ E0121734C2492406034FA23E3D394EBD ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
16:46:34.0026 8652  BthEnum - ok
16:46:34.0026 8652  [ 02FEC31842DD153D966AC227B6DDF8BB ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:46:34.0026 8652  BthHFEnum - ok
16:46:34.0041 8652  [ 8EE632BFE4BABD4E7A299AF54476F9A5 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
16:46:34.0041 8652  BthLEEnum - ok
16:46:34.0041 8652  [ A0EC1D5C937995A2C5F1179538A8A6B4 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:46:34.0041 8652  BTHMODEM - ok
16:46:34.0041 8652  [ B10E0CC936462BBA7BC659C0927617A0 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
16:46:34.0041 8652  BthPan - ok
16:46:34.0057 8652  [ CEC858AC998DE405F079FEFD55924394 ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
16:46:34.0057 8652  BTHPORT - ok
16:46:34.0072 8652  [ 1EB49C9E2716D4924460B2FAA295E313 ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:46:34.0072 8652  bthserv - ok
16:46:34.0072 8652  [ 0D5ECDF2601312025811F6AC413F851A ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
16:46:34.0072 8652  BTHUSB - ok
16:46:34.0072 8652  [ E3786BEBB7E4003DE324A18069DDA081 ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
16:46:34.0072 8652  bttflt - ok
16:46:34.0072 8652  [ 03C13BB635635B9152DBF49AA07B728C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
16:46:34.0072 8652  buttonconverter - ok
16:46:34.0088 8652  [ 9983FF8D9834F2E67787F4BDC42A8E36 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
16:46:34.0088 8652  CAD - ok
16:46:34.0088 8652  [ B405F59CF690653105600F85C9B576B9 ] camsvc          C:\WINDOWS\system32\CapabilityAccessManager.dll
16:46:34.0088 8652  camsvc - ok
16:46:34.0088 8652  [ 407B33DE151A3DFCF564AC4270E44B1D ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
16:46:34.0088 8652  CapImg - ok
16:46:34.0104 8652  [ 1200CA82E0D59510F69B6839540A76AA ] CaptureService  C:\WINDOWS\System32\CaptureService.dll
16:46:34.0104 8652  CaptureService - ok
16:46:34.0104 8652  [ D3CBC6DE5955D014407C7BD1FFE80F00 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:46:34.0104 8652  cdfs - ok
16:46:34.0104 8652  [ 0942C87ED45B1E227032AD154105F79B ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
16:46:34.0119 8652  CDPSvc - ok
16:46:34.0119 8652  [ 9FBF5849A6F51E3B3F8AF2A4171648DA ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
16:46:34.0119 8652  CDPUserSvc - ok
16:46:34.0119 8652  [ 6834DBBA2A1DBA5B9B6360D0B9A3CBB5 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:46:34.0119 8652  cdrom - ok
16:46:34.0135 8652  [ 620E4F2FDD04FFB70702676423F1C2AC ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:46:34.0135 8652  CertPropSvc - ok
16:46:34.0135 8652  [ 4A08B239F92B319AD31E3916D27AD4B9 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
16:46:34.0135 8652  cht4iscsi - ok
16:46:34.0150 8652  [ C8EA9376E4D284F9DF24B27AC6E3AB85 ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
16:46:34.0166 8652  cht4vbd - ok
16:46:34.0166 8652  [ 3AA86DA04A561E8162C2DBBF92D12074 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:46:34.0166 8652  circlass - ok
16:46:34.0182 8652  [ 5619FC2A3AE4F43D4B20D95472ED948E ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
16:46:34.0182 8652  CldFlt - ok
16:46:34.0182 8652  [ DB26170CF6555B9AFF76CFA067ABCF90 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:46:34.0197 8652  CLFS - ok
16:46:34.0197 8652  [ 5BD85187D6A6A37D2A4563F33D7A76E4 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
16:46:34.0197 8652  ClipSVC - ok
16:46:34.0213 8652  [ 66CBF6F8FE6F436B315D7FEAF5D2BB40 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:46:34.0213 8652  CmBatt - ok
16:46:34.0213 8652  [ 4C4CE8285744371BEBAA0EE5F23585F7 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:46:34.0229 8652  CNG - ok
16:46:34.0229 8652  [ 037DCC7A71938729CB12E8174E03031C ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
16:46:34.0229 8652  cnghwassist - ok
16:46:34.0244 8652  [ E40C99A3E0FFF49687F2187BF3E3050D ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
16:46:34.0244 8652  CompositeBus - ok
16:46:34.0244 8652  COMSysApp - ok
16:46:34.0244 8652  [ 3799A9DFB162D9AAD6AC12CB8185FD19 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:46:34.0244 8652  condrv - ok
16:46:34.0260 8652  [ AC89EC75D4E59CFF2E8BAFD70C6154AF ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
16:46:34.0260 8652  CoreMessagingRegistrar - ok
16:46:34.0275 8652  [ 6C6073B45D65887A6035F1A8D073274A ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:46:34.0275 8652  CryptSvc - ok
16:46:34.0275 8652  [ 87463F1AE447874675F1CBB55CBF7136 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
16:46:34.0291 8652  CSC - ok
16:46:34.0291 8652  [ E20EC7EA6EEF16B5780B459FBA86C521 ] CscService      C:\WINDOWS\System32\cscsvc.dll
16:46:34.0291 8652  CscService - ok
16:46:34.0307 8652  [ 8711386E9B04357F8F58166760759F3A ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:46:34.0307 8652  dam - ok
16:46:34.0322 8652  [ 107661923943E9DC06ED2713AC5F7753 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:46:34.0322 8652  DcomLaunch - ok
16:46:34.0322 8652  [ 7ECF8E55CAF04A8F7F7498C55A6EDAC5 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:46:34.0338 8652  defragsvc - ok
16:46:34.0338 8652  [ 8DF502E8116C625387DD789936D7A0C2 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:46:34.0338 8652  DeviceAssociationService - ok
16:46:34.0338 8652  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:46:34.0354 8652  DeviceInstall - ok
16:46:34.0354 8652  [ 38D6ED38A46F815C24C5656E8A5AB083 ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
16:46:34.0354 8652  DevicePickerUserSvc - ok
16:46:34.0369 8652  [ 372BD821867225F32DE87A6B3FEC8A2E ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
16:46:34.0369 8652  DevicesFlowUserSvc - ok
16:46:34.0385 8652  [ C48C4D6B8D9C53F0399DEDA402A6FAE5 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
16:46:34.0385 8652  DevQueryBroker - ok
16:46:34.0385 8652  [ 8A1C10410FDA4287A76EC5A64371E221 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:46:34.0385 8652  Dfsc - ok
16:46:34.0385 8652  [ 5F78930AAB3900102EA8ACDD38F97324 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:46:34.0385 8652  dg_ssudbus - ok
16:46:34.0400 8652  [ 51D1F76C6EC94B0773D276C91B06A781 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:46:34.0400 8652  Dhcp - ok
16:46:34.0400 8652  [ FF05980EEE93D2B4AB1284BF21D7F12B ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:46:34.0400 8652  diagnosticshub.standardcollector.service - ok
16:46:34.0416 8652  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
16:46:34.0416 8652  diagsvc - ok
16:46:34.0432 8652  [ E74FCFD1499A4F816A99D35E297CCE63 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
16:46:34.0447 8652  DiagTrack - ok
16:46:34.0447 8652  [ A79FCB89805FA9EA9F48B671A4591D4E ] Disk            C:\WINDOWS\system32\drivers\disk.sys
16:46:34.0447 8652  Disk - ok
16:46:34.0463 8652  [ EAA267FAABDBE6194985DC6A0AC96664 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
16:46:34.0463 8652  DmEnrollmentSvc - ok
16:46:34.0463 8652  [ F69D7A5D7EDEE16B85F08040836FB09C ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:46:34.0463 8652  dmvsc - ok
16:46:34.0479 8652  [ 8B3601E34BD1D693598F968D70361C37 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
16:46:34.0479 8652  dmwappushservice - ok
16:46:34.0479 8652  [ E65844BC31FE3687A745C2E48C845CBC ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:46:34.0479 8652  Dnscache - ok
16:46:34.0479 8652  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:46:34.0496 8652  dot3svc - ok
16:46:34.0500 8652  [ 5B1EF28DE7302A6BD5DF8459E2C598EF ] DPS             C:\WINDOWS\system32\dps.dll
16:46:34.0500 8652  DPS - ok
16:46:34.0500 8652  [ AD1BEFBF96C0273925EDC9282557D984 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
16:46:34.0500 8652  drmkaud - ok
16:46:34.0500 8652  [ E7D1636EEA6F9A941573CA426F214054 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:46:34.0500 8652  DsmSvc - ok
16:46:34.0516 8652  [ 4323DDFF8CB51FD74B241810CFA6CDBB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
16:46:34.0516 8652  DsSvc - ok
16:46:34.0516 8652  [ 974BC06C0EC847EA4DC8D9002D394FEB ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
16:46:34.0516 8652  DusmSvc - ok
16:46:34.0547 8652  [ 8FF323926AAF82B04CCE7DD4FAA17990 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:46:34.0547 8652  DXGKrnl - ok
16:46:34.0547 8652  [ 7E9A1608894297B133AF5EE18E404208 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
16:46:34.0547 8652  Eaphost - ok
16:46:34.0584 8652  [ 75CA88887850A74DDAAAF92500B6D9B9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:46:34.0600 8652  ebdrv - ok
16:46:34.0600 8652  [ 317340CD278A374BCEF6A30194557227 ] EFS             C:\WINDOWS\System32\lsass.exe
16:46:34.0600 8652  EFS - ok
16:46:34.0615 8652  [ 7E838D857FC55535710C316441459C38 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:46:34.0615 8652  EhStorClass - ok
16:46:34.0615 8652  [ 49023DD6F646B8C70AE1C105415F3E2B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:46:34.0615 8652  EhStorTcgDrv - ok
16:46:34.0615 8652  [ 80D5BD4804C587B21A121566549A63FB ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
16:46:34.0615 8652  embeddedmode - ok
16:46:34.0631 8652  [ 8BDB4EB138A93B9C4242D5ADC068899A ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
16:46:34.0631 8652  EntAppSvc - ok
16:46:34.0631 8652  [ 1DF19D7A941CB06F8EADF89FA0BF59AD ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:46:34.0631 8652  ErrDev - ok
16:46:34.0647 8652  [ 9B538A1E44E1D61FA80E80EA75A085FA ] EventSystem     C:\WINDOWS\system32\es.dll
16:46:34.0647 8652  EventSystem - ok
16:46:34.0647 8652  [ B2858C386B99A68C3E3F0DFAB935C232 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:46:34.0647 8652  exfat - ok
16:46:34.0662 8652  [ CE38CED74D85849BB2C9894DCA712615 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:46:34.0662 8652  fastfat - ok
16:46:34.0662 8652  [ BBD6407DA3DA4FC718710587E253C7BF ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:46:34.0678 8652  Fax - ok
16:46:34.0678 8652  [ 6701B9973DE98578A491721B4BDE0926 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:46:34.0678 8652  fdc - ok
16:46:34.0678 8652  [ A2037943CCC079307A383C5543607CEF ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:46:34.0678 8652  fdPHost - ok
16:46:34.0693 8652  [ C11A1A9CF331B7AA2F04974EE262EC07 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:46:34.0693 8652  FDResPub - ok
16:46:34.0693 8652  [ 71CECDA2DCF81E0AD8C30440C77966E2 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:46:34.0693 8652  fhsvc - ok
16:46:34.0693 8652  [ 9BC7FE262AF52B341048234809AA7D91 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
16:46:34.0693 8652  FileCrypt - ok
16:46:34.0693 8652  [ A0AF205465482EE0FC6261782629566B ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:46:34.0693 8652  FileInfo - ok
16:46:34.0709 8652  [ 01D83D284E6B37902DB3C4D4DB0649E0 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:46:34.0709 8652  Filetrace - ok
16:46:34.0709 8652  [ CE9CB1DB00B5007ABFFF0717E748E919 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:46:34.0709 8652  flpydisk - ok
16:46:34.0709 8652  [ C5374BA2CAE89DE7269EC61A969EF5D5 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:46:34.0725 8652  FltMgr - ok
16:46:34.0740 8652  [ 8F528FD267C55ABE2A156C5F6EA6B867 ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:46:34.0740 8652  FontCache - ok
16:46:34.0756 8652  [ B6BC6E6731FB1E02F0B3C73A87E1C35E ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
16:46:34.0756 8652  FrameServer - ok
16:46:34.0771 8652  [ 8C1DC72E9088A9E703A153B3BF833378 ] fsbts           C:\WINDOWS\system32\drivers\fsbts.sys
16:46:34.0771 8652  fsbts - ok
16:46:34.0771 8652  [ 835F9C7193B6F9A796DE76897DC56968 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:46:34.0771 8652  FsDepends - ok
16:46:34.0787 8652  [ 91000301FE40E5D1E4819B0E3AC2B94E ] fsulhoster      C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe
16:46:34.0787 8652  fsulhoster - ok
16:46:34.0787 8652  [ 462DFF3DDB80510DD9282C6CD2437F33 ] fsulorsp        C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe
16:46:34.0787 8652  fsulorsp - ok
16:46:34.0787 8652  [ A01BA0506E07F316483E99D7AD9B6E75 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:46:34.0787 8652  Fs_Rec - ok
16:46:34.0803 8652  [ F00AA662A862BA1B5B0BB9FBDFAE2DFC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:46:34.0803 8652  fvevol - ok
16:46:34.0803 8652  [ 71DBED7FB264DB60341BC796EC2E8135 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:46:34.0803 8652  gencounter - ok
16:46:34.0818 8652  [ EA5EE5EF9765A9157B346DF671952F18 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
16:46:34.0818 8652  genericusbfn - ok
16:46:34.0818 8652  [ 6BE6550F1A32796A11EBC58BBC72C44D ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:46:34.0818 8652  GPIOClx0101 - ok
16:46:34.0834 8652  [ 3FC2377994D9D63FC128B6C48B22B68F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:46:34.0834 8652  gpsvc - ok
16:46:34.0834 8652  [ 508614CAC7BF8AEE4FB9002A413919B1 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
16:46:34.0850 8652  GpuEnergyDrv - ok
16:46:34.0850 8652  [ 248739BB0F3A1156A2C0AF51F39A9EA2 ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
16:46:34.0850 8652  GraphicsPerfSvc - ok
16:46:34.0850 8652  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:34.0850 8652  gupdate - ok
16:46:34.0850 8652  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:34.0865 8652  gupdatem - ok
16:46:34.0865 8652  [ DED74127C7A2266715C0B8EA2EE75214 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:46:34.0865 8652  HDAudBus - ok
16:46:34.0865 8652  [ 95888B85956AF97320D1F5C354632957 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:46:34.0865 8652  HidBatt - ok
16:46:34.0865 8652  [ 33346BD26BB0AE4361DF1ED00D2876CF ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:46:34.0865 8652  HidBth - ok
16:46:34.0881 8652  [ 6D767FEB02DF712F783BEEFF09E06431 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:46:34.0881 8652  hidi2c - ok
16:46:34.0881 8652  [ 542AB7A14235C5227A9307ACF1636F0B ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
16:46:34.0881 8652  hidinterrupt - ok
16:46:34.0881 8652  [ 1553DF41F4EE4F60B4BEEEC62264BE71 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:46:34.0881 8652  HidIr - ok
16:46:34.0881 8652  [ 3030F19C6A73367D6D5EEDD157F5D01A ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:46:34.0881 8652  hidserv - ok
16:46:34.0896 8652  [ 6E3FB2047B8AE72E1B5F1C00A5F3E475 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:46:34.0896 8652  HidUsb - ok
16:46:34.0896 8652  [ 621B1FFB2E4E4745484EA01B013BF1D2 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:46:34.0896 8652  HpSAMD - ok
16:46:34.0912 8652  [ B96A51E96768A56180EF4934A8613E54 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:46:34.0912 8652  HTTP - ok
16:46:34.0912 8652  [ 9E1F3BA540DB9F4942A3F50A92E5754F ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
16:46:34.0912 8652  hvcrash - ok
16:46:34.0928 8652  [ 64A94654E5703D2E8830AA2500D8F0A4 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
16:46:34.0928 8652  HvHost - ok
16:46:34.0928 8652  [ 621042C19113527CF8FA89F3454576BF ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
16:46:34.0928 8652  hvservice - ok
16:46:34.0928 8652  [ B149905CD7451160B6BFA2191A3F6182 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
16:46:34.0928 8652  HwNClx0101 - ok
16:46:34.0928 8652  [ FE36689912DEC37D45B7A6C6414046FE ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:46:34.0928 8652  hwpolicy - ok
16:46:34.0943 8652  [ A1133368F47D514D73DD7FB4C4FD2B75 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:46:34.0943 8652  hyperkbd - ok
16:46:34.0943 8652  [ B68252C53556FFB52CCE18FF30FACA99 ] HyperVideo      C:\WINDOWS\System32\drivers\HyperVideo.sys
16:46:34.0943 8652  HyperVideo - ok
16:46:34.0943 8652  [ DA179667B8CEC22E4ECBBF4210DC0E35 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:46:34.0943 8652  i8042prt - ok
16:46:34.0943 8652  [ B5EC43755E62591197DE5CBBDAA9FEB7 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
16:46:34.0943 8652  iagpio - ok
16:46:34.0959 8652  [ D8CA23F9C5FEF44296FDE1E005C06EC0 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
16:46:34.0959 8652  iai2c - ok
16:46:34.0959 8652  [ 7B769C9D19C013F94874C4B15D59A005 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
16:46:34.0959 8652  iaLPSS2i_GPIO2 - ok
16:46:34.0959 8652  [ E0F1B3A2A70FABE3BE1C9140BB55E607 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
16:46:34.0959 8652  iaLPSS2i_GPIO2_BXT_P - ok
16:46:34.0975 8652  [ 89A869BCC0588A3009ECB875B09ECD39 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
16:46:34.0975 8652  iaLPSS2i_I2C - ok
16:46:34.0975 8652  [ 2E693DF3C02A0859DB8DE25772751100 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
16:46:34.0975 8652  iaLPSS2i_I2C_BXT_P - ok
16:46:34.0975 8652  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:46:34.0975 8652  iaLPSSi_GPIO - ok
16:46:34.0990 8652  [ EB82A11613326691508D9ED9A4FE29E7 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:46:34.0990 8652  iaLPSSi_I2C - ok
16:46:34.0990 8652  [ 26405FA714257E449581DE5D6E6200E6 ] iaStorAVC       C:\WINDOWS\system32\drivers\iaStorAVC.sys
16:46:35.0006 8652  iaStorAVC - ok
16:46:35.0006 8652  [ 11AC0355FE52CC8813EE6864DE7531E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:46:35.0006 8652  iaStorV - ok
16:46:35.0021 8652  [ 62CD9FA7394BCDF7784CCEFC9D00C9AA ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
16:46:35.0021 8652  ibbus - ok
16:46:35.0021 8652  [ F8CFDD8FED56E1261367A81A731BC1C0 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
16:46:35.0021 8652  icssvc - ok
16:46:35.0037 8652  [ 25793D173BD83ACF8B248C97ABC3B860 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:46:35.0053 8652  IKEEXT - ok
16:46:35.0053 8652  [ AA38C19A3D65E8228D822EB18037E19D ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
16:46:35.0053 8652  IndirectKmd - ok
16:46:35.0068 8652  [ 310C18A371002983E7BF25BEB0333480 ] InstallService  C:\WINDOWS\system32\InstallService.dll
16:46:35.0068 8652  InstallService - ok
16:46:35.0115 8652  [ 77BC351C9DE23DEC2634A3BEA8605A26 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:46:35.0131 8652  IntcAzAudAddService - ok
16:46:35.0131 8652  [ F1B552F7ACDF6E3E4DDDB76118CAFDE3 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:46:35.0131 8652  intelide - ok
16:46:35.0131 8652  [ E6CC7C1E7CEDC81D6B15BF2CF4C99109 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:46:35.0131 8652  intelpep - ok
16:46:35.0146 8652  [ 2CEF9DEB97B2CA327175EE8AD5F195A1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:46:35.0146 8652  intelppm - ok
16:46:35.0146 8652  [ 917931A6116F03DB3CA56CFCE8634667 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
16:46:35.0146 8652  iorate - ok
16:46:35.0146 8652  [ FB72A49FAD5C343C8C38948F92D87BBF ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:46:35.0146 8652  IpFilterDriver - ok
16:46:35.0162 8652  [ 9064A49C03F1CED42EAC2B4636C87192 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:46:35.0162 8652  iphlpsvc - ok
16:46:35.0162 8652  [ 5C58142E0F1F8AA379748CC123BA7527 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:46:35.0162 8652  IPMIDRV - ok
16:46:35.0178 8652  [ 7408B83959A4B8271EF67FD06A6B366B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:46:35.0178 8652  IPNAT - ok
16:46:35.0178 8652  [ 7BEA2228C81FB6E1EADDD54D615B4C7E ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
16:46:35.0178 8652  IPT - ok
16:46:35.0178 8652  [ AD0574F12AA812340BD39071FD30AD1E ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
16:46:35.0178 8652  IpxlatCfgSvc - ok
16:46:35.0178 8652  [ 030AE3773151CFA728C67E38416FAD8D ] irda            C:\WINDOWS\system32\drivers\irda.sys
16:46:35.0178 8652  irda - ok
16:46:35.0193 8652  [ 79D02DC54AB4F85D2C13A728A0E36193 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:46:35.0193 8652  IRENUM - ok
16:46:35.0193 8652  [ 6ADE9DCAF71DCD888320CA47DB8B05EF ] irmon           C:\WINDOWS\System32\irmon.dll
16:46:35.0193 8652  irmon - ok
16:46:35.0193 8652  [ 38A6EC08D0067DECF7B5BA4C871B846C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:46:35.0193 8652  isapnp - ok
16:46:35.0193 8652  [ 5529131AAB75E07D9295B19E20C54DAE ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:46:35.0209 8652  iScsiPrt - ok
16:46:35.0209 8652  [ C35FD802C800F3CBB4FD426D5A542A22 ] ItSas35i        C:\WINDOWS\system32\drivers\ItSas35i.sys
16:46:35.0209 8652  ItSas35i - ok
16:46:35.0209 8652  [ 17F3B012B28F27E7B813A7B037A3D790 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:46:35.0209 8652  kbdclass - ok
16:46:35.0209 8652  [ 843B4BBD15DD0340C5C293CD419D4A76 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:46:35.0209 8652  kbdhid - ok
16:46:35.0224 8652  [ 5BBB86F3F1700E0ACE1DF10F0EF7B227 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
16:46:35.0224 8652  kdnic - ok
16:46:35.0224 8652  [ 317340CD278A374BCEF6A30194557227 ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:46:35.0224 8652  KeyIso - ok
16:46:35.0224 8652  [ CDFEB3E0BD19C285AEDB4CE24B1A7AA2 ] KillerEth       C:\WINDOWS\System32\drivers\e2xw10x64.sys
16:46:35.0224 8652  KillerEth - ok
16:46:35.0224 8652  [ 65EF1DBF0132AE84A71B555E97445D4E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:46:35.0224 8652  KSecDD - ok
16:46:35.0240 8652  [ C15FB07656470AEC5828E934BFCEB1F2 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:46:35.0240 8652  KSecPkg - ok
16:46:35.0240 8652  [ 10F2EBC1F1C4549C355781715DE47B66 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:46:35.0240 8652  ksthunk - ok
16:46:35.0240 8652  [ C4151271434A490707B4FD4E6AAE9EED ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:46:35.0240 8652  KtmRm - ok
16:46:35.0256 8652  [ 081D030BC669BDEDC68B8FE81A67E6A7 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:46:35.0256 8652  LanmanServer - ok
16:46:35.0256 8652  [ 514E8BD07F42D95667F54777D57403D0 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:46:35.0271 8652  LanmanWorkstation - ok
16:46:35.0271 8652  [ C2A49E8EEE7C3D06ECA80847A42F65D5 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
16:46:35.0271 8652  lfsvc - ok
16:46:35.0271 8652  [ A6F294B38F3DFB67D6B6E1D1E60A402A ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
16:46:35.0271 8652  LGBusEnum - ok
16:46:35.0271 8652  [ 2D7F1C02B94D6F0F3E10107E5EA8E141 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
16:46:35.0271 8652  LGCoreTemp - ok
16:46:35.0287 8652  [ C582EBCB331D4D45F4956ACF3D82F674 ] LGJoyHidFilter  C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys
16:46:35.0287 8652  LGJoyHidFilter - ok
16:46:35.0287 8652  [ 4BBEB017EA54A3C211D18625DBB6EEE8 ] LGJoyHidLo      C:\WINDOWS\system32\drivers\LGJoyHidLo.sys
16:46:35.0287 8652  LGJoyHidLo - ok
16:46:35.0287 8652  [ 2A9F60E6531F42B31874618743037719 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
16:46:35.0287 8652  LGJoyXlCore - ok
16:46:35.0303 8652  [ 94AF1384A67B9FCF5651E70BC9D4C526 ] LGSHidFilt      C:\WINDOWS\System32\drivers\LGSHidFilt.Sys
16:46:35.0303 8652  LGSHidFilt - ok
16:46:35.0303 8652  [ FA59A7421049F5852C1182345A4B8C4F ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
16:46:35.0303 8652  LGVirHid - ok
16:46:35.0303 8652  [ DB8F10ED986BFE0A5B663A1D067F2CCC ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
16:46:35.0303 8652  LicenseManager - ok
16:46:35.0318 8652  [ 3CF979AFF0196DF3DF5E54DFC049EB1F ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
16:46:35.0318 8652  lltdio - ok
16:46:35.0318 8652  [ D6DD748EAC3BC540CFE65C73FE20C099 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:46:35.0318 8652  lltdsvc - ok
16:46:35.0318 8652  [ BD35F484DA59014D091736F8F10BFB42 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:46:35.0318 8652  lmhosts - ok
16:46:35.0334 8652  [ DB472E3377770B0D54BFFE8866081803 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
16:46:35.0334 8652  LogiRegistryService - ok
16:46:35.0334 8652  [ 48380096385DB46E43D85CD92B9500DB ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:46:35.0334 8652  LSI_SAS - ok
16:46:35.0334 8652  [ F708223E5829510DF0D5AF209D11C8B8 ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
16:46:35.0334 8652  LSI_SAS2i - ok
16:46:35.0349 8652  [ B91BCC8F670F128A4BB826ACF2C2B9D5 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
16:46:35.0349 8652  LSI_SAS3i - ok
16:46:35.0349 8652  [ FA31CDF977CD31AF9AEAAA422966ACC1 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:46:35.0349 8652  LSI_SSS - ok
16:46:35.0349 8652  [ 52B6D805C60127F0456DF019775F5740 ] LSM             C:\WINDOWS\System32\lsm.dll
16:46:35.0365 8652  LSM - ok
16:46:35.0365 8652  [ E86400D7B6E095E89CF63667D94D3F50 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:46:35.0365 8652  luafv - ok
16:46:35.0365 8652  [ 07514F5635999D7DDB5F3A62B5C5AEB3 ] LxpSvc          C:\WINDOWS\System32\LanguageOverlayServer.dll
16:46:35.0365 8652  LxpSvc - ok
16:46:35.0381 8652  [ 1CA48E995EE9BDAE7EE3601C792D8DA4 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
16:46:35.0381 8652  MapsBroker - ok
16:46:35.0381 8652  [ BD3D311802427608403C5E73A8D6137D ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
16:46:35.0381 8652  mausbhost - ok
16:46:35.0381 8652  [ 61C2D9790943D8E3AD05AE35E4A313EF ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
16:46:35.0396 8652  mausbip - ok
16:46:35.0396 8652  [ 61BCE12529E96E6F0335A2A8DEB83C61 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:46:35.0396 8652  megasas - ok
16:46:35.0396 8652  [ CA22763F12783A9C81C512ED747CECDD ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
16:46:35.0396 8652  megasas2i - ok
16:46:35.0396 8652  [ FDB06D857FC43D654547BBB31D039DB4 ] megasas35i      C:\WINDOWS\system32\drivers\megasas35i.sys
16:46:35.0396 8652  megasas35i - ok
16:46:35.0412 8652  [ 230361AF74DDB91705284E024A22DF4F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:46:35.0412 8652  megasr - ok
16:46:35.0412 8652  [ 3484F25E401832D1143CEA73EFFFDF33 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
16:46:35.0412 8652  MEIx64 - ok
16:46:35.0412 8652  [ 69259AFDF347B5F4AF06E900C4A1F62E ] MessagingService C:\WINDOWS\System32\MessagingService.dll
16:46:35.0412 8652  MessagingService - ok
16:46:35.0428 8652  [ A8931C3820D5F392D89176E0628E766E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
16:46:35.0428 8652  mlx4_bus - ok
16:46:35.0443 8652  [ EB4D7C9354CB88DE4B085EA3EEA5BC76 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
16:46:35.0443 8652  MMCSS - ok
16:46:35.0443 8652  [ CA25F2D78FDD0D36E3F3071B4B317BD4 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:46:35.0443 8652  Modem - ok
16:46:35.0443 8652  [ 13142B3B30F633F407D5256B2FFCCEF0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:46:35.0443 8652  monitor - ok
16:46:35.0443 8652  [ 66C9CCC6A100ACF7A4514BD3091CE566 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:46:35.0443 8652  mouclass - ok
16:46:35.0443 8652  [ 6BE61DAF4CDC0E13940096EAC4A9F490 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:46:35.0443 8652  mouhid - ok
16:46:35.0459 8652  [ 2CFB54C638F75E39FBB22723401A8A56 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:46:35.0459 8652  mountmgr - ok
16:46:35.0459 8652  [ D78D87D9F0F6A0BB96A712DB3CD47440 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:46:35.0459 8652  mpsdrv - ok
16:46:35.0459 8652  [ 9C7CE5CF0CDB6F41FDB96EF03754D283 ] mpssvc          C:\WINDOWS\system32\mpssvc.dll
16:46:35.0474 8652  mpssvc - ok
16:46:35.0474 8652  [ C12373EC998C6F17C0FE2D6C3CBB9C04 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:46:35.0474 8652  MRxDAV - ok
16:46:35.0474 8652  [ 3C0FA2ED75875481D00F3D77B1A3E336 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:46:35.0490 8652  mrxsmb - ok
16:46:35.0490 8652  [ E59589471F58AF1413B18A6817769B15 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:46:35.0490 8652  mrxsmb10 - ok
16:46:35.0490 8652  [ 42FE3D84EFE835443151DC2A50D05643 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:46:35.0490 8652  mrxsmb20 - ok
16:46:35.0490 8652  [ F14DE177087F9E990EDE95ACE1F94662 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
16:46:35.0506 8652  MsBridge - ok
16:46:35.0506 8652  [ 9A94F32C1DC90A7E5A35D0F820A8FB1D ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:46:35.0506 8652  MSDTC - ok
16:46:35.0506 8652  [ 128E1D8C23F690DF1DD7AFDB214DB6ED ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:46:35.0506 8652  Msfs - ok
16:46:35.0506 8652  [ 5A5ABA987943317300A4E55A5C5EB8C4 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:46:35.0506 8652  msgpiowin32 - ok
16:46:35.0521 8652  [ D727DEA75E316C80793C7098225D3F56 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:46:35.0521 8652  mshidkmdf - ok
16:46:35.0521 8652  [ E12A703CE10B068727499276340D5296 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:46:35.0521 8652  mshidumdf - ok
16:46:35.0521 8652  [ 8E42D6B92CB4567467E29F58F2E31715 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:46:35.0521 8652  msisadrv - ok
16:46:35.0521 8652  [ C9930B9F2ABF42C732202813951A9A26 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:46:35.0521 8652  MSiSCSI - ok
16:46:35.0521 8652  msiserver - ok
16:46:35.0537 8652  [ 2F3B9A23F8DEE9C3AD58CB3D966D83DD ] MSKSSRV         C:\WINDOWS\System32\drivers\MSKSSRV.sys
16:46:35.0537 8652  MSKSSRV - ok
16:46:35.0537 8652  [ AECFFBE104D428E8A74BCABF5B3B9912 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
16:46:35.0537 8652  MsLldp - ok
16:46:35.0537 8652  [ 83364A92271339D8042C9DD5FD938A84 ] MSPCLOCK        C:\WINDOWS\System32\drivers\MSPCLOCK.sys
16:46:35.0537 8652  MSPCLOCK - ok
16:46:35.0537 8652  [ AE5A4B89CDFF544B6481970BFD48A056 ] MSPQM           C:\WINDOWS\System32\drivers\MSPQM.sys
16:46:35.0537 8652  MSPQM - ok
16:46:35.0553 8652  [ 999433544A4136A9B879C98049821EE6 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:46:35.0553 8652  MsRPC - ok
16:46:35.0553 8652  [ 234715501CF129ECD718D70FDA074C57 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
16:46:35.0553 8652  MsSecFlt - ok
16:46:35.0553 8652  [ 4566CB65F176CE5CD8FCA487D2E3A64B ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:46:35.0553 8652  mssmbios - ok
16:46:35.0568 8652  [ 8A11E03B32840C0B73C14D16794F1A8A ] MSTEE           C:\WINDOWS\System32\drivers\MSTEE.sys
16:46:35.0568 8652  MSTEE - ok
16:46:35.0568 8652  [ 794285C4F166B8108292E63FEA3C41E3 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:46:35.0568 8652  MTConfig - ok
16:46:35.0568 8652  [ EEB9D3E90B83546864211D63C1A0A74A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:46:35.0568 8652  Mup - ok
16:46:35.0568 8652  [ 69CECA6726FAD321F5643B16A1FF3934 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:46:35.0568 8652  mvumis - ok
16:46:35.0584 8652  [ B66E5DDF484DE03D61B83118E45D5E11 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:46:35.0584 8652  NativeWifiP - ok
16:46:35.0599 8652  [ B281FAC1C60FE21ED3F635ECF673A981 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
16:46:35.0599 8652  NaturalAuthentication - ok
16:46:35.0599 8652  [ 6FEC83EDC4A3D1E99039CA1D96AD720D ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:46:35.0599 8652  NcaSvc - ok
16:46:35.0615 8652  [ C3D3E2DFBD52C48EA787604F49060A5C ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:46:35.0615 8652  NcbService - ok
16:46:35.0615 8652  [ 9AB04C4C14B32D127DB6E7D3DF79FF26 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:46:35.0615 8652  NcdAutoSetup - ok
16:46:35.0615 8652  [ AB9EB3CADF4D415B598487397476A23A ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
16:46:35.0615 8652  ndfltr - ok
16:46:35.0631 8652  [ 5269DDC879DF5FEA2B7DB91AA4726CCA ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:46:35.0646 8652  NDIS - ok
16:46:35.0646 8652  [ AF73B18F3096B165A6F4417C5ED36B01 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
16:46:35.0646 8652  NdisCap - ok
16:46:35.0646 8652  [ 1A9B1F5B8B131CE461A01C9424E149D7 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
16:46:35.0646 8652  NdisImPlatform - ok
16:46:35.0646 8652  [ 4C8BBD7EE829CE9BFB8E21134AC477E0 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:46:35.0646 8652  NdisTapi - ok
16:46:35.0662 8652  [ 76DB7B344F90A29A16CB6B7C67B87CF6 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
16:46:35.0662 8652  Ndisuio - ok
16:46:35.0662 8652  [ A76D79B71300EB3FEDD3D12D4C6F1D76 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:46:35.0662 8652  NdisVirtualBus - ok
16:46:35.0662 8652  [ DA9896F6ED9EAFDAC19177ADF99DD932 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
16:46:35.0662 8652  NdisWan - ok
16:46:35.0662 8652  [ DA9896F6ED9EAFDAC19177ADF99DD932 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:46:35.0677 8652  ndiswanlegacy - ok
16:46:35.0677 8652  [ 934E4A5CFD9CB891CD338052FA3467C6 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
16:46:35.0677 8652  ndproxy - ok
16:46:35.0677 8652  [ 0E3B0F3645D1BAE79397C66FE8AF6402 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:46:35.0677 8652  Ndu - ok
16:46:35.0677 8652  [ E686C162145E6DDCA2B3B644004351FD ] Neo_VPN         C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys
16:46:35.0677 8652  Neo_VPN - ok
16:46:35.0677 8652  [ A704515CF3038668E9E2CA66E31A0700 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
16:46:35.0693 8652  NetAdapterCx - ok
16:46:35.0693 8652  [ DD09E3115DF2CDB36FED21E67149EB91 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
16:46:35.0693 8652  NetBIOS - ok
16:46:35.0693 8652  [ 045A018E0BA5F9B75C5928A31C0E822C ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:46:35.0693 8652  NetBT - ok
16:46:35.0693 8652  [ 317340CD278A374BCEF6A30194557227 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:46:35.0693 8652  Netlogon - ok
16:46:35.0709 8652  [ C3D07481FDD607F9B66B2CF1D8E26EF0 ] Netman          C:\WINDOWS\System32\netman.dll
16:46:35.0709 8652  Netman - ok
16:46:35.0709 8652  [ E9931F57F05696CBF53A086449D97BF6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:46:35.0709 8652  netprofm - ok
16:46:35.0724 8652  [ C8B1AF912319FEF251288BDD27E9576D ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
16:46:35.0724 8652  NetSetupSvc - ok
16:46:35.0724 8652  [ 7EC8B56348F9298BCCA7A745C7F70E2C ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:46:35.0740 8652  NetTcpPortSharing - ok
16:46:35.0740 8652  [ DA8548D75434CE421BF921BAAC0916D9 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
16:46:35.0740 8652  netvsc - ok
16:46:35.0756 8652  [ 162A571ABAF9546339EE0BB482FF6AE7 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
16:46:35.0756 8652  NgcCtnrSvc - ok
16:46:35.0756 8652  [ 6084A17157D6F80EAD0413152DEF6185 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
16:46:35.0771 8652  NgcSvc - ok
16:46:35.0771 8652  [ BF69FF80C3975B1D1E9428A689A16CB1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:46:35.0771 8652  NlaSvc - ok
16:46:35.0787 8652  [ 7190932DB00BE83B57C01B5EAC4D746B ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:46:35.0787 8652  Npfs - ok
16:46:35.0787 8652  [ 218DB396170D77BB94F69B526CC51B8F ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:46:35.0787 8652  npsvctrig - ok
16:46:35.0787 8652  [ 457DAC0D0978F5391E0742ADCB4C2E28 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:46:35.0787 8652  nsi - ok
16:46:35.0787 8652  [ A4952889D7C5804F17ABB9F454A371C2 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:46:35.0787 8652  nsiproxy - ok
16:46:35.0802 8652  [ FCEFE8F8E6F5D46BB4BFA6DDEF6392E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:46:35.0818 8652  Ntfs - ok
16:46:35.0834 8652  [ C029E5408EEE26C3B4E5BA5D29738DB8 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:46:35.0834 8652  Null - ok
16:46:35.0834 8652  [ 189E5FCB96ABFEA84239A16062256EE4 ] nvdimm          C:\WINDOWS\System32\drivers\nvdimm.sys
16:46:35.0834 8652  nvdimm - ok
16:46:35.0834 8652  [ 8DE05D2A2C15D1A42F7BA85A819DEE0C ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
16:46:35.0834 8652  NVHDA - ok
16:46:35.0959 8652  [ 66ED27A828302B0E1FFF74DBB912A9DF ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys
16:46:36.0006 8652  nvlddmkm - ok
16:46:36.0021 8652  [ 1F50ED95984009BF3634D6BD1A16FA5B ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:46:36.0021 8652  nvraid - ok
16:46:36.0021 8652  [ D6C14906B78F235461EEF96A886830D4 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:46:36.0021 8652  nvstor - ok
16:46:36.0037 8652  [ F9F912215C57ECAEBEF2A00DDB25A225 ] NvStUSB         C:\WINDOWS\System32\drivers\nvstusb.sys
16:46:36.0037 8652  NvStUSB - ok
16:46:36.0037 8652  [ 9DBC464AB85AA48C9760C6C2E591E2D3 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
16:46:36.0037 8652  OneSyncSvc - ok
16:46:36.0052 8652  [ CD5ECD6470B6B235B73569A091150299 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:46:36.0052 8652  p2pimsvc - ok
16:46:36.0052 8652  [ CCD10679BA0D9EF549F80C458C2AD1C4 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:46:36.0070 8652  p2psvc - ok
16:46:36.0074 8652  [ 13B175715A4391E4E5D2AB2EBC8CDBB5 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:46:36.0074 8652  Parport - ok
16:46:36.0074 8652  [ 428B9FAFB0EE6EF66EAAB7B49A96487A ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:46:36.0074 8652  partmgr - ok
16:46:36.0090 8652  [ 646118D521C8131F6940E8BD808246A0 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:46:36.0090 8652  PcaSvc - ok
16:46:36.0090 8652  [ 7B6C0AFE5029A791F23B03EB13194797 ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:46:36.0090 8652  pci - ok
16:46:36.0105 8652  [ C447CDA030A3415711E4E940D2E9B399 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:46:36.0105 8652  pciide - ok
16:46:36.0105 8652  [ 753174DF234EA8BBF732986D5F78FCE7 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:46:36.0105 8652  pcmcia - ok
16:46:36.0105 8652  [ 1D05B6DE437515281CD91A16C16529E6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:46:36.0105 8652  pcw - ok
16:46:36.0105 8652  [ F5F1A092463D6E46E71CC709A65403D1 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:46:36.0121 8652  pdc - ok
16:46:36.0121 8652  [ 42B12A76D3C98AE69C97727E3BEC7D8A ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:46:36.0121 8652  PEAUTH - ok
16:46:36.0137 8652  [ 05A0A1AC00A8653B49F94381872D47E7 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
16:46:36.0152 8652  PeerDistSvc - ok
16:46:36.0168 8652  [ CD9BA1C279BE0E92E971C2B45A7F3D9B ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
16:46:36.0168 8652  percsas2i - ok
16:46:36.0168 8652  [ 6D5EA79E82A48B181E18C2C39416E8C8 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
16:46:36.0168 8652  percsas3i - ok
16:46:36.0184 8652  [ 185100798FBD23C849DC1C00ED43D99D ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:46:36.0200 8652  PerfHost - ok
16:46:36.0215 8652  [ 1206779B445417A29B33FCC7230CD28C ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
16:46:36.0231 8652  PhoneSvc - ok
16:46:36.0231 8652  [ 807ED476A62E79935315342BD3FAA046 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
16:46:36.0231 8652  PimIndexMaintenanceSvc - ok
16:46:36.0247 8652  [ 4E614DBE28B5857F70DEBCC804629E67 ] pla             C:\WINDOWS\system32\pla.dll
16:46:36.0262 8652  pla - ok
16:46:36.0262 8652  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:46:36.0262 8652  PlugPlay - ok
16:46:36.0278 8652  [ E8BE4041A69023B6A4D1096EE8436347 ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
16:46:36.0278 8652  pmem - ok
16:46:36.0278 8652  [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99 ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
16:46:36.0278 8652  PNPMEM - ok
16:46:36.0278 8652  [ 75690F495CEDBEF3D5989828AEEAE832 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:46:36.0278 8652  PNRPAutoReg - ok
16:46:36.0294 8652  [ CD5ECD6470B6B235B73569A091150299 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:46:36.0294 8652  PNRPsvc - ok
16:46:36.0294 8652  [ 9744ADAF8DD679D64A33D828FABA39E1 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:46:36.0294 8652  PolicyAgent - ok
16:46:36.0309 8652  [ F39D3876C731BB01BFE8F574188837C8 ] Power           C:\WINDOWS\system32\umpo.dll
16:46:36.0309 8652  Power - ok
16:46:36.0309 8652  [ 1FB09FD846D5030B82EB345E9970A105 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
16:46:36.0309 8652  PptpMiniport - ok
16:46:36.0340 8652  [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:46:36.0372 8652  PrintNotify - ok
16:46:36.0372 8652  [ A60202AE474E2173ED91118DD73ADAAD ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
16:46:36.0372 8652  PrintWorkflowUserSvc - ok
16:46:36.0387 8652  [ E0E55CDA29C80A9520FCFC78D7F8A73D ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:46:36.0387 8652  Processor - ok
16:46:36.0387 8652  [ C974AC54A9D34AF4899E98ECC1784E03 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:46:36.0387 8652  ProfSvc - ok
16:46:36.0403 8652  [ E4BF8BE7B3711BCBBC95EE983C0236F4 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
16:46:36.0403 8652  Psched - ok
16:46:36.0403 8652  [ 29F12CD3F77B65C7E37F8517395B13D2 ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
16:46:36.0403 8652  PushToInstall - ok
16:46:36.0419 8652  [ 8AB5F41584C98047ABEF490FC1E31F7E ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:46:36.0419 8652  QWAVE - ok
16:46:36.0419 8652  [ 00F72861538B6C4E925A21BAE397A49D ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:46:36.0419 8652  QWAVEdrv - ok
16:46:36.0434 8652  [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC ] Ramdisk         C:\WINDOWS\system32\DRIVERS\ramdisk.sys
16:46:36.0434 8652  Ramdisk - ok
16:46:36.0434 8652  [ B834761352403111D0113284D8736025 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:46:36.0434 8652  RasAcd - ok
16:46:36.0434 8652  [ FA99CE309B66586A0AA6EF9CFF7BC467 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
16:46:36.0434 8652  RasAgileVpn - ok
16:46:36.0434 8652  [ C7CCE345D0010B3B9AC5067578436BFE ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:46:36.0450 8652  RasAuto - ok
16:46:36.0450 8652  [ 775ED7E51B58CF9EB415A1DBA540DACF ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
16:46:36.0450 8652  Rasl2tp - ok
16:46:36.0450 8652  [ 032D13E37743DA2559E586D5BBDCB895 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:46:36.0465 8652  RasMan - ok
16:46:36.0465 8652  [ E2433A620ABF4083157944E4692C500D ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:46:36.0465 8652  RasPppoe - ok
16:46:36.0465 8652  [ EE5D1D51FA74ECCE57CF2DB8F6A417D8 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
16:46:36.0465 8652  RasSstp - ok
16:46:36.0481 8652  [ 5F7027A2F16AFF56DA68D996FAFDAAD8 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:46:36.0481 8652  rdbss - ok
16:46:36.0481 8652  [ 206AB796793FDBD518B82E2F308A7176 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:46:36.0481 8652  rdpbus - ok
16:46:36.0481 8652  [ 3DE4216324BE32FC3AF7667AE2406EE5 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:46:36.0481 8652  RDPDR - ok
16:46:36.0497 8652  [ 0600DF60EF88FD10663EC84709E5E245 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:46:36.0497 8652  RdpVideoMiniport - ok
16:46:36.0497 8652  [ 65652EFAAF4A8A59E60A2D7BE15317E8 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:46:36.0497 8652  rdyboost - ok
16:46:36.0512 8652  [ 3DCB3FAFE46B9FE41C9065EBBED97724 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
16:46:36.0528 8652  ReFS - ok
16:46:36.0544 8652  [ B76350D40A46DBA17205F8373528FD83 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
16:46:36.0544 8652  ReFSv1 - ok
16:46:36.0559 8652  [ 980F60634FAF9C58FC468AF9AA609D68 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:46:36.0559 8652  RemoteAccess - ok
16:46:36.0559 8652  [ 106E630F1B2A8BF2BBD4508D9B166406 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:46:36.0575 8652  RemoteRegistry - ok
16:46:36.0575 8652  [ 53BE6D9C36A9CB95A1568C24D44A8A34 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
16:46:36.0590 8652  RetailDemo - ok
16:46:36.0590 8652  [ 59F600BDA5B6EE591802945F1D8388D5 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
16:46:36.0590 8652  RFCOMM - ok
16:46:36.0590 8652  [ 3D4F4CCE0364CD3F1B539D2630686F24 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
16:46:36.0590 8652  rhproxy - ok
16:46:36.0606 8652  [ ADA13EBD9C23C51876A5B2EADF7F2E29 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
16:46:36.0606 8652  RmSvc - ok
16:46:36.0606 8652  [ 3CD63AE6A9A1DE4CD5831AE15221C861 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:46:36.0606 8652  RpcEptMapper - ok
16:46:36.0606 8652  [ 19EC4D05E01FE350B3494CEA122D64EB ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:46:36.0622 8652  RpcLocator - ok
16:46:36.0622 8652  [ 107661923943E9DC06ED2713AC5F7753 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:46:36.0637 8652  RpcSs - ok
16:46:36.0637 8652  [ FFFB16EF6E0B8B5F7F19B425923E7D12 ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
16:46:36.0637 8652  rspndr - ok
16:46:36.0637 8652  [ A2939E69027B97105014434BFBFF7195 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:46:36.0637 8652  s3cap - ok
16:46:36.0637 8652  [ 317340CD278A374BCEF6A30194557227 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:46:36.0637 8652  SamSs - ok
16:46:36.0653 8652  [ 04C51BBD8C9F54E5F2C5D831B03B11E3 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:46:36.0653 8652  sbp2port - ok
16:46:36.0653 8652  [ D48F36EA4B4E8237B24E33B18D76EB2A ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:46:36.0653 8652  SCardSvr - ok
16:46:36.0669 8652  [ 1B1FB3D8403E621F2B9201EF414E21D9 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:46:36.0669 8652  ScDeviceEnum - ok
16:46:36.0669 8652  [ 0070C2DC6563C48EDA63A282748F3FCD ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:46:36.0669 8652  scfilter - ok
16:46:36.0700 8652  [ 9D13410D7B4D76AA2EA73EC8CA0E0190 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:46:36.0700 8652  Schedule - ok
16:46:36.0700 8652  [ 6538E939E55B589AA4F5BC22D35A6B36 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
16:46:36.0700 8652  scmbus - ok
16:46:36.0715 8652  [ 620E4F2FDD04FFB70702676423F1C2AC ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:46:36.0715 8652  SCPolicySvc - ok
16:46:36.0715 8652  [ 495273177E87B0C34D7E431E9254FA23 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:46:36.0715 8652  sdbus - ok
16:46:36.0731 8652  [ 9EF09DE84CE20B787C02395394AC2A7E ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
16:46:36.0731 8652  SDFRd - ok
16:46:36.0731 8652  [ 01607A2FAB0068450A06C90AF755D57E ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
16:46:36.0747 8652  SDRSVC - ok
16:46:36.0747 8652  [ F80D6C03FEA2F7DEE14023B7229DA8C2 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:46:36.0747 8652  sdstor - ok
16:46:36.0747 8652  [ 44B1F4F200B4D3AE8B53290101148AFC ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:46:36.0747 8652  seclogon - ok
16:46:36.0762 8652  [ 927AEFF824C08AD5E22BB27E4A1D50AA ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
16:46:36.0762 8652  SecurityHealthService - ok
16:46:36.0778 8652  [ CB40F8B4DEB52C26EF005C1F94BFDC7B ] SeLow           C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys
16:46:36.0778 8652  SeLow - ok
16:46:36.0778 8652  [ 7D7ED932B6417D8687D1D972989B310B ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
16:46:36.0794 8652  SEMgrSvc - ok
16:46:36.0794 8652  [ CA614C9FBC8307AB1DC937F3393899E2 ] SENS            C:\WINDOWS\System32\sens.dll
16:46:36.0794 8652  SENS - ok
16:46:36.0794 8652  Sense - ok
16:46:36.0809 8652  [ 46AEFFC68BEAF89805B95CC6F9529C2E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
16:46:36.0825 8652  SensorDataService - ok
16:46:36.0856 8652  [ 2B81117E9C3E20BBAA2CB5467D000F77 ] SensorService   C:\WINDOWS\system32\SensorService.dll
16:46:36.0856 8652  SensorService - ok
16:46:36.0856 8652  [ DF94FAAEC4CDAA3886A0169E660C984B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:46:36.0872 8652  SensrSvc - ok
16:46:36.0872 8652  [ C5CF2941AA9E417B3A224601255C002E ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:46:36.0872 8652  SerCx - ok
16:46:36.0872 8652  [ B9C113BD9FCA4F3E23F03708A7DA07CC ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:46:36.0872 8652  SerCx2 - ok
16:46:36.0887 8652  [ 1845736FA47A1DFBBB642FE21095B4E0 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:46:36.0887 8652  Serenum - ok
16:46:36.0887 8652  [ F1BABF50469041797ED9928C31318832 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:46:36.0887 8652  Serial - ok
16:46:36.0887 8652  [ 340116988930B07629A2D0C2B380A365 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:46:36.0887 8652  sermouse - ok
16:46:36.0887 8652  [ 87340BC77470B34F11A9E558B591DB08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:46:36.0903 8652  SessionEnv - ok
16:46:36.0950 8652  [ 004D1CF0250B5635C572DDEC489E3709 ] SEVPNCLIENT     C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
16:46:36.0965 8652  SEVPNCLIENT - ok
16:46:36.0981 8652  [ 77FF0A5BA023D8E8C82EACCD54EA5C78 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:46:36.0981 8652  sfloppy - ok
16:46:36.0981 8652  [ 1941F5CA54C469E16957587FD56ED842 ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
16:46:36.0981 8652  SgrmAgent - ok
16:46:36.0981 8652  [ D3170A3F3A9626597EEE1888686E3EA6 ] SgrmBroker      C:\WINDOWS\system32\SgrmBroker.exe
16:46:36.0997 8652  SgrmBroker - ok
16:46:36.0997 8652  [ AC1D97F89F2EC7E334A406603A686973 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:46:37.0012 8652  SharedAccess - ok
16:46:37.0012 8652  [ 0BE15FDA358837ABD88DC72AA75C75CD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
16:46:37.0028 8652  SharedRealitySvc - ok
16:46:37.0028 8652  [ 63B104867F70F0D81125C37989146960 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:46:37.0028 8652  ShellHWDetection - ok
16:46:37.0043 8652  [ F6D90D09D2BCFA2B5E492BFECA40EDE4 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
16:46:37.0043 8652  shpamsvc - ok
16:46:37.0059 8652  [ 1443CF919C2A3207CE7724E0A31686A2 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:46:37.0059 8652  SiSRaid2 - ok
16:46:37.0075 8652  [ C0B1EAD6CC127CAE4E84EBF54105B3B8 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:46:37.0075 8652  SiSRaid4 - ok
16:46:37.0075 8652  [ B7C6144293CFAD2DEDCD022C44735DC2 ] smphost         C:\WINDOWS\System32\smphost.dll
16:46:37.0090 8652  smphost - ok
16:46:37.0106 8652  [ A3BEF2736E902B9DCA68554F4E10E08C ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
16:46:37.0106 8652  SmsRouter - ok
16:46:37.0106 8652  [ 577EC13EB5215325E9B9FC51FB56A974 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:46:37.0122 8652  SNMPTRAP - ok
16:46:37.0122 8652  [ 5E70A578D27BCC7E37E16055669F2836 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:46:37.0122 8652  spaceport - ok
16:46:37.0137 8652  [ FE1776E587227120DC04EAEC45473245 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
16:46:37.0137 8652  SpatialGraphFilter - ok
16:46:37.0137 8652  [ D05EB2BB52EC6B665D1631EC33241B80 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:46:37.0137 8652  SpbCx - ok
16:46:37.0153 8652  [ 52A4B8C04C345434C974B9A949521BAE ] spectrum        C:\WINDOWS\system32\spectrum.exe
16:46:37.0153 8652  spectrum - ok
16:46:37.0168 8652  [ C05A19A38D7D203B738771FD1854656F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:46:37.0168 8652  Spooler - ok
16:46:37.0200 8652  [ 95EBCA251177AD13238FF0DC15C3202C ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:46:37.0231 8652  sppsvc - ok
16:46:37.0231 8652  [ ED80563D25C600CA00523D5ACD63F96F ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:46:37.0247 8652  srv - ok
16:46:37.0247 8652  [ 3EB4023AC700182D84CB6761D3727394 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:46:37.0247 8652  srv2 - ok
16:46:37.0262 8652  [ 93DF24D0C33F2894429D4180145CBDA7 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:46:37.0262 8652  srvnet - ok
16:46:37.0262 8652  [ 1AEA66706573E8CCD6038369FE37F237 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:46:37.0262 8652  SSDPSRV - ok
16:46:37.0278 8652  [ 5EE518DFADC18573E681BB78833E93FA ] ssh-agent       C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
16:46:37.0278 8652  ssh-agent - ok
16:46:37.0278 8652  [ C7DF51E24DD853E7E2D3C0BCDCE57D6C ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:46:37.0278 8652  SstpSvc - ok
16:46:37.0278 8652  [ F0B59ADCD06BCEB9D47311B7041CA2C9 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:46:37.0293 8652  ssudmdm - ok
16:46:37.0325 8652  [ B9E4174DFBDCA9979A92D17C2E67890E ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
16:46:37.0340 8652  StateRepository - ok
16:46:37.0356 8652  [ 95B08615120CE1353EA4ED2C174E5A9F ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:46:37.0372 8652  Steam Client Service - ok
16:46:37.0372 8652  [ DA82903F26AE12034CC5229F61098948 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:46:37.0372 8652  stexstor - ok
16:46:37.0387 8652  [ EB2C25A3700309F3F67D9334CF33A36C ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:46:37.0387 8652  stisvc - ok
16:46:37.0387 8652  [ F2D1983C7BEF5E3AB8978A7796C59A75 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:46:37.0387 8652  storahci - ok
16:46:37.0403 8652  [ 76C9E2AA3400C22FC7091AD2F2999F95 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
16:46:37.0403 8652  storflt - ok
16:46:37.0403 8652  [ 701078F20919BD635EA25F691880F651 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:46:37.0403 8652  stornvme - ok
16:46:37.0403 8652  [ 47CE4211A40C2C023A8138E18757F3D2 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
16:46:37.0403 8652  storqosflt - ok
16:46:37.0418 8652  [ DEA7BB6D3724F2FD9E61ED085E69DFA7 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:46:37.0434 8652  StorSvc - ok
16:46:37.0434 8652  [ 25D7B79F80F3C2CD97D797C14D470165 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
16:46:37.0434 8652  storufs - ok
16:46:37.0434 8652  [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:46:37.0434 8652  storvsc - ok
16:46:37.0434 8652  [ 0B154B033AD7F9215DED11E0CFC80A25 ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:46:37.0434 8652  svsvc - ok
16:46:37.0465 8652  [ 54255DF324C621A97220EBFA832237D2 ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
16:46:37.0465 8652  swenum - ok
16:46:37.0465 8652  [ B3C113C9B784A4D296C7A7BA515F74BF ] swprv           C:\WINDOWS\System32\swprv.dll
16:46:37.0465 8652  swprv - ok
16:46:37.0481 8652  [ A2A42A570524C975259E3B81C4D80DCA ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
16:46:37.0481 8652  Synth3dVsc - ok
16:46:37.0481 8652  [ 62492FAAC26223E8A21E79A2331A3F10 ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:46:37.0496 8652  SysMain - ok
16:46:37.0496 8652  [ 607143646829B70F7C60F4CF499AD41D ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:46:37.0496 8652  SystemEventsBroker - ok
16:46:37.0512 8652  [ CE9975A9E0DFBEFECECE218D2674C1CD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:46:37.0512 8652  TabletInputService - ok
16:46:37.0512 8652  [ D765F43CBEA72D14C04AF3D2B9C8E54B ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
16:46:37.0512 8652  tap0901 - ok
16:46:37.0512 8652  [ E38C7C4D57B1438F70A1B913870E8665 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:46:37.0528 8652  TapiSrv - ok
16:46:37.0543 8652  [ 85F08C04631954B48D4F65BEDB72282E ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:46:37.0559 8652  Tcpip - ok
16:46:37.0590 8652  [ 85F08C04631954B48D4F65BEDB72282E ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
16:46:37.0590 8652  Tcpip6 - ok
16:46:37.0606 8652  [ 085F8A5F09E64CC27309AF160EF4F9BA ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:46:37.0606 8652  tcpipreg - ok
16:46:37.0606 8652  [ 16071C42E21CE3378FA449322FB9AB1D ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:46:37.0606 8652  tdx - ok
16:46:37.0606 8652  [ B2C4D7CB291293CAC636748E695D111E ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:46:37.0606 8652  terminpt - ok
16:46:37.0621 8652  [ 10ADC3589E50B1ED8452C86E0CBE8248 ] TermService     C:\WINDOWS\System32\termsrv.dll
16:46:37.0637 8652  TermService - ok
16:46:37.0637 8652  [ 1A0A0F6A139148AFDC4622046D4B3CBD ] Themes          C:\WINDOWS\system32\themeservice.dll
16:46:37.0637 8652  Themes - ok
16:46:37.0637 8652  [ 811910E891A6DB4A864AE119EB71218C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
16:46:37.0653 8652  TieringEngineService - ok
16:46:37.0653 8652  [ 8BF5E2FD72E939CF68D617E273034793 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
16:46:37.0653 8652  TimeBrokerSvc - ok
16:46:37.0668 8652  [ 1FD998EEF7CBDBC71C0FCA164B01864F ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
16:46:37.0668 8652  TokenBroker - ok
16:46:37.0684 8652  [ BF705C64C1522646BF00E72393DC5D6F ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
16:46:37.0684 8652  TPM - ok
16:46:37.0684 8652  [ A5C0F857C38278A90E953A24E1701196 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:46:37.0684 8652  TrkWks - ok
16:46:37.0700 8652  [ 4578046C54A954C917BB393B70BA0AEB ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:46:37.0700 8652  TrustedInstaller - ok
16:46:37.0700 8652  [ 0D721F40C179EC5737C15E551F22C69B ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:46:37.0700 8652  TsUsbFlt - ok
16:46:37.0700 8652  [ DE1296871208D1F13B7AC57C4B1FA46C ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:46:37.0715 8652  TsUsbGD - ok
16:46:37.0715 8652  [ 3A84A09CBC42148A0C7D00B3E82517F1 ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
16:46:37.0715 8652  tsusbhub - ok
16:46:37.0715 8652  [ BC938ABBF586272BD4063CA51F09149F ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
16:46:37.0715 8652  tunnel - ok
16:46:37.0731 8652  [ E94996BB8F323AF02860196C1400AD30 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
16:46:37.0731 8652  tzautoupdate - ok
16:46:37.0731 8652  [ BDFACE024EFF2398214797143AD76C87 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:46:37.0731 8652  UASPStor - ok
16:46:37.0731 8652  [ 00C4396DE1CD3502884BB2E2B6D6861C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
16:46:37.0731 8652  UcmCx0101 - ok
16:46:37.0746 8652  [ ED9CBD1541C8AFDAA9B8255A384E2B53 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
16:46:37.0746 8652  UcmTcpciCx0101 - ok
16:46:37.0746 8652  [ F58F1BC6A6972437CE18516F8ACCEB9F ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
16:46:37.0746 8652  UcmUcsi - ok
16:46:37.0746 8652  [ EE62D07172014C8BBE7C80A3AAF56E8F ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
16:46:37.0746 8652  Ucx01000 - ok
16:46:37.0762 8652  [ 12E2B6B642360E66396502B62B048694 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
16:46:37.0762 8652  UdeCx - ok
16:46:37.0762 8652  [ 6A442723D4D05D9F15D24C9942CDA00D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:46:37.0762 8652  udfs - ok
16:46:37.0762 8652  [ D30AF38971B6670C222250AC2CBB6227 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:46:37.0762 8652  UEFI - ok
16:46:37.0778 8652  [ AD58EA78772B8163CFDE9BF671B6F8F1 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
16:46:37.0778 8652  UevAgentDriver - ok
16:46:37.0793 8652  [ F7E36C20DB953DFF4FDDB817904C0E48 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
16:46:37.0793 8652  UevAgentService - ok
16:46:37.0809 8652  [ 588B9212DEE84F5192C09A147AA5C316 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
16:46:37.0809 8652  Ufx01000 - ok
16:46:37.0809 8652  [ 78B5C069C9AA1463ACC833FD7E2A3BD5 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
16:46:37.0809 8652  UfxChipidea - ok
16:46:37.0809 8652  [ 533BF4F456A1C6E7581E8C0A4EC59300 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
16:46:37.0809 8652  ufxsynopsys - ok
16:46:37.0824 8652  [ 360FEE6F687D98EFFE46A5433FE6182E ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:46:37.0824 8652  umbus - ok
16:46:37.0824 8652  [ F6F1A9D91F684AA02951B96EE8127DAE ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:46:37.0824 8652  UmPass - ok
16:46:37.0824 8652  [ 0D806415E1F86E7C1C192261C247EF0D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:46:37.0840 8652  UmRdpService - ok
16:46:37.0840 8652  [ EAEC69961D9D8B39FEA44D56F7FB259D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
16:46:37.0856 8652  UnistoreSvc - ok
16:46:37.0871 8652  [ 2362D5C18120FAB9CE5BD1F73EE33758 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:46:37.0871 8652  upnphost - ok
16:46:37.0871 8652  [ 49A5E1B43C59DC0E363AD9C2D7D10BE4 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
16:46:37.0871 8652  UrsChipidea - ok
16:46:37.0887 8652  [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
16:46:37.0887 8652  UrsCx01000 - ok
16:46:37.0887 8652  [ 09518A324B95BBC0B472BD5A472CB916 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
16:46:37.0887 8652  UrsSynopsys - ok
16:46:37.0887 8652  [ B7211393225AB05324C52BA47B31FEB4 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:46:37.0887 8652  usbccgp - ok
16:46:37.0903 8652  [ 250D21958EE5F45CD13FE6BE3788EE70 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:46:37.0903 8652  usbcir - ok
16:46:37.0903 8652  [ 4269DE1EB8029D55B3BB3A8A330FCF90 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:46:37.0903 8652  usbehci - ok
16:46:37.0918 8652  [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:46:37.0918 8652  usbhub - ok
16:46:37.0918 8652  [ D1F6348F41DFCE25AA918E38F02E80FD ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:46:37.0918 8652  USBHUB3 - ok
16:46:37.0934 8652  [ A547E7B1B3FB2228259AA85AC7E82698 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:46:37.0934 8652  usbohci - ok
16:46:37.0949 8652  [ 692C0BA4109C8F78392A299369F51129 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:46:37.0949 8652  usbprint - ok
16:46:37.0949 8652  [ 45A9E57185B79420EFEA5A4AED655809 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
16:46:37.0949 8652  usbser - ok
16:46:37.0949 8652  [ CEF7527514EC49EBE0C760D784643EF0 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:46:37.0949 8652  USBSTOR - ok
16:46:37.0965 8652  [ A4124036C4FD2B94C6157C4588EEB4E3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:46:37.0965 8652  usbuhci - ok
16:46:37.0965 8652  [ 9F4CCFCD4B4C6008C940510E43D54AEC ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:46:37.0965 8652  USBXHCI - ok
16:46:37.0996 8652  [ CE0E3BA8FC974BEE5BE20E4F43A1C583 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
16:46:38.0012 8652  UserDataSvc - ok
16:46:38.0028 8652  [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE ] UserManager     C:\WINDOWS\System32\usermgr.dll
16:46:38.0028 8652  UserManager - ok
16:46:38.0043 8652  [ C6C17BECA29DB0D6F6FF6D45EB65FF80 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
16:46:38.0059 8652  UsoSvc - ok
16:46:38.0059 8652  [ 3E283D06357616CD4117CC15BDB7C4C3 ] VacSvc          C:\WINDOWS\System32\vac.dll
16:46:38.0059 8652  VacSvc - ok
16:46:38.0059 8652  [ 317340CD278A374BCEF6A30194557227 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:46:38.0074 8652  VaultSvc - ok
16:46:38.0074 8652  [ 8DCB7E5A9497C030484E5AD9E541B85C ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:46:38.0074 8652  vdrvroot - ok
16:46:38.0074 8652  [ 4940B49502323905B66039D0D1AB4613 ] vds             C:\WINDOWS\System32\vds.exe
16:46:38.0090 8652  vds - ok
16:46:38.0090 8652  [ 5C25C1A89650C95D15F7988D71487B08 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:46:38.0090 8652  VerifierExt - ok
16:46:38.0106 8652  [ E8E5F722A699EF037891D735CB588F8D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:46:38.0106 8652  vhdmp - ok
16:46:38.0106 8652  [ 209A34F4BE17B0A56328C86F8CCC5577 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
16:46:38.0121 8652  vhf - ok
16:46:38.0121 8652  [ 44F4ED5D8FC0CFA7C3755D44C575D994 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:46:38.0121 8652  vmbus - ok
16:46:38.0121 8652  [ E2D57FB1A62F0BB7F70570806A09CE2B ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:46:38.0121 8652  VMBusHID - ok
16:46:38.0121 8652  [ C9F69EBA06A703CE726CC6FC0AEFB5E9 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
16:46:38.0121 8652  vmgid - ok
16:46:38.0137 8652  [ E4F5E83951810583FE8C2423772171DF ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
16:46:38.0137 8652  vmicguestinterface - ok
16:46:38.0137 8652  [ E4F5E83951810583FE8C2423772171DF ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
16:46:38.0153 8652  vmicheartbeat - ok
16:46:38.0153 8652  [ E4F5E83951810583FE8C2423772171DF ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
16:46:38.0153 8652  vmickvpexchange - ok
16:46:38.0153 8652  [ DB7FB1DA7E1564EACBADD436191309C5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
16:46:38.0168 8652  vmicrdv - ok
16:46:38.0168 8652  [ E4F5E83951810583FE8C2423772171DF ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
16:46:38.0168 8652  vmicshutdown - ok
16:46:38.0184 8652  [ E4F5E83951810583FE8C2423772171DF ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
16:46:38.0184 8652  vmictimesync - ok
16:46:38.0184 8652  [ E4F5E83951810583FE8C2423772171DF ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
16:46:38.0184 8652  vmicvmsession - ok
16:46:38.0199 8652  [ DB7FB1DA7E1564EACBADD436191309C5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
16:46:38.0199 8652  vmicvss - ok
16:46:38.0199 8652  [ 708410755721F94FC8939673893C2E2B ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:46:38.0199 8652  volmgr - ok
16:46:38.0215 8652  [ 1514506CA7462A64DC38C48108DDBB45 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:46:38.0215 8652  volmgrx - ok
16:46:38.0231 8652  [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:46:38.0231 8652  volsnap - ok
16:46:38.0231 8652  [ 77FD1607F2C371ABD241EC7699C58884 ] volume          C:\WINDOWS\system32\drivers\volume.sys
16:46:38.0231 8652  volume - ok
16:46:38.0231 8652  [ CB90DACF9194DD9D60A2C1DBFBC1E0D1 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:46:38.0231 8652  vpci - ok
16:46:38.0246 8652  [ ED0B3436E1DE601C6C8EB86789AC8BAB ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:46:38.0246 8652  vsmraid - ok
16:46:38.0262 8652  [ C7053D974A35EAB81F153FF33C883613 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:46:38.0278 8652  VSS - ok
16:46:38.0278 8652  [ 3D706FBED35DF3B17809C6714F31F9B0 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:46:38.0293 8652  VSTXRAID - ok
16:46:38.0293 8652  [ 0B11DBB8173AD374D67893D54EBEE9F3 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:46:38.0293 8652  vwifibus - ok
16:46:38.0293 8652  [ 95540F74893235C189409C98643D7A77 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
16:46:38.0293 8652  vwififlt - ok
16:46:38.0309 8652  [ 4F904ADE8BECDFB48CBA3F44FC0676A1 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:46:38.0309 8652  W32Time - ok
16:46:38.0324 8652  [ 1C8447EFBC2B36B1CFE889E519F46A6E ] WaaSMedicSvc    C:\WINDOWS\System32\WaaSMedicSvc.dll
16:46:38.0324 8652  WaaSMedicSvc - ok
16:46:38.0324 8652  [ 87A01F65BD16C9FCCDD1B65F56CB93B0 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:46:38.0324 8652  WacomPen - ok
16:46:38.0340 8652  [ 25FAB8A2CFFA21FDB472AB3AE6C17A57 ] WalletService   C:\WINDOWS\system32\WalletService.dll
16:46:38.0340 8652  WalletService - ok
16:46:38.0340 8652  [ 85E187443F68F285DB78BD2279AE3701 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:46:38.0340 8652  wanarp - ok
16:46:38.0340 8652  [ 85E187443F68F285DB78BD2279AE3701 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:46:38.0340 8652  wanarpv6 - ok
16:46:38.0356 8652  [ 395447583F42FD840520EE87AE439D74 ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
16:46:38.0356 8652  WarpJITSvc - ok
16:46:38.0387 8652  [ 6E235F75DF84C387388D23D697D6540B ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:46:38.0387 8652  wbengine - ok
16:46:38.0434 8652  [ 4A9F35F16FDC5FEED34E10F02697CA1F ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:46:38.0449 8652  WbioSrvc - ok
16:46:38.0449 8652  [ 8A304D6CDC067922448CBA1EBB9FFCA8 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
16:46:38.0449 8652  wcifs - ok
16:46:38.0465 8652  [ 24E96C02CBCCFFDE8D5CB9E7509DE374 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:46:38.0481 8652  Wcmsvc - ok
16:46:38.0481 8652  [ B797B163EDCA46B5244F4E083BE7A7E7 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:46:38.0481 8652  wcncsvc - ok
16:46:38.0496 8652  [ FCA1B5465213EF4DE373A1F7E76D260E ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
16:46:38.0496 8652  wcnfs - ok
16:46:38.0496 8652  [ 9BD1C97BAED4B916C95D4E107B3D9812 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:46:38.0496 8652  WdBoot - ok
16:46:38.0512 8652  [ 152926023B401D1F5F8852929572F5C3 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:46:38.0527 8652  Wdf01000 - ok
16:46:38.0527 8652  [ D25D9930BFD78A09B8FD4A7504C6F57A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:46:38.0527 8652  WdFilter - ok
16:46:38.0543 8652  [ 067D1A81B4708CA97523709FDF57B728 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:46:38.0543 8652  WdiServiceHost - ok
16:46:38.0637 8652  [ 067D1A81B4708CA97523709FDF57B728 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:46:38.0637 8652  WdiSystemHost - ok
16:46:38.0653 8652  [ 5DDA2C4B9AAED51E73DD6D580406F07A ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
16:46:38.0653 8652  wdiwifi - ok
16:46:38.0668 8652  [ EAF4FB729E94561EE31BDE5BEF869C65 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
16:46:38.0668 8652  WdmCompanionFilter - ok
16:46:38.0668 8652  [ 54E97FEADEEFF973797EB878DC0D2850 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:46:38.0668 8652  WdNisDrv - ok
16:46:38.0668 8652  WdNisSvc - ok
16:46:38.0684 8652  [ BDCC510E85F7AF152E2DFF030A526EA2 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:46:38.0684 8652  WebClient - ok
16:46:38.0684 8652  [ 506F0A1CCABF4428733CF854BCBB6832 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:46:38.0699 8652  Wecsvc - ok
16:46:38.0699 8652  [ D8D727E8311C86B2A993A9006A453BAC ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:46:38.0699 8652  WEPHOSTSVC - ok
16:46:38.0699 8652  [ 30B4568D058E17500E7BF88AECEDF3F1 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:46:38.0715 8652  wercplsupport - ok
16:46:38.0715 8652  [ 5DDB06B07A60E7AEA69837931373C159 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:46:38.0715 8652  WerSvc - ok
16:46:38.0731 8652  [ 0427A785512BB39BEA530DC5367A9A03 ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
16:46:38.0746 8652  WFDSConMgrSvc - ok
16:46:38.0746 8652  [ EB0B154F12F78DE232F38EF61BCDEEA2 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
16:46:38.0746 8652  WFPLWFS - ok
16:46:38.0746 8652  [ 752F5931696914DF2EC0B27275C38458 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:46:38.0762 8652  WiaRpc - ok
16:46:38.0762 8652  [ 3AE28A996C9EB8A6F2AC12BC55035126 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:46:38.0762 8652  WIMMount - ok
16:46:38.0762 8652  WinDefend - ok
16:46:38.0762 8652  [ 2BB82BABE32D41F430D290239ABC0E87 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
16:46:38.0762 8652  WindowsTrustedRT - ok
16:46:38.0778 8652  [ 5F0EDDA201630E132C2251BC9DA85023 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
16:46:38.0778 8652  WindowsTrustedRTProxy - ok
16:46:38.0793 8652  [ 939AA47A32AFE2BC17EB39FB2ED1DDC2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:46:38.0793 8652  WinHttpAutoProxySvc - ok
16:46:38.0793 8652  [ 762D8D839C44C5A0BE0449AA84034522 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
16:46:38.0809 8652  WinMad - ok
16:46:38.0809 8652  [ 72D83880FEF0C788C5F305F330744208 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:46:38.0809 8652  Winmgmt - ok
16:46:38.0824 8652  [ 48194110C410B335AC985D9194275A1C ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
16:46:38.0824 8652  WinNat - ok
16:46:38.0856 8652  [ C57185CC62AA13E4F5A989D904CC9A16 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:46:38.0871 8652  WinRM - ok
16:46:38.0871 8652  [ 6FA3D810FE082001B16ADE19829F1E8E ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
16:46:38.0871 8652  WINUSB - ok
16:46:38.0871 8652  [ D2D6DB37E06608A5AF5B68D8E677B219 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
16:46:38.0871 8652  WinVerbs - ok
16:46:38.0887 8652  [ 08BEB7851B4B8AA07325C23A657233F1 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
16:46:38.0902 8652  wisvc - ok
16:46:38.0934 8652  [ 2490E373EC18869BA4FE435CFDE3ADEE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:46:38.0934 8652  WlanSvc - ok
16:46:38.0981 8652  [ 28A32E1F7A46A833DE104EF43E389F5F ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:46:38.0996 8652  wlidsvc - ok
16:46:39.0012 8652  [ 59F6A50CD336D0ADD22E3F1FC0D73957 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
16:46:39.0027 8652  wlpasvc - ok
16:46:39.0027 8652  [ EAEF2A087812BB7110C744446AB731D5 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:46:39.0027 8652  WmiAcpi - ok
16:46:39.0027 8652  [ ABAC310F5E01CBA9B33AE694F99D0977 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:46:39.0027 8652  wmiApSrv - ok
16:46:39.0043 8652  WMPNetworkSvc - ok
16:46:39.0043 8652  [ E122AD60BF4D7E4B28CCBABF33B28C1F ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
16:46:39.0043 8652  Wof - ok
16:46:39.0059 8652  [ 0D3303BDBC591ECF113601D7853A1AA7 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:46:39.0074 8652  workfolderssvc - ok
16:46:39.0090 8652  [ 58DA02D34C964C00AF9140C07CCFF8F0 ] WpcMonSvc       C:\WINDOWS\System32\WpcDesktopMonSvc.dll
16:46:39.0106 8652  WpcMonSvc - ok
16:46:39.0121 8652  [ 7412ECE8BD5590881FA9780B68BD70C5 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:46:39.0121 8652  WPDBusEnum - ok
16:46:39.0121 8652  [ 15C1131EA0216F799C86B03EDAE0BE45 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:46:39.0121 8652  WpdUpFltr - ok
16:46:39.0137 8652  [ 096969606BB5C4822AB020081EA07FC5 ] WpnService      C:\WINDOWS\system32\WpnService.dll
16:46:39.0137 8652  WpnService - ok
16:46:39.0137 8652  [ 8B694BC50D2D2B98311283CFE5B40EE6 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
16:46:39.0137 8652  WpnUserService - ok
16:46:39.0152 8652  [ C1C2E769FCD3B00A59FF876FB2AD4336 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:46:39.0152 8652  ws2ifsl - ok
16:46:39.0152 8652  [ DCB549367EB94CD8AFAA28E3F77F6493 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:46:39.0152 8652  wscsvc - ok
16:46:39.0152 8652  WSearch - ok
16:46:39.0184 8652  [ 63C79AD0202728F4608757340B7D602B ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:46:39.0199 8652  wuauserv - ok
16:46:39.0215 8652  [ 813DC18CC654CFB1875074139B0FEFD3 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:46:39.0215 8652  WudfPf - ok
16:46:39.0215 8652  [ FB64BAD6DEDB27EA39B03685AC0A8EB4 ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
16:46:39.0215 8652  WUDFRd - ok
16:46:39.0231 8652  [ FB64BAD6DEDB27EA39B03685AC0A8EB4 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:46:39.0231 8652  WUDFWpdMtp - ok
16:46:39.0262 8652  [ FAFE3B08208AA28C82BC42731B4EEBE8 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:46:39.0277 8652  WwanSvc - ok
16:46:39.0277 8652  [ 51D3A1E2285E2E931A553281BBA10E81 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
16:46:39.0293 8652  xbgm - ok
16:46:39.0309 8652  [ DB952AD196A9548CF5235A71E5197F3F ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
16:46:39.0324 8652  XblAuthManager - ok
16:46:39.0340 8652  [ 8C0DD7BFFF5A81AEC26AD720057F5451 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
16:46:39.0355 8652  XblGameSave - ok
16:46:39.0371 8652  [ 93352403D9E6B71C275996690672488F ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
16:46:39.0371 8652  xboxgip - ok
16:46:39.0371 8652  [ C7FEC5C0377E5598BA919B29731CA45F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
16:46:39.0371 8652  XboxGipSvc - ok
16:46:39.0387 8652  [ 3A94BD93CD2D9C34725D924230B502A5 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
16:46:39.0402 8652  XboxNetApiSvc - ok
16:46:39.0402 8652  [ CE1F78B5C1F14F74242008B2B3153FA2 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
16:46:39.0402 8652  xinputhid - ok
16:46:39.0402 8652  ================ Scan global ===============================
16:46:39.0418 8652  [ 44D259E3B8F950D123CBE21893CEF1AB ] C:\WINDOWS\system32\basesrv.dll
16:46:39.0418 8652  [ 1C346B5D7E5336246604A9FCFCB092BC ] C:\WINDOWS\system32\winsrv.dll
16:46:39.0418 8652  [ FE8D1AB6D6711BE791A01C17EDEBD0D6 ] C:\WINDOWS\system32\sxssrv.dll
16:46:39.0434 8652  [ E2F4C75AFA20E742DE1B70372F15DCD7 ] C:\WINDOWS\system32\services.exe
16:46:39.0434 8652  [Global] - ok
16:46:39.0434 8652  ================ Scan MBR ==================================
16:46:39.0434 8652  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:46:39.0434 8652  \Device\Harddisk0\DR0 - ok
16:46:39.0434 8652  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:46:39.0465 8652  \Device\Harddisk1\DR1 - ok
16:46:39.0465 8652  ================ Scan VBR ==================================
16:46:39.0465 8652  [ 0D2C5EF81C38F24D88E43363419331AE ] \Device\Harddisk0\DR0\Partition1
16:46:39.0465 8652  \Device\Harddisk0\DR0\Partition1 - ok
16:46:39.0465 8652  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
16:46:39.0465 8652  \Device\Harddisk0\DR0\Partition2 - ok
16:46:39.0465 8652  [ 9E5E54969CE0A91E7353DBE405DD90CF ] \Device\Harddisk0\DR0\Partition3
16:46:39.0465 8652  \Device\Harddisk0\DR0\Partition3 - ok
16:46:39.0480 8652  [ 03C1BCC7EB5A8EAFF0EC6F6D7C5F5F6E ] \Device\Harddisk0\DR0\Partition4
16:46:39.0480 8652  \Device\Harddisk0\DR0\Partition4 - ok
16:46:39.0480 8652  [ 5F7C0EC8E57A2C7A6C3401FA49FC79DA ] \Device\Harddisk1\DR1\Partition1
16:46:39.0480 8652  \Device\Harddisk1\DR1\Partition1 - ok
16:46:39.0480 8652  ================ Scan active images ========================
16:46:39.0480 8652  [ FFADF87E4B64A99EDCF1B027F1B8C3E6 ] C:\Windows\System32\drivers\crashdmp.sys
16:46:39.0480 8652  C:\Windows\System32\drivers\crashdmp.sys - ok
16:46:39.0480 8652  [ 5368487FF3DCBCC1CE8B71D9FDD23E6F ] C:\Windows\System32\drivers\Diskdump.sys
16:46:39.0480 8652  C:\Windows\System32\drivers\Diskdump.sys - ok
16:46:39.0480 8652  [ 8838DD1B42DEBE10606A5BC42505896D ] C:\Windows\System32\drivers\dumpfve.sys
16:46:39.0480 8652  C:\Windows\System32\drivers\dumpfve.sys - ok
16:46:39.0490 8652  [ F2D1983C7BEF5E3AB8978A7796C59A75 ] C:\Windows\System32\drivers\storahci.sys
16:46:39.0490 8652  C:\Windows\System32\drivers\storahci.sys - ok
16:46:39.0490 8652  [ EDACB2E87B20A35D0649129D1079EB90 ] C:\Windows\System32\drivers\aswSP.sys
16:46:39.0490 8652  C:\Windows\System32\drivers\aswSP.sys - ok
16:46:39.0490 8652  [ 6834DBBA2A1DBA5B9B6360D0B9A3CBB5 ] C:\Windows\System32\drivers\cdrom.sys
16:46:39.0490 8652  C:\Windows\System32\drivers\cdrom.sys - ok
16:46:39.0490 8652  [ 284DF8EA5F144A1749FEA5599B1481A3 ] C:\Windows\System32\drivers\aswSnx.sys
16:46:39.0490 8652  C:\Windows\System32\drivers\aswSnx.sys - ok
16:46:39.0490 8652  [ 5E5486E4F5278C09C6E9E1FD7001AE1A ] C:\Windows\System32\drivers\ks.sys
16:46:39.0490 8652  C:\Windows\System32\drivers\ks.sys - ok
16:46:39.0499 8652  [ 9BC7FE262AF52B341048234809AA7D91 ] C:\Windows\System32\drivers\filecrypt.sys
16:46:39.0499 8652  C:\Windows\System32\drivers\filecrypt.sys - ok
16:46:39.0499 8652  [ 024A1314D336535FA71CB910093BDDCD ] C:\Windows\System32\drivers\tbs.sys
16:46:39.0499 8652  C:\Windows\System32\drivers\tbs.sys - ok
16:46:39.0499 8652  [ 9B068DF7B7B3DDF768D06DFD69B49FD0 ] C:\Windows\System32\drivers\beep.sys
16:46:39.0499 8652  C:\Windows\System32\drivers\beep.sys - ok
16:46:39.0499 8652  [ C029E5408EEE26C3B4E5BA5D29738DB8 ] C:\Windows\System32\drivers\null.sys
16:46:39.0499 8652  C:\Windows\System32\drivers\null.sys - ok
16:46:39.0499 8652  [ D9042C419B7B7BFB9F9ECAB3CDC982EF ] C:\Windows\System32\drivers\vmbkmclr.sys
16:46:39.0499 8652  C:\Windows\System32\drivers\vmbkmclr.sys - ok
16:46:39.0499 8652  [ A5E8D8F761CCF756E87A1A0F540C82BD ] C:\Windows\System32\drivers\watchdog.sys
16:46:39.0499 8652  C:\Windows\System32\drivers\watchdog.sys - ok
16:46:39.0509 8652  [ 8FF323926AAF82B04CCE7DD4FAA17990 ] C:\Windows\System32\drivers\dxgkrnl.sys
16:46:39.0509 8652  C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:46:39.0509 8652  [ FA4973E379E872C61D0CF4E39F807833 ] C:\Windows\System32\drivers\BasicDisplay.sys
16:46:39.0509 8652  C:\Windows\System32\drivers\BasicDisplay.sys - ok
16:46:39.0512 8652  [ F024B80EA0076A318598DAB795F9C3D0 ] C:\Windows\System32\drivers\BasicRender.sys
16:46:39.0512 8652  C:\Windows\System32\drivers\BasicRender.sys - ok
16:46:39.0512 8652  [ 128E1D8C23F690DF1DD7AFDB214DB6ED ] C:\Windows\System32\drivers\msfs.sys
16:46:39.0512 8652  C:\Windows\System32\drivers\msfs.sys - ok
16:46:39.0512 8652  [ 7190932DB00BE83B57C01B5EAC4D746B ] C:\Windows\System32\drivers\npfs.sys
16:46:39.0512 8652  C:\Windows\System32\drivers\npfs.sys - ok
16:46:39.0512 8652  [ 045A018E0BA5F9B75C5928A31C0E822C ] C:\Windows\System32\drivers\netbt.sys
16:46:39.0512 8652  C:\Windows\System32\drivers\netbt.sys - ok
16:46:39.0518 8652  [ CB40F8B4DEB52C26EF005C1F94BFDC7B ] C:\Windows\System32\drivers\SeLow_x64.sys
16:46:39.0518 8652  C:\Windows\System32\drivers\SeLow_x64.sys - ok
16:46:39.0518 8652  [ D7F7C066EB676FE232C6E5C6282E8ACC ] C:\Windows\System32\drivers\tdi.sys
16:46:39.0518 8652  C:\Windows\System32\drivers\tdi.sys - ok
16:46:39.0518 8652  [ 16071C42E21CE3378FA449322FB9AB1D ] C:\Windows\System32\drivers\tdx.sys
16:46:39.0518 8652  C:\Windows\System32\drivers\tdx.sys - ok
16:46:39.0518 8652  [ 4DCCC3E02A22ED4A4ADB11386F226071 ] C:\Windows\System32\drivers\afd.sys
16:46:39.0518 8652  C:\Windows\System32\drivers\afd.sys - ok
16:46:39.0518 8652  [ F267095A11A461BEF39FB180750BE801 ] C:\Windows\System32\drivers\afunix.sys
16:46:39.0518 8652  C:\Windows\System32\drivers\afunix.sys - ok
16:46:39.0529 8652  [ 3ABF14B314E2D59D7CF8A51A8A1E2512 ] C:\Windows\System32\drivers\aswRdr2.sys
16:46:39.0529 8652  C:\Windows\System32\drivers\aswRdr2.sys - ok
16:46:39.0529 8652  [ DD09E3115DF2CDB36FED21E67149EB91 ] C:\Windows\System32\drivers\netbios.sys
16:46:39.0529 8652  C:\Windows\System32\drivers\netbios.sys - ok
16:46:39.0529 8652  [ E4BF8BE7B3711BCBBC95EE983C0236F4 ] C:\Windows\System32\drivers\pacer.sys
16:46:39.0529 8652  C:\Windows\System32\drivers\pacer.sys - ok
16:46:39.0529 8652  [ 95540F74893235C189409C98643D7A77 ] C:\Windows\System32\drivers\vwififlt.sys
16:46:39.0529 8652  C:\Windows\System32\drivers\vwififlt.sys - ok
16:46:39.0529 8652  [ 87463F1AE447874675F1CBB55CBF7136 ] C:\Windows\System32\drivers\csc.sys
16:46:39.0529 8652  C:\Windows\System32\drivers\csc.sys - ok
16:46:39.0529 8652  [ 5F7027A2F16AFF56DA68D996FAFDAAD8 ] C:\Windows\System32\drivers\rdbss.sys
16:46:39.0529 8652  C:\Windows\System32\drivers\rdbss.sys - ok
16:46:39.0539 8652  [ 8A1C10410FDA4287A76EC5A64371E221 ] C:\Windows\System32\drivers\dfsc.sys
16:46:39.0539 8652  C:\Windows\System32\drivers\dfsc.sys - ok
16:46:39.0539 8652  [ 508614CAC7BF8AEE4FB9002A413919B1 ] C:\Windows\System32\drivers\gpuenergydrv.sys
16:46:39.0539 8652  C:\Windows\System32\drivers\gpuenergydrv.sys - ok
16:46:39.0539 8652  [ 4566CB65F176CE5CD8FCA487D2E3A64B ] C:\Windows\System32\drivers\mssmbios.sys
16:46:39.0539 8652  C:\Windows\System32\drivers\mssmbios.sys - ok
16:46:39.0539 8652  [ 218DB396170D77BB94F69B526CC51B8F ] C:\Windows\System32\drivers\npsvctrig.sys
16:46:39.0539 8652  C:\Windows\System32\drivers\npsvctrig.sys - ok
16:46:39.0539 8652  [ A4952889D7C5804F17ABB9F454A371C2 ] C:\Windows\System32\drivers\nsiproxy.sys
16:46:39.0539 8652  C:\Windows\System32\drivers\nsiproxy.sys - ok
16:46:39.0539 8652  [ 8711386E9B04357F8F58166760759F3A ] C:\Windows\System32\drivers\dam.sys
16:46:39.0539 8652  C:\Windows\System32\drivers\dam.sys - ok
16:46:39.0549 8652  [ CE38CED74D85849BB2C9894DCA712615 ] C:\Windows\System32\drivers\fastfat.sys
16:46:39.0549 8652  C:\Windows\System32\drivers\fastfat.sys - ok
16:46:39.0549 8652  [ 776C7ACB23C0401A72C182271C57EE7F ] C:\Windows\System32\drivers\aswHdsKe.sys
16:46:39.0549 8652  C:\Windows\System32\drivers\aswHdsKe.sys - ok
16:46:39.0549 8652  [ 982FAA5686F67BFEF3E6094705C2621F ] C:\Windows\System32\drivers\bam.sys
16:46:39.0549 8652  C:\Windows\System32\drivers\bam.sys - ok
16:46:39.0549 8652  [ 0CD0F0C62414217DE9EA7EC8D425277E ] C:\Windows\System32\drivers\ahcache.sys
16:46:39.0549 8652  C:\Windows\System32\drivers\ahcache.sys - ok
16:46:39.0549 8652  [ 595363661DB3E50ACC4DE05B0215CC6F ] C:\Windows\System32\drivers\aswArPot.sys
16:46:39.0549 8652  C:\Windows\System32\drivers\aswArPot.sys - ok
16:46:39.0549 8652  [ 9B2020670A0B5E2BD37F8D07EEB13E11 ] C:\Windows\System32\drivers\aswbidsdrivera.sys
16:46:39.0549 8652  C:\Windows\System32\drivers\aswbidsdrivera.sys - ok
16:46:39.0559 8652  [ E40C99A3E0FFF49687F2187BF3E3050D ] C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
16:46:39.0559 8652  C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys - ok
16:46:39.0559 8652  [ E686C162145E6DDCA2B3B644004351FD ] C:\Windows\System32\drivers\Neo6_x64_VPN.sys
16:46:39.0559 8652  C:\Windows\System32\drivers\Neo6_x64_VPN.sys - ok
16:46:39.0559 8652  [ 5BBB86F3F1700E0ACE1DF10F0EF7B227 ] C:\Windows\System32\drivers\kdnic.sys
16:46:39.0559 8652  C:\Windows\System32\drivers\kdnic.sys - ok
16:46:39.0559 8652  [ 360FEE6F687D98EFFE46A5433FE6182E ] C:\Windows\System32\drivers\umbus.sys
16:46:39.0559 8652  C:\Windows\System32\drivers\umbus.sys - ok
16:46:39.0559 8652  [ 66ED27A828302B0E1FFF74DBB912A9DF ] C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys
16:46:39.0559 8652  C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys - ok
16:46:39.0559 8652  [ F5A8BE80C874F29C0E15BFECF9DC6D68 ] C:\Windows\System32\drivers\drmk.sys
16:46:39.0559 8652  C:\Windows\System32\drivers\drmk.sys - ok
16:46:39.0569 8652  [ 92BF31CB990D9F7EB67ABD14AF18984D ] C:\Windows\System32\drivers\portcls.sys
16:46:39.0569 8652  C:\Windows\System32\drivers\portcls.sys - ok
16:46:39.0569 8652  [ DED74127C7A2266715C0B8EA2EE75214 ] C:\Windows\System32\drivers\hdaudbus.sys
16:46:39.0569 8652  C:\Windows\System32\drivers\hdaudbus.sys - ok
16:46:39.0569 8652  [ 9F4CCFCD4B4C6008C940510E43D54AEC ] C:\Windows\System32\drivers\USBXHCI.SYS
16:46:39.0569 8652  C:\Windows\System32\drivers\USBXHCI.SYS - ok
16:46:39.0569 8652  [ 3484F25E401832D1143CEA73EFFFDF33 ] C:\Windows\System32\drivers\TeeDriverW8x64.sys
16:46:39.0569 8652  C:\Windows\System32\drivers\TeeDriverW8x64.sys - ok
16:46:39.0569 8652  [ EE62D07172014C8BBE7C80A3AAF56E8F ] C:\Windows\System32\drivers\Ucx01000.sys
16:46:39.0569 8652  C:\Windows\System32\drivers\Ucx01000.sys - ok
16:46:39.0569 8652  [ 813DC18CC654CFB1875074139B0FEFD3 ] C:\Windows\System32\drivers\WUDFPf.sys
16:46:39.0569 8652  C:\Windows\System32\drivers\WUDFPf.sys - ok
16:46:39.0578 8652  [ 3D1460D459048E469D4EE506833FF0DE ] C:\Windows\System32\drivers\asmtxhci.sys
16:46:39.0578 8652  C:\Windows\System32\drivers\asmtxhci.sys - ok
16:46:39.0578 8652  [ CDFEB3E0BD19C285AEDB4CE24B1A7AA2 ] C:\Windows\System32\drivers\e2xw10x64.sys
16:46:39.0578 8652  C:\Windows\System32\drivers\e2xw10x64.sys - ok
16:46:39.0578 8652  [ 2CEF9DEB97B2CA327175EE8AD5F195A1 ] C:\Windows\System32\drivers\intelppm.sys
16:46:39.0578 8652  C:\Windows\System32\drivers\intelppm.sys - ok
16:46:39.0578 8652  [ 1845736FA47A1DFBBB642FE21095B4E0 ] C:\Windows\System32\drivers\serenum.sys
16:46:39.0578 8652  C:\Windows\System32\drivers\serenum.sys - ok
16:46:39.0578 8652  [ F1BABF50469041797ED9928C31318832 ] C:\Windows\System32\drivers\serial.sys
16:46:39.0578 8652  C:\Windows\System32\drivers\serial.sys - ok
16:46:39.0578 8652  [ 54255DF324C621A97220EBFA832237D2 ] C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
16:46:39.0578 8652  C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys - ok
16:46:39.0589 8652  [ 1F2EC25DA23D1DF3ADA12FE5A26D321C ] C:\Windows\System32\drivers\acpipagr.sys
16:46:39.0589 8652  C:\Windows\System32\drivers\acpipagr.sys - ok
16:46:39.0589 8652  [ A6F294B38F3DFB67D6B6E1D1E60A402A ] C:\Windows\System32\drivers\LGBusEnum.sys
16:46:39.0589 8652  C:\Windows\System32\drivers\LGBusEnum.sys - ok
16:46:39.0589 8652  [ A76D79B71300EB3FEDD3D12D4C6F1D76 ] C:\Windows\System32\drivers\NdisVirtualBus.sys
16:46:39.0589 8652  C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
16:46:39.0589 8652  [ D30AF38971B6670C222250AC2CBB6227 ] C:\Windows\System32\drivers\uefi.sys
16:46:39.0589 8652  C:\Windows\System32\drivers\uefi.sys - ok
16:46:39.0589 8652  [ EAEF2A087812BB7110C744446AB731D5 ] C:\Windows\System32\drivers\wmiacpi.sys
16:46:39.0589 8652  C:\Windows\System32\drivers\wmiacpi.sys - ok
16:46:39.0589 8652  [ 2A9F60E6531F42B31874618743037719 ] C:\Windows\System32\drivers\LGJoyXlCore.sys
16:46:39.0589 8652  C:\Windows\System32\drivers\LGJoyXlCore.sys - ok
16:46:39.0599 8652  [ 206AB796793FDBD518B82E2F308A7176 ] C:\Windows\System32\drivers\rdpbus.sys
16:46:39.0599 8652  C:\Windows\System32\drivers\rdpbus.sys - ok
16:46:39.0599 8652  [ 10F2EBC1F1C4549C355781715DE47B66 ] C:\Windows\System32\drivers\ksthunk.sys
16:46:39.0599 8652  C:\Windows\System32\drivers\ksthunk.sys - ok
16:46:39.0599 8652  [ 8DE05D2A2C15D1A42F7BA85A819DEE0C ] C:\Windows\System32\drivers\nvhda64v.sys
16:46:39.0599 8652  C:\Windows\System32\drivers\nvhda64v.sys - ok
16:46:39.0599 8652  [ 8E3AF4DAE50A877A8D1EDDBC2FFAE7F1 ] C:\Windows\System32\drivers\usbd.sys
16:46:39.0599 8652  C:\Windows\System32\drivers\usbd.sys - ok
16:46:39.0599 8652  [ D1F6348F41DFCE25AA918E38F02E80FD ] C:\Windows\System32\drivers\USBHUB3.SYS
16:46:39.0599 8652  C:\Windows\System32\drivers\USBHUB3.SYS - ok
16:46:39.0609 8652  [ 77BC351C9DE23DEC2634A3BEA8605A26 ] C:\Windows\System32\drivers\RTKVHD64.sys
16:46:39.0609 8652  C:\Windows\System32\drivers\RTKVHD64.sys - ok
16:46:39.0609 8652  [ 09532388775FD69DC707FCACED2C3C46 ] C:\Windows\System32\ntdll.dll
16:46:39.0609 8652  C:\Windows\System32\ntdll.dll - ok
16:46:39.0609 8652  [ C2C989B9EC32183A7BAF5C0D59A57042 ] C:\Windows\System32\smss.exe
16:46:39.0609 8652  C:\Windows\System32\smss.exe - ok
16:46:39.0609 8652  [ A112FB218386B213F4EE777A0DBE9078 ] C:\Windows\System32\clbcatq.dll
16:46:39.0609 8652  C:\Windows\System32\clbcatq.dll - ok
16:46:39.0609 8652  [ A8565440629AC87F6FEF7D588FE3FF0F ] C:\Windows\System32\kernel32.dll
16:46:39.0609 8652  C:\Windows\System32\kernel32.dll - ok
16:46:39.0609 8652  [ 9345A5D3801ABE2909CB8CE8D6D90D79 ] C:\Windows\System32\imm32.dll
16:46:39.0609 8652  C:\Windows\System32\imm32.dll - ok
16:46:39.0619 8652  [ 3240660978238C3D32B696F1AF17B9C2 ] C:\Windows\System32\normaliz.dll
16:46:39.0619 8652  C:\Windows\System32\normaliz.dll - ok
16:46:39.0619 8652  [ 9A088FEF6EFA3F08C3C9740DAA3E18E3 ] C:\Windows\System32\psapi.dll
16:46:39.0619 8652  C:\Windows\System32\psapi.dll - ok
16:46:39.0619 8652  [ 5DA293FE9BBABDEF5B3874A137BA86CD ] C:\Windows\System32\Wldap32.dll
16:46:39.0619 8652  C:\Windows\System32\Wldap32.dll - ok
16:46:39.0619 8652  [ 67298566185893C864A5F99B5CF9E812 ] C:\Windows\System32\imagehlp.dll
16:46:39.0619 8652  C:\Windows\System32\imagehlp.dll - ok
16:46:39.0619 8652  [ F85A54EF8C33283A67C708D132ED285E ] C:\Windows\System32\rpcrt4.dll
16:46:39.0619 8652  C:\Windows\System32\rpcrt4.dll - ok
16:46:39.0619 8652  [ 020A9BAA6A9619828EAB9E37C3634292 ] C:\Windows\System32\ole32.dll
16:46:39.0619 8652  C:\Windows\System32\ole32.dll - ok
16:46:39.0619 8652  [ FDBC4DD8B471A40C84A791B4EB717E76 ] C:\Windows\System32\comdlg32.dll
16:46:39.0619 8652  C:\Windows\System32\comdlg32.dll - ok
16:46:39.0629 8652  [ 6D261B1A4D49017DA9318F90FC34BE99 ] C:\Windows\System32\gdi32.dll
16:46:39.0629 8652  C:\Windows\System32\gdi32.dll - ok
16:46:39.0629 8652  [ 1543093243BB1BA5A4AA04C5D6FAE61C ] C:\Windows\System32\GdiPlus.dll
16:46:39.0629 8652  C:\Windows\System32\GdiPlus.dll - ok
16:46:39.0633 8652  [ 705D925E09FE59BB92C724E3BA19E6DD ] C:\Windows\System32\nsi.dll
16:46:39.0633 8652  C:\Windows\System32\nsi.dll - ok
16:46:39.0633 8652  [ D7DCDD6B5B196DD04070D71B5F314E01 ] C:\Windows\System32\wow64.dll
16:46:39.0633 8652  C:\Windows\System32\wow64.dll - ok
16:46:39.0633 8652  [ B52200505767CD0819034CF220977439 ] C:\Windows\System32\combase.dll
16:46:39.0633 8652  C:\Windows\System32\combase.dll - ok
16:46:39.0633 8652  [ 1B795B9EC9E0EAADC5B37006BBE44646 ] C:\Windows\System32\user32.dll
16:46:39.0633 8652  C:\Windows\System32\user32.dll - ok
16:46:39.0639 8652  [ 135E5CB35361925CDF15771409B568E0 ] C:\Windows\System32\coml2.dll
16:46:39.0639 8652  C:\Windows\System32\coml2.dll - ok
16:46:39.0639 8652  [ E1B628CF831F2F98C10DF3B0D4F082F4 ] C:\Windows\System32\msctf.dll
16:46:39.0639 8652  C:\Windows\System32\msctf.dll - ok
16:46:39.0639 8652  [ 1C42957BC408691AAB592ADDC6E28FD6 ] C:\Windows\System32\difxapi.dll
16:46:39.0639 8652  C:\Windows\System32\difxapi.dll - ok
16:46:39.0639 8652  [ EA076D59080D11EBA0A2FD6356753B25 ] C:\Windows\System32\wow64win.dll
16:46:39.0639 8652  C:\Windows\System32\wow64win.dll - ok
16:46:39.0639 8652  [ 126F2CF178680E63CAB4944CFF7923A9 ] C:\Windows\System32\setupapi.dll
16:46:39.0639 8652  C:\Windows\System32\setupapi.dll - ok
16:46:39.0639 8652  [ 7E554D404ABFEA74D95FC8E2493BC816 ] C:\Windows\System32\shell32.dll
16:46:39.0639 8652  C:\Windows\System32\shell32.dll - ok
16:46:39.0649 8652  [ B7211393225AB05324C52BA47B31FEB4 ] C:\Windows\System32\drivers\usbccgp.sys
16:46:39.0649 8652  C:\Windows\System32\drivers\usbccgp.sys - ok
16:46:39.0649 8652  [ 7785E879A7BD6211F48597007F948813 ] C:\Windows\System32\drivers\hidclass.sys
16:46:39.0649 8652  C:\Windows\System32\drivers\hidclass.sys - ok
16:46:39.0649 8652  [ CB05373229E47EA590BBD9094954ECD0 ] C:\Windows\System32\drivers\hidparse.sys
16:46:39.0649 8652  C:\Windows\System32\drivers\hidparse.sys - ok
16:46:39.0649 8652  [ 6E3FB2047B8AE72E1B5F1C00A5F3E475 ] C:\Windows\System32\drivers\hidusb.sys
16:46:39.0649 8652  C:\Windows\System32\drivers\hidusb.sys - ok
16:46:39.0649 8652  [ 843B4BBD15DD0340C5C293CD419D4A76 ] C:\Windows\System32\drivers\kbdhid.sys
16:46:39.0649 8652  C:\Windows\System32\drivers\kbdhid.sys - ok
16:46:39.0649 8652  [ 17F3B012B28F27E7B813A7B037A3D790 ] C:\Windows\System32\drivers\kbdclass.sys
16:46:39.0649 8652  C:\Windows\System32\drivers\kbdclass.sys - ok
16:46:39.0659 8652  [ F3EB0301BED3C4586CEF27A2BA1C50B3 ] C:\Windows\System32\drivers\asmthub3.sys
16:46:39.0659 8652  C:\Windows\System32\drivers\asmthub3.sys - ok
16:46:39.0659 8652  [ 21BE8ADE4C4E04D0819CAC1E6FA1DBE9 ] C:\Windows\System32\advapi32.dll
16:46:39.0659 8652  C:\Windows\System32\advapi32.dll - ok
16:46:39.0663 8652  [ 84FFC6D8ADAD402EEDC73825C9986676 ] C:\Windows\System32\wow64cpu.dll
16:46:39.0663 8652  C:\Windows\System32\wow64cpu.dll - ok
16:46:39.0663 8652  [ 6013120B6B147B2584927639EE70FB4F ] C:\Windows\System32\ws2_32.dll
16:46:39.0663 8652  C:\Windows\System32\ws2_32.dll - ok
16:46:39.0663 8652  [ E3A829C37CA00C58F04F495E22D333E9 ] C:\Windows\System32\oleaut32.dll
16:46:39.0663 8652  C:\Windows\System32\oleaut32.dll - ok
16:46:39.0663 8652  [ 9586E9DB1B741BD40131385D390212BA ] C:\Windows\System32\SHCore.dll
16:46:39.0663 8652  C:\Windows\System32\SHCore.dll - ok
16:46:39.0669 8652  [ 7FCD4654FC7F16FDA52848E2D0AAFA9D ] C:\Windows\System32\msvcrt.dll
16:46:39.0669 8652  C:\Windows\System32\msvcrt.dll - ok
16:46:39.0669 8652  [ E554BD0EB4C0E9A067633ED72AE33F6F ] C:\Windows\System32\sechost.dll
16:46:39.0669 8652  C:\Windows\System32\sechost.dll - ok
16:46:39.0669 8652  [ 9CE572A0B0916D680D148ED714E19B47 ] C:\Windows\System32\cfgmgr32.dll
16:46:39.0669 8652  C:\Windows\System32\cfgmgr32.dll - ok
16:46:39.0669 8652  [ 26961387EB5E1668F6D3E1453703F3DB ] C:\Windows\System32\shlwapi.dll
16:46:39.0669 8652  C:\Windows\System32\shlwapi.dll - ok
16:46:39.0669 8652  [ 5F374AF3C553740BC355CC391A2BA38A ] C:\Windows\System32\msvcp_win.dll
16:46:39.0669 8652  C:\Windows\System32\msvcp_win.dll - ok
16:46:39.0669 8652  [ 54BBAFF243BB3BA508317E1220EDF65D ] C:\Windows\System32\comctl32.dll
16:46:39.0669 8652  C:\Windows\System32\comctl32.dll - ok
16:46:39.0679 8652  [ B9351BE05D332DB2FE4F1D08D44BB343 ] C:\Windows\System32\ucrtbase.dll
16:46:39.0679 8652  C:\Windows\System32\ucrtbase.dll - ok
16:46:39.0679 8652  [ 5A33C4054AAB5888E3B65EBD8486D2B0 ] C:\Windows\System32\KernelBase.dll
16:46:39.0679 8652  C:\Windows\System32\KernelBase.dll - ok
16:46:39.0679 8652  [ 2E691444FED40DFD759DA0C8F0732999 ] C:\Windows\System32\windows.storage.dll
16:46:39.0679 8652  C:\Windows\System32\windows.storage.dll - ok
16:46:39.0679 8652  [ F3BBD0E5FCC48794DF55349F22FDB418 ] C:\Windows\System32\win32u.dll
16:46:39.0679 8652  C:\Windows\System32\win32u.dll - ok
16:46:39.0679 8652  [ E4D14C338D9381C91C3550901654B131 ] C:\Windows\System32\wintrust.dll
16:46:39.0679 8652  C:\Windows\System32\wintrust.dll - ok
16:46:39.0679 8652  [ 04B1E9B60F8ABDF718135BD62D8E554D ] C:\Windows\System32\crypt32.dll
16:46:39.0679 8652  C:\Windows\System32\crypt32.dll - ok
16:46:39.0689 8652  [ 0638EC5EA4825525169BB9531E1E34BF ] C:\Windows\System32\gdi32full.dll
16:46:39.0689 8652  C:\Windows\System32\gdi32full.dll - ok
16:46:39.0689 8652  [ 211D98BDF8BB67866F169DC23ECABA5B ] C:\Windows\System32\bcryptprimitives.dll
16:46:39.0689 8652  C:\Windows\System32\bcryptprimitives.dll - ok
16:46:39.0689 8652  [ 51E940608A78A627D5231F32E518F745 ] C:\Windows\System32\kernel.appcore.dll
16:46:39.0689 8652  C:\Windows\System32\kernel.appcore.dll - ok
16:46:39.0689 8652  [ 7658D29106996D3B2066728AF30D2BE6 ] C:\Windows\System32\powrprof.dll
16:46:39.0689 8652  C:\Windows\System32\powrprof.dll - ok
16:46:39.0689 8652  [ 2F0387C78880D60D1D8A2AC32E964F79 ] C:\Windows\System32\fltLib.dll
16:46:39.0689 8652  C:\Windows\System32\fltLib.dll - ok
16:46:39.0689 8652  [ 31F9783D0EC7C6ED7E7C1A964C4E3614 ] C:\Windows\System32\msasn1.dll
16:46:39.0689 8652  C:\Windows\System32\msasn1.dll - ok
16:46:39.0699 8652  [ 91E3CBB214F208C0C72B4B621180B70A ] C:\Windows\System32\profapi.dll
16:46:39.0699 8652  C:\Windows\System32\profapi.dll - ok
16:46:39.0699 8652  [ 3F72B28AD3FEEF72D2F998AE0D581F70 ] C:\Windows\System32\autochk.exe
16:46:39.0699 8652  C:\Windows\System32\autochk.exe - ok
16:46:39.0699 8652  [ 45A3B15DBB8575DB151ACC9CF853E854 ] C:\Windows\System32\win32kbase.sys
16:46:39.0699 8652  C:\Windows\System32\win32kbase.sys - ok
16:46:39.0699 8652  [ EFA1BC15C6822EE9CD9DDF538A401D6F ] C:\Windows\System32\win32kfull.sys
16:46:39.0699 8652  C:\Windows\System32\win32kfull.sys - ok
16:46:39.0699 8652  [ DA224D4C138A3ECA95C6C7976AC5D9F1 ] C:\Windows\System32\csrss.exe
16:46:39.0699 8652  C:\Windows\System32\csrss.exe - ok
16:46:39.0709 8652  [ B9FDA7CF5F22FF887076246C40FB6230 ] C:\Windows\System32\win32k.sys
16:46:39.0709 8652  C:\Windows\System32\win32k.sys - ok
16:46:39.0709 8652  [ 44D259E3B8F950D123CBE21893CEF1AB ] C:\Windows\System32\basesrv.dll
16:46:39.0709 8652  C:\Windows\System32\basesrv.dll - ok
16:46:39.0709 8652  [ 41B70067614C278B44D9D48DB2A02CBA ] C:\Windows\System32\csrsrv.dll
16:46:39.0709 8652  C:\Windows\System32\csrsrv.dll - ok
16:46:39.0709 8652  [ 1C346B5D7E5336246604A9FCFCB092BC ] C:\Windows\System32\winsrv.dll
16:46:39.0709 8652  C:\Windows\System32\winsrv.dll - ok
16:46:39.0709 8652  [ E38C0220B958F34F46F3168A7BB049A4 ] C:\Windows\System32\winsrvext.dll
16:46:39.0709 8652  C:\Windows\System32\winsrvext.dll - ok
16:46:39.0719 8652  [ A296B0EF7A8FDFDE9FCE22650A675B49 ] C:\Windows\System32\drivers\dxgmms2.sys
16:46:39.0719 8652  C:\Windows\System32\drivers\dxgmms2.sys - ok
16:46:39.0719 8652  [ 30DDBB55A8301A5DFE6CDC7EF604C4C9 ] C:\Windows\System32\drivers\AE2500w764.sys
16:46:39.0719 8652  C:\Windows\System32\drivers\AE2500w764.sys - ok
16:46:39.0729 8652  [ 0B11DBB8173AD374D67893D54EBEE9F3 ] C:\Windows\System32\drivers\vwifibus.sys
16:46:39.0729 8652  C:\Windows\System32\drivers\vwifibus.sys - ok
16:46:39.0732 8652  [ FE8D1AB6D6711BE791A01C17EDEBD0D6 ] C:\Windows\System32\sxssrv.dll
16:46:39.0732 8652  C:\Windows\System32\sxssrv.dll - ok
16:46:39.0739 8652  [ FABE7A58D9B6353E4B02116294B0A556 ] C:\Windows\System32\sspicli.dll
16:46:39.0739 8652  C:\Windows\System32\sspicli.dll - ok
16:46:39.0739 8652  [ 5C9CD98858C019E5CCDCEB3390050BE7 ] C:\Windows\System32\userenv.dll
16:46:39.0739 8652  C:\Windows\System32\userenv.dll - ok
16:46:39.0739 8652  [ A58B0CB069DA7840B935872ADCD7F0C2 ] C:\Windows\System32\wininit.exe
16:46:39.0739 8652  C:\Windows\System32\wininit.exe - ok
16:46:39.0739 8652  [ 137B0091D699AA32547C3945F908E095 ] C:\Windows\System32\wininitext.dll
16:46:39.0739 8652  C:\Windows\System32\wininitext.dll - ok
16:46:39.0739 8652  [ DFAA261F798DADD1EEBC83A085BE1FD2 ] C:\Windows\System32\KBDUS.DLL
16:46:39.0739 8652  C:\Windows\System32\KBDUS.DLL - ok
16:46:39.0739 8652  [ 8CE0687456548DEA5EB69D6A91AE6FC0 ] C:\Windows\System32\sxs.dll
16:46:39.0739 8652  C:\Windows\System32\sxs.dll - ok
16:46:39.0749 8652  [ 386F7CF4A07A9E8C3ADD9DE3F66C746A ] C:\Windows\System32\devobj.dll
16:46:39.0749 8652  C:\Windows\System32\devobj.dll - ok
16:46:39.0749 8652  [ A47A49B0C9495FDD56462C1A9318AAA9 ] C:\Windows\System32\EventAggregation.dll
16:46:39.0749 8652  C:\Windows\System32\EventAggregation.dll - ok
16:46:39.0749 8652  [ 88379487E80E3FA49AD41F295285E089 ] C:\Windows\System32\lsasrv.dll
16:46:39.0749 8652  C:\Windows\System32\lsasrv.dll - ok
16:46:39.0753 8652  [ 317340CD278A374BCEF6A30194557227 ] C:\Windows\System32\lsass.exe
16:46:39.0753 8652  C:\Windows\System32\lsass.exe - ok
16:46:39.0753 8652  [ E2F4C75AFA20E742DE1B70372F15DCD7 ] C:\Windows\System32\services.exe
16:46:39.0753 8652  C:\Windows\System32\services.exe - ok
16:46:39.0753 8652  [ 2F1A13D5002DE32F845FC1A1AE5F2667 ] C:\Windows\System32\samsrv.dll
16:46:39.0753 8652  C:\Windows\System32\samsrv.dll - ok
16:46:39.0753 8652  [ 7BAB54AC2F062D1843DC7BA0B4AF2B35 ] C:\Windows\System32\bcrypt.dll
16:46:39.0753 8652  C:\Windows\System32\bcrypt.dll - ok
16:46:39.0759 8652  [ 879E3B579F4046DBA005C37F3DB9E7FE ] C:\Windows\System32\ncrypt.dll
16:46:39.0759 8652  C:\Windows\System32\ncrypt.dll - ok
16:46:39.0759 8652  [ 2A51E2830531AC97AFB3324C2EC04082 ] C:\Windows\System32\ntasn1.dll
16:46:39.0759 8652  C:\Windows\System32\ntasn1.dll - ok
16:46:39.0762 8652  [ 6277E7EF5BFF7241E336B65587855A39 ] C:\Windows\System32\wldp.dll
16:46:39.0762 8652  C:\Windows\System32\wldp.dll - ok
16:46:39.0762 8652  [ 54750967F4CDA0ECE951CB3ECD43AC0C ] C:\Windows\System32\cryptbase.dll
16:46:39.0762 8652  C:\Windows\System32\cryptbase.dll - ok
16:46:39.0762 8652  [ 336C40FA6E69B15A54CA319448AAD7C1 ] C:\Windows\System32\cryptsp.dll
16:46:39.0762 8652  C:\Windows\System32\cryptsp.dll - ok
16:46:39.0762 8652  [ 7440EA3A62596288C350E4B82AF0D87A ] C:\Windows\System32\joinutil.dll
16:46:39.0762 8652  C:\Windows\System32\joinutil.dll - ok
16:46:39.0769 8652  [ 1F06B86C0D4E49A43613DA77BF868CA6 ] C:\Windows\System32\kerberos.dll
16:46:39.0769 8652  C:\Windows\System32\kerberos.dll - ok
16:46:39.0769 8652  [ B5FA83A5D590D5E52A96221F9D656762 ] C:\Windows\System32\msprivs.dll
16:46:39.0769 8652  C:\Windows\System32\msprivs.dll - ok
16:46:39.0769 8652  [ FB87EBC4D10D8BD71ECA994596B45A13 ] C:\Windows\System32\negoexts.dll
16:46:39.0769 8652  C:\Windows\System32\negoexts.dll - ok
16:46:39.0769 8652  [ 7D4025D803AFB4AE0EF1A9A3F2314697 ] C:\Windows\System32\netprovfw.dll
16:46:39.0769 8652  C:\Windows\System32\netprovfw.dll - ok
16:46:39.0769 8652  [ 07FB43B7CC0E659920D14F7EDAF502B8 ] C:\Windows\System32\cryptdll.dll
16:46:39.0769 8652  C:\Windows\System32\cryptdll.dll - ok
16:46:39.0769 8652  [ 0B08C2657B55ADA849D62D34FE81E150 ] C:\Windows\System32\KerbClientShared.dll
16:46:39.0769 8652  C:\Windows\System32\KerbClientShared.dll - ok
16:46:39.0769 8652  [ 68FA7E26636306C59A5C680862E4157E ] C:\Windows\System32\mswsock.dll
16:46:39.0769 8652  C:\Windows\System32\mswsock.dll - ok
16:46:39.0779 8652  [ 16F2E8F8AD26A67234C6A54F5DEF34F3 ] C:\Windows\System32\msv1_0.dll
16:46:39.0779 8652  C:\Windows\System32\msv1_0.dll - ok
16:46:39.0779 8652  [ 5EA9C4AE211AE1EB1D4A375C612E0AC4 ] C:\Windows\System32\netlogon.dll
16:46:39.0779 8652  C:\Windows\System32\netlogon.dll - ok
16:46:39.0779 8652  [ CA55C6538C537095A58EFA14F99A58AE ] C:\Windows\System32\NtlmShared.dll
16:46:39.0779 8652  C:\Windows\System32\NtlmShared.dll - ok
16:46:39.0779 8652  [ F4B9F200B9D7EBC8BD4C8E39F02A44E3 ] C:\Windows\System32\dnsapi.dll
16:46:39.0779 8652  C:\Windows\System32\dnsapi.dll - ok
16:46:39.0789 8652  [ 333154481DE31C481CF5A1A7CBB3C2C0 ] C:\Windows\System32\gmsaclient.dll
16:46:39.0789 8652  C:\Windows\System32\gmsaclient.dll - ok
16:46:39.0789 8652  [ 2A1AEF9C495604B25D9A111508C8749B ] C:\Windows\System32\IPHLPAPI.DLL
16:46:39.0789 8652  C:\Windows\System32\IPHLPAPI.DLL - ok
16:46:39.0789 8652  [ 76377E8A9DD63C40A19D7D84EF07B181 ] C:\Windows\System32\netutils.dll
16:46:39.0789 8652  C:\Windows\System32\netutils.dll - ok
16:46:39.0789 8652  [ 3D3D1D2D9BB3CA6B178460C36EF759F8 ] C:\Windows\System32\TSpkg.dll
16:46:39.0789 8652  C:\Windows\System32\TSpkg.dll - ok
16:46:39.0789 8652  [ AF8FB8FE370D76278B9113B3D3DD0A1E ] C:\Windows\System32\cloudAP.dll
16:46:39.0789 8652  C:\Windows\System32\cloudAP.dll - ok
16:46:39.0799 8652  [ E3EC73D7E787087BD3C2B53255328782 ] C:\Windows\System32\pku2u.dll
16:46:39.0799 8652  C:\Windows\System32\pku2u.dll - ok
16:46:39.0799 8652  [ 26FAB0FF0E7C78B18EAEF40C4693045D ] C:\Windows\System32\MicrosoftAccountCloudAP.dll
16:46:39.0799 8652  C:\Windows\System32\MicrosoftAccountCloudAP.dll - ok
16:46:39.0799 8652  [ 5015EBA00E2B1D3BB2559158F029D5EF ] C:\Windows\System32\dpapi.dll
16:46:39.0799 8652  C:\Windows\System32\dpapi.dll - ok
16:46:39.0799 8652  [ EAC236BBDB1865F315629EAE9CF1FD10 ] C:\Windows\System32\rsaenh.dll
16:46:39.0799 8652  C:\Windows\System32\rsaenh.dll - ok
16:46:39.0799 8652  [ 86EE7EED17C9385B73AA6101E6481534 ] C:\Windows\System32\schannel.dll
16:46:39.0799 8652  C:\Windows\System32\schannel.dll - ok
16:46:39.0809 8652  [ 18DD09E054E34752E461F869B50F9B3A ] C:\Windows\System32\wdigest.dll
16:46:39.0809 8652  C:\Windows\System32\wdigest.dll - ok
16:46:39.0809 8652  [ 9455C42505ABA9DAE97F7D5F507B2570 ] C:\Windows\System32\cdd.dll
16:46:39.0809 8652  C:\Windows\System32\cdd.dll - ok
16:46:39.0809 8652  [ C8342384ACF25CCEF9203B8763B6734D ] C:\Windows\System32\dpapisrv.dll
16:46:39.0809 8652  C:\Windows\System32\dpapisrv.dll - ok
16:46:39.0809 8652  [ 88E40584A9E76006D16FE2C599640237 ] C:\Windows\System32\efslsaext.dll
16:46:39.0809 8652  C:\Windows\System32\efslsaext.dll - ok
16:46:39.0809 8652  [ 92C4AD1443CFAFA2DBDECC5F5281EC0D ] C:\Windows\System32\sspisrv.dll
16:46:39.0809 8652  C:\Windows\System32\sspisrv.dll - ok
16:46:39.0809 8652  [ 3BA79A3504C3D257CA1006B17EC4640C ] C:\Windows\System32\authz.dll
16:46:39.0809 8652  C:\Windows\System32\authz.dll - ok
16:46:39.0819 8652  [ 2C5F17D173FE45F552E7BAC2A68A75E6 ] C:\Windows\System32\credssp.dll
16:46:39.0819 8652  C:\Windows\System32\credssp.dll - ok
16:46:39.0819 8652  [ 5A81C00BE1E008F28B2759A3F000C494 ] C:\Windows\System32\kdcpw.dll
16:46:39.0819 8652  C:\Windows\System32\kdcpw.dll - ok
16:46:39.0819 8652  [ 85C7E6554469AE7E185DEB3E56225D3E ] C:\Windows\System32\scecli.dll
16:46:39.0819 8652  C:\Windows\System32\scecli.dll - ok
16:46:39.0819 8652  [ 68461ED19F24A25ABBAC101D049B17BC ] C:\Windows\System32\scesrv.dll
16:46:39.0819 8652  C:\Windows\System32\scesrv.dll - ok
16:46:39.0819 8652  [ EE5E894DCA9643EDE06BFEB83D3E8657 ] C:\Windows\System32\ntmarta.dll
16:46:39.0819 8652  C:\Windows\System32\ntmarta.dll - ok
16:46:39.0819 8652  [ CB3CE69534CC1D98EC840FBFC334226B ] C:\Windows\System32\profext.dll
16:46:39.0819 8652  C:\Windows\System32\profext.dll - ok
16:46:39.0819 8652  [ 32569E403279B3FD2EDB7EBD036273FA ] C:\Windows\System32\svchost.exe
16:46:39.0819 8652  C:\Windows\System32\svchost.exe - ok
16:46:39.0829 8652  [ 57200098CF98DF240F92294693EA77BD ] C:\Windows\System32\winsta.dll
16:46:39.0829 8652  C:\Windows\System32\winsta.dll - ok
16:46:39.0829 8652  [ 2E4E8415E1DA8FC88A8A6A42FAD56FBF ] C:\Windows\System32\WUDFPlatform.dll
16:46:39.0829 8652  C:\Windows\System32\WUDFPlatform.dll - ok
16:46:39.0829 8652  [ A09EC1AA902602F1316C5B7DBEFA374E ] C:\Windows\System32\FirewallAPI.dll
16:46:39.0829 8652  C:\Windows\System32\FirewallAPI.dll - ok
16:46:39.0829 8652  [ 4578209AD8A89EC2B54752F12B11ABCC ] C:\Windows\System32\fwbase.dll
16:46:39.0829 8652  C:\Windows\System32\fwbase.dll - ok
16:46:39.0829 8652  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8 ] C:\Windows\System32\umpnpmgr.dll
16:46:39.0829 8652  C:\Windows\System32\umpnpmgr.dll - ok
16:46:39.0829 8652  [ F39D3876C731BB01BFE8F574188837C8 ] C:\Windows\System32\umpo.dll
16:46:39.0829 8652  C:\Windows\System32\umpo.dll - ok
16:46:39.0839 8652  [ 31113981180E69C2773BCADA4051738A ] C:\Windows\System32\fontdrvhost.exe
16:46:39.0839 8652  C:\Windows\System32\fontdrvhost.exe - ok
16:46:39.0839 8652  [ 6821846712AFE879B15F3E26AEF6E33C ] C:\Windows\System32\slc.dll
16:46:39.0839 8652  C:\Windows\System32\slc.dll - ok
16:46:39.0839 8652  [ A029A29DFE54CCB4FCBE3A2296B0C758 ] C:\Windows\System32\sppc.dll
16:46:39.0839 8652  C:\Windows\System32\sppc.dll - ok
16:46:39.0839 8652  [ FEBFAC86943590AA565F7667E5E399EE ] C:\Windows\System32\umpoext.dll
16:46:39.0839 8652  C:\Windows\System32\umpoext.dll - ok
16:46:39.0839 8652  [ 3E56F9D58EBBB1B33E31B86267DBECFC ] C:\Windows\System32\winlogon.exe
16:46:39.0839 8652  C:\Windows\System32\winlogon.exe - ok
16:46:39.0839 8652  [ 1CB14C76F967E5279779C19BDCC2C3A2 ] C:\Windows\System32\dxgi.dll
16:46:39.0839 8652  C:\Windows\System32\dxgi.dll - ok
16:46:39.0849 8652  [ EB3E23649D0AC5C0989F69F2C165FA3F ] C:\Windows\System32\mintdh.dll
16:46:39.0849 8652  C:\Windows\System32\mintdh.dll - ok
16:46:39.0849 8652  [ 2D6333EA870DDB77BA06F985CEDE039B ] C:\Windows\System32\tdh.dll
16:46:39.0849 8652  C:\Windows\System32\tdh.dll - ok
16:46:39.0852 8652  [ FFAB7B0F987092F8B34FA1AC1086A95A ] C:\Windows\System32\gpapi.dll
16:46:39.0852 8652  C:\Windows\System32\gpapi.dll - ok
16:46:39.0852 8652  [ FEE602DE563041D8E99A91D8BE7C5F03 ] C:\Windows\System32\umpo-overrides.dll
16:46:39.0852 8652  C:\Windows\System32\umpo-overrides.dll - ok
16:46:39.0852 8652  [ 7649CED3E0B6F4BD56B041752E808984 ] C:\Windows\System32\hid.dll
16:46:39.0852 8652  C:\Windows\System32\hid.dll - ok
16:46:39.0852 8652  [ 107661923943E9DC06ED2713AC5F7753 ] C:\Windows\System32\rpcss.dll
16:46:39.0852 8652  C:\Windows\System32\rpcss.dll - ok
16:46:39.0859 8652  [ 3CD63AE6A9A1DE4CD5831AE15221C861 ] C:\Windows\System32\RpcEpMap.dll
16:46:39.0859 8652  C:\Windows\System32\RpcEpMap.dll - ok
16:46:39.0859 8652  [ 19B8F4CD6D680E4A1831C6B52534E479 ] C:\Windows\System32\RpcRtRemote.dll
16:46:39.0859 8652  C:\Windows\System32\RpcRtRemote.dll - ok
16:46:39.0859 8652  [ 0E1A0E81EF4B33FFDE8EDA46EE38F0D4 ] C:\Windows\System32\bisrv.dll
16:46:39.0859 8652  C:\Windows\System32\bisrv.dll - ok
16:46:39.0859 8652  [ 52B6D805C60127F0456DF019775F5740 ] C:\Windows\System32\lsm.dll
16:46:39.0859 8652  C:\Windows\System32\lsm.dll - ok
16:46:39.0859 8652  [ 4F74FBB3D00BB587CBEB4D0FFC43A089 ] C:\Windows\System32\dwmapi.dll
16:46:39.0859 8652  C:\Windows\System32\dwmapi.dll - ok
16:46:39.0869 8652  [ B0F2EE69B853989736B4A9BFDB2FC0FA ] C:\Windows\System32\psmsrv.dll
16:46:39.0869 8652  C:\Windows\System32\psmsrv.dll - ok
16:46:39.0869 8652  [ 3C7F0D6FC7CD7C28405D3D1133899C15 ] C:\Windows\System32\ResourcePolicyClient.dll
16:46:39.0869 8652  C:\Windows\System32\ResourcePolicyClient.dll - ok
16:46:39.0869 8652  [ 8B2B8EF9C11895383154F6804CA0CAAA ] C:\Windows\System32\rmclient.dll
16:46:39.0869 8652  C:\Windows\System32\rmclient.dll - ok
16:46:39.0869 8652  [ 0B3798008BD3F9DF7EA2F16653CF9BA9 ] C:\Windows\System32\sysntfy.dll
16:46:39.0869 8652  C:\Windows\System32\sysntfy.dll - ok
16:46:39.0869 8652  [ 974CE9057524ED34CA772389C6CA605C ] C:\Windows\System32\twinapi.appcore.dll
16:46:39.0869 8652  C:\Windows\System32\twinapi.appcore.dll - ok
16:46:39.0879 8652  [ 78EC01F5966DAFDB43EBAEACFE91C73C ] C:\Windows\System32\embeddedmodesvcapi.dll
16:46:39.0879 8652  C:\Windows\System32\embeddedmodesvcapi.dll - ok
16:46:39.0879 8652  [ A3C0DD2AD2B30BF3C52714BBDD94DCDA ] C:\Windows\System32\PsmServiceExtHost.dll
16:46:39.0879 8652  C:\Windows\System32\PsmServiceExtHost.dll - ok
16:46:39.0879 8652  [ 3AE497BA9D8CAA4020F2E1C78CA33394 ] C:\Windows\System32\UXInit.dll
16:46:39.0879 8652  C:\Windows\System32\UXInit.dll - ok
16:46:39.0879 8652  [ 7E130D1F1126B2F0A0B273F27CFB03B5 ] C:\Windows\System32\uxtheme.dll
16:46:39.0879 8652  C:\Windows\System32\uxtheme.dll - ok
16:46:39.0879 8652  [ 54E1DFA6BD23F46B667D4F4E85EBD3F8 ] C:\Windows\System32\wer.dll
16:46:39.0879 8652  C:\Windows\System32\wer.dll - ok
16:46:39.0879 8652  [ 6308137BC44B7C5F49FC0BCD29FE1033 ] C:\Windows\System32\audioresourceregistrar.dll
16:46:39.0879 8652  C:\Windows\System32\audioresourceregistrar.dll - ok
16:46:39.0889 8652  [ 5637BD6C7671877076068A413FE54242 ] C:\Windows\System32\ResourcePolicyServer.dll
16:46:39.0889 8652  C:\Windows\System32\ResourcePolicyServer.dll - ok
16:46:39.0889 8652  [ DDD9A230BCB4085F82F8A3842B57F7B3 ] C:\Windows\System32\xmllite.dll
16:46:39.0889 8652  C:\Windows\System32\xmllite.dll - ok
16:46:39.0889 8652  [ A0F6AEFD22FC4B300A1716AF5F2A7361 ] C:\Windows\System32\apphelp.dll
16:46:39.0889 8652  C:\Windows\System32\apphelp.dll - ok
16:46:39.0899 8652  [ 44CCA7E714B3F7028BBAD2745E294C09 ] C:\Windows\System32\BrokerLib.dll
16:46:39.0899 8652  C:\Windows\System32\BrokerLib.dll - ok
16:46:39.0899 8652  [ 66C9CCC6A100ACF7A4514BD3091CE566 ] C:\Windows\System32\drivers\mouclass.sys
16:46:39.0899 8652  C:\Windows\System32\drivers\mouclass.sys - ok
16:46:39.0899 8652  [ 6BE61DAF4CDC0E13940096EAC4A9F490 ] C:\Windows\System32\drivers\mouhid.sys
16:46:39.0899 8652  C:\Windows\System32\drivers\mouhid.sys - ok
16:46:39.0899 8652  [ C49FE3EA66B9F819D984D4302796535B ] C:\Windows\System32\dwminit.dll
16:46:39.0899 8652  C:\Windows\System32\dwminit.dll - ok
16:46:39.0899 8652  [ 3AAD3281A2953F4DDA09D7EE5BEE8BA6 ] C:\Windows\System32\LogonUI.exe
16:46:39.0899 8652  C:\Windows\System32\LogonUI.exe - ok
16:46:39.0899 8652  [ 607143646829B70F7C60F4CF499AD41D ] C:\Windows\System32\SystemEventsBrokerServer.dll
16:46:39.0899 8652  C:\Windows\System32\SystemEventsBrokerServer.dll - ok
16:46:39.0909 8652  [ F31E8E5E5ECA85ED12E664DC32BF9E05 ] C:\Windows\System32\dab.dll
16:46:39.0909 8652  C:\Windows\System32\dab.dll - ok
16:46:39.0909 8652  [ 132BB9BF39586843BDFAE2E1295170CA ] C:\Windows\System32\dabapi.dll
16:46:39.0909 8652  C:\Windows\System32\dabapi.dll - ok
16:46:39.0909 8652  [ 70073A05B2B43FFB7A625708BB29E7C7 ] C:\Windows\System32\dwm.exe
16:46:39.0909 8652  C:\Windows\System32\dwm.exe - ok
16:46:39.0909 8652  [ B23B88BAEDDC414D9D595DE6393CE3E3 ] C:\Windows\System32\dwmredir.dll
16:46:39.0909 8652  C:\Windows\System32\dwmredir.dll - ok
16:46:39.0909 8652  [ 36725AD659106308A8755EE5238588BC ] C:\Windows\System32\LogonController.dll
16:46:39.0909 8652  C:\Windows\System32\LogonController.dll - ok
16:46:39.0909 8652  [ 305ECBE6AEDAD1AA398467E039AC6D06 ] C:\Windows\System32\uDWM.dll
16:46:39.0909 8652  C:\Windows\System32\uDWM.dll - ok
16:46:39.0919 8652  [ AC89EC75D4E59CFF2E8BAFD70C6154AF ] C:\Windows\System32\CoreMessaging.dll
16:46:39.0919 8652  C:\Windows\System32\CoreMessaging.dll - ok
16:46:39.0919 8652  [ 01373C56D3B5B25B579369B144EC9BCB ] C:\Windows\System32\dwmcore.dll
16:46:39.0919 8652  C:\Windows\System32\dwmcore.dll - ok
16:46:39.0923 8652  [ 75139A91F351E7337FD4F4DA633CE42B ] C:\Windows\System32\winmm.dll
16:46:39.0923 8652  C:\Windows\System32\winmm.dll - ok
16:46:39.0923 8652  [ A42A183A1DFF3E269D1CD53E69EA831F ] C:\Windows\System32\winmmbase.dll
16:46:39.0923 8652  C:\Windows\System32\winmmbase.dll - ok
16:46:39.0923 8652  [ EB432462F31C83FD45F9A37E87C9E9E7 ] C:\Windows\System32\dcomp.dll
16:46:39.0923 8652  C:\Windows\System32\dcomp.dll - ok
16:46:39.0923 8652  [ 80A4EDDB5C01DE63B6F01CD26575167D ] C:\Windows\System32\dsreg.dll
16:46:39.0923 8652  C:\Windows\System32\dsreg.dll - ok
16:46:39.0929 8652  [ B3C6F10B7C19C819AD290E2631DAF4B0 ] C:\Windows\System32\d2d1.dll
16:46:39.0929 8652  C:\Windows\System32\d2d1.dll - ok
16:46:39.0929 8652  [ E68A2E3101398EF874CBEC3C39461084 ] C:\Windows\System32\d3d11.dll
16:46:39.0929 8652  C:\Windows\System32\d3d11.dll - ok
16:46:39.0929 8652  [ FCE31DF9E6977576ED061A0882CD3FC1 ] C:\Windows\System32\D3DCompiler_47.dll
16:46:39.0929 8652  C:\Windows\System32\D3DCompiler_47.dll - ok
16:46:39.0929 8652  [ 3FC2377994D9D63FC128B6C48B22B68F ] C:\Windows\System32\gpsvc.dll
16:46:39.0929 8652  C:\Windows\System32\gpsvc.dll - ok
16:46:39.0939 8652  [ C1BEE66C2CBDA15629609B0E602B1AA3 ] C:\Windows\System32\msvcp110_win.dll
16:46:39.0939 8652  C:\Windows\System32\msvcp110_win.dll - ok
16:46:39.0939 8652  [ 06A45DC3D6392AC2E9AB421CE48097DC ] C:\Windows\System32\nlaapi.dll
16:46:39.0939 8652  C:\Windows\System32\nlaapi.dll - ok
16:46:39.0939 8652  [ F0EDD547E09B5F7EA179C18C6FB018B3 ] C:\Windows\System32\shacct.dll
16:46:39.0939 8652  C:\Windows\System32\shacct.dll - ok
16:46:39.0939 8652  [ 8F9706451C65264B52BE9A6A9A3DD55B ] C:\Windows\System32\dsrole.dll
16:46:39.0939 8652  C:\Windows\System32\dsrole.dll - ok
16:46:39.0939 8652  [ C3D3E2DFBD52C48EA787604F49060A5C ] C:\Windows\System32\ncbservice.dll
16:46:39.0939 8652  C:\Windows\System32\ncbservice.dll - ok
16:46:39.0949 8652  [ D740D50A374A3E334841773D9CA11B1A ] C:\Windows\System32\wtsapi32.dll
16:46:39.0949 8652  C:\Windows\System32\wtsapi32.dll - ok
16:46:39.0949 8652  [ 13142B3B30F633F407D5256B2FFCCEF0 ] C:\Windows\System32\drivers\monitor.sys
16:46:39.0949 8652  C:\Windows\System32\drivers\monitor.sys - ok
16:46:39.0949 8652  [ 1E8F332EBA870C440B2B039D7757C003 ] C:\Windows\System32\propsys.dll
16:46:39.0949 8652  C:\Windows\System32\propsys.dll - ok
16:46:39.0949 8652  [ 6B2B04D565C05B4683E19D212AC3967C ] C:\Windows\System32\samlib.dll
16:46:39.0949 8652  C:\Windows\System32\samlib.dll - ok
16:46:39.0949 8652  [ 5C0375A47DA61D9B8AB50BC42552462C ] C:\Windows\System32\SystemEventsBrokerClient.dll
16:46:39.0949 8652  C:\Windows\System32\SystemEventsBrokerClient.dll - ok
16:46:39.0949 8652  [ 46EBDA1D65D32F2D329B8051D039F801 ] C:\Windows\System32\taskschd.dll
16:46:39.0949 8652  C:\Windows\System32\taskschd.dll - ok
16:46:39.0959 8652  [ 3F2AE4940528B51B787216301B3A26D1 ] C:\Windows\System32\usermgrcli.dll
16:46:39.0959 8652  C:\Windows\System32\usermgrcli.dll - ok
16:46:39.0959 8652  [ CEC858AC998DE405F079FEFD55924394 ] C:\Windows\System32\drivers\bthport.sys
16:46:39.0959 8652  C:\Windows\System32\drivers\bthport.sys - ok
16:46:39.0959 8652  [ C67D8AEBA19C68C64BB97C077656B61F ] C:\Windows\System32\dwmghost.dll
16:46:39.0959 8652  C:\Windows\System32\dwmghost.dll - ok
16:46:39.0959 8652  [ 8BF5E2FD72E939CF68D617E273034793 ] C:\Windows\System32\TimeBrokerServer.dll
16:46:39.0959 8652  C:\Windows\System32\TimeBrokerServer.dll - ok
16:46:39.0959 8652  [ 1C73391FC96115ADB06B5DBA8F836946 ] C:\Windows\System32\Windows.Devices.Radios.dll
16:46:39.0959 8652  C:\Windows\System32\Windows.Devices.Radios.dll - ok
16:46:39.0959 8652  [ 0D5ECDF2601312025811F6AC413F851A ] C:\Windows\System32\drivers\BTHUSB.SYS
16:46:39.0959 8652  C:\Windows\System32\drivers\BTHUSB.SYS - ok
16:46:39.0968 8652  [ E86400D7B6E095E89CF63667D94D3F50 ] C:\Windows\System32\drivers\luafv.sys
16:46:39.0968 8652  C:\Windows\System32\drivers\luafv.sys - ok
16:46:39.0968 8652  [ 3030F19C6A73367D6D5EEDD157F5D01A ] C:\Windows\System32\hidserv.dll
16:46:39.0968 8652  C:\Windows\System32\hidserv.dll - ok
16:46:39.0968 8652  [ A62EB996C10A767B14685EB35134443E ] C:\Windows\System32\mstask.dll
16:46:39.0968 8652  C:\Windows\System32\mstask.dll - ok
16:46:39.0968 8652  [ C974AC54A9D34AF4899E98ECC1784E03 ] C:\Windows\System32\profsvc.dll
16:46:39.0968 8652  C:\Windows\System32\profsvc.dll - ok
16:46:39.0968 8652  [ 9D13410D7B4D76AA2EA73EC8CA0E0190 ] C:\Windows\System32\schedsvc.dll
16:46:39.0968 8652  C:\Windows\System32\schedsvc.dll - ok
16:46:39.0968 8652  [ 4CEED46DDAB911AE1298422BFB12460C ] C:\Windows\System32\upfc.exe
16:46:39.0968 8652  C:\Windows\System32\upfc.exe - ok
16:46:39.0979 8652  [ 7412ECE8BD5590881FA9780B68BD70C5 ] C:\Windows\System32\wpdbusenum.dll
16:46:39.0979 8652  C:\Windows\System32\wpdbusenum.dll - ok
16:46:39.0979 8652  [ 4EC5737F5D57951317633A9B2EE34C08 ] C:\Windows\System32\bi.dll
16:46:39.0979 8652  C:\Windows\System32\bi.dll - ok
16:46:39.0979 8652  [ 8A304D6CDC067922448CBA1EBB9FFCA8 ] C:\Windows\System32\drivers\wcifs.sys
16:46:39.0979 8652  C:\Windows\System32\drivers\wcifs.sys - ok
16:46:39.0979 8652  [ 400CB5E63B78AA4CA9D6F9CD5458897B ] C:\Windows\System32\httpprxc.dll
16:46:39.0979 8652  C:\Windows\System32\httpprxc.dll - ok
16:46:39.0979 8652  [ 0DAA95A421EEF59A9E3EA3D4D38D35CC ] C:\Windows\System32\PortableDeviceApi.dll
16:46:39.0979 8652  C:\Windows\System32\PortableDeviceApi.dll - ok
16:46:39.0979 8652  [ A7D93C2CF2ECDC93CD5D38568AB2FD16 ] C:\Windows\System32\ubpm.dll
16:46:39.0979 8652  C:\Windows\System32\ubpm.dll - ok
16:46:39.0979 8652  [ FD1696E6F1CDBBEC53F0A2AE9252AF9F ] C:\Windows\System32\WindowsCodecs.dll
16:46:39.0979 8652  C:\Windows\System32\WindowsCodecs.dll - ok
16:46:39.0989 8652  [ B094533E37D516EB5BBD601B24A094A3 ] C:\Windows\System32\avrt.dll
16:46:39.0989 8652  C:\Windows\System32\avrt.dll - ok
16:46:39.0989 8652  [ A0655EDDD6F3FB690D2810D54A80EDD3 ] C:\Windows\System32\profsvcext.dll
16:46:39.0989 8652  C:\Windows\System32\profsvcext.dll - ok
16:46:39.0989 8652  [ 69C4D5C2704BFB529A034391BC8598AA ] C:\Windows\System32\wmiclnt.dll
16:46:39.0989 8652  C:\Windows\System32\wmiclnt.dll - ok
16:46:39.0989 8652  [ 1113B8FB6DD4A15F331B688D06D8A3C3 ] C:\Windows\System32\ISM.dll
16:46:39.0989 8652  C:\Windows\System32\ISM.dll - ok
16:46:39.0989 8652  [ 78E94042122D7926F0F3EC8DF56374C4 ] C:\Windows\System32\logoncli.dll
16:46:39.0989 8652  C:\Windows\System32\logoncli.dll - ok
16:46:39.0989 8652  [ 3065C1D9AEA9FF2EF2D20A93BDE843E5 ] C:\Windows\System32\netprofm.dll
16:46:39.0989 8652  C:\Windows\System32\netprofm.dll - ok
16:46:40.0000 8652  [ 3338373AC09D1E0F7CD6B71A60D15A53 ] C:\Windows\System32\ninput.dll
16:46:40.0000 8652  C:\Windows\System32\ninput.dll - ok
16:46:40.0000 8652  [ 66D0D56AA62E8655D0DA0E08F22D6446 ] C:\Windows\System32\PortableDeviceConnectApi.dll
16:46:40.0000 8652  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
16:46:40.0003 8652  [ 21257B4BA764E4024D785C0E2D262BFA ] C:\Windows\System32\taskcomp.dll
16:46:40.0003 8652  C:\Windows\System32\taskcomp.dll - ok
16:46:40.0003 8652  [ 16B8B3A1E7A475EC6F9B82F1F7C40BB8 ] C:\Windows\System32\wkscli.dll
16:46:40.0003 8652  C:\Windows\System32\wkscli.dll - ok
16:46:40.0003 8652  [ 193A6337BD40FFE8AE2192BAA9EAADFF ] C:\Windows\System32\CoreUIComponents.dll
16:46:40.0003 8652  C:\Windows\System32\CoreUIComponents.dll - ok
16:46:40.0003 8652  [ B2503F95110A94ACB1A286F86D0D46C8 ] C:\Windows\System32\CSystemEventsBrokerClient.dll
16:46:40.0003 8652  C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
16:46:40.0009 8652  [ 7D7ED932B6417D8687D1D972989B310B ] C:\Windows\System32\SEMgrSvc.dll
16:46:40.0009 8652  C:\Windows\System32\SEMgrSvc.dll - ok
16:46:40.0009 8652  [ A3112D31A426EF1192BB410CC12DB7E0 ] C:\Windows\System32\TimeBrokerClient.dll
16:46:40.0009 8652  C:\Windows\System32\TimeBrokerClient.dll - ok
16:46:40.0009 8652  [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE ] C:\Windows\System32\usermgr.dll
16:46:40.0009 8652  C:\Windows\System32\usermgr.dll - ok
16:46:40.0009 8652  [ BD899C5FAC694D585EE7C4220030E8A5 ] C:\Windows\System32\wevtsvc.dll
16:46:40.0009 8652  C:\Windows\System32\wevtsvc.dll - ok
16:46:40.0009 8652  [ 17B232D67DD70E1F1FC19B6D9A15244E ] C:\Windows\System32\cryptngc.dll
16:46:40.0009 8652  C:\Windows\System32\cryptngc.dll - ok
16:46:40.0009 8652  [ 167CE3F1FD9786089D20FF1CAFE0BA3A ] C:\Windows\System32\SEMgrSvcPAL.dll
16:46:40.0009 8652  C:\Windows\System32\SEMgrSvcPAL.dll - ok
16:46:40.0019 8652  [ 8EB2787F5DB8C61A06F9EF9BD2073D6C ] C:\Windows\System32\WPTaskScheduler.dll
16:46:40.0019 8652  C:\Windows\System32\WPTaskScheduler.dll - ok
16:46:40.0019 8652  [ 8E6509C563B47B53D68935CD2E2213D2 ] C:\Windows\System32\capauthz.dll
16:46:40.0019 8652  C:\Windows\System32\capauthz.dll - ok
16:46:40.0019 8652  [ 5619FC2A3AE4F43D4B20D95472ED948E ] C:\Windows\System32\drivers\cldflt.sys
16:46:40.0019 8652  C:\Windows\System32\drivers\cldflt.sys - ok
16:46:40.0019 8652  [ BF6B1AAA89766E744DECAD80DBC0873A ] C:\Windows\System32\WinTypes.dll
16:46:40.0019 8652  C:\Windows\System32\WinTypes.dll - ok
16:46:40.0019 8652  [ B12FFF1893123C54CD625B2821EE0DB3 ] C:\Windows\System32\drivers\aswMonFlt.sys
16:46:40.0019 8652  C:\Windows\System32\drivers\aswMonFlt.sys - ok
16:46:40.0019 8652  [ 47CE4211A40C2C023A8138E18757F3D2 ] C:\Windows\System32\drivers\storqosflt.sys
16:46:40.0019 8652  C:\Windows\System32\drivers\storqosflt.sys - ok
16:46:40.0029 8652  [ 346157375D3EB85020A67F800FD00593 ] C:\Windows\System32\netjoin.dll
16:46:40.0029 8652  C:\Windows\System32\netjoin.dll - ok
16:46:40.0029 8652  [ 558C4B04B11BE1E81EAD8AC00A7EF87F ] C:\Windows\System32\PCPKsp.dll
16:46:40.0029 8652  C:\Windows\System32\PCPKsp.dll - ok
16:46:40.0029 8652  [ B62F05987780D41624E231C89C474D22 ] C:\Windows\System32\policymanager.dll
16:46:40.0029 8652  C:\Windows\System32\policymanager.dll - ok
16:46:40.0029 8652  [ DF294BDB4E6A9803F88AC1A3DC987563 ] C:\Windows\System32\samcli.dll
16:46:40.0029 8652  C:\Windows\System32\samcli.dll - ok
16:46:40.0029 8652  [ CE95E236FC9FE2D6F16C926C75B18BAF ] C:\Windows\System32\taskhostw.exe
16:46:40.0029 8652  C:\Windows\System32\taskhostw.exe - ok
 
 
 
 
 

 

 

Attached Files



#10 phibonacci

phibonacci
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 22 August 2018 - 11:19 PM

TDSSkiller log continued:

 

16:46:40.0029 8652  [ 9845A36995C949CA88FF0490DEC8B451 ] C:\Windows\System32\tbs.dll
16:46:40.0029 8652  C:\Windows\System32\tbs.dll - ok
16:46:40.0039 8652  [ 2C2881508F19092BB10E7ED4B10D27E9 ] C:\Windows\System32\Windows.Gaming.Input.dll
16:46:40.0039 8652  C:\Windows\System32\Windows.Gaming.Input.dll - ok
16:46:40.0039 8652  [ 025D6E81F4BF7E57FFDFCE132C98B8BA ] C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
16:46:40.0039 8652  C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe - ok
16:46:40.0039 8652  [ 05AF5CB1E6DC42049432B227FF8FA13D ] C:\Windows\System32\AppXDeploymentClient.dll
16:46:40.0039 8652  C:\Windows\System32\AppXDeploymentClient.dll - ok
16:46:40.0039 8652  [ 457DAC0D0978F5391E0742ADCB4C2E28 ] C:\Windows\System32\nsisvc.dll
16:46:40.0039 8652  C:\Windows\System32\nsisvc.dll - ok
16:46:40.0039 8652  [ 81B145578FB9ACE1655EBD51BDF0B0D6 ] C:\Windows\System32\StateRepository.Core.dll
16:46:40.0039 8652  C:\Windows\System32\StateRepository.Core.dll - ok
16:46:40.0039 8652  [ D3A9BDF4464852E1CC363F73F4C587C1 ] C:\Windows\System32\UIAnimation.dll
16:46:40.0039 8652  C:\Windows\System32\UIAnimation.dll - ok
16:46:40.0048 8652  [ 51D1F76C6EC94B0773D276C91B06A781 ] C:\Windows\System32\dhcpcore.dll
16:46:40.0048 8652  C:\Windows\System32\dhcpcore.dll - ok
16:46:40.0048 8652  [ 4BDDBE3883E5F528B95DE2E8015A310D ] C:\Windows\System32\UserMgrProxy.dll
16:46:40.0048 8652  C:\Windows\System32\UserMgrProxy.dll - ok
16:46:40.0053 8652  [ 8A39AE500D97535C269BD7AE529E7202 ] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NVDisplayPluginWatchdog.dll
16:46:40.0053 8652  C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NVDisplayPluginWatchdog.dll - ok
16:46:40.0053 8652  [ 5D3CB25820156F1D83D1DF686279F2AE ] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvXDCore.dll
16:46:40.0053 8652  C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvXDCore.dll - ok
16:46:40.0053 8652  [ 93627A7A07301FF5FF5919F8C7ED35A5 ] C:\Windows\System32\dhcpcore6.dll
16:46:40.0053 8652  C:\Windows\System32\dhcpcore6.dll - ok
16:46:40.0053 8652  [ 0B3EC3AE836BDCFE07043EC4EB40943B ] C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
16:46:40.0053 8652  C:\Windows\System32\OneCoreUAPCommonProxyStub.dll - ok
16:46:40.0059 8652  [ 067357E287D6BBFAF2AFDCC39A4A76C2 ] C:\Windows\System32\wevtapi.dll
16:46:40.0059 8652  C:\Windows\System32\wevtapi.dll - ok
16:46:40.0059 8652  [ 195EA198AAB8CDE2E33263DAB5DEECDF ] C:\Windows\System32\winnsi.dll
16:46:40.0059 8652  C:\Windows\System32\winnsi.dll - ok
16:46:40.0062 8652  [ 573C07A04C3E7CA80843C91FE0773B3E ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereo\_nvstapisvr64.dll
16:46:40.0062 8652  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereo\_nvstapisvr64.dll - ok
16:46:40.0062 8652  [ 9B538A1E44E1D61FA80E80EA75A085FA ] C:\Windows\System32\es.dll
16:46:40.0062 8652  C:\Windows\System32\es.dll - ok
16:46:40.0062 8652  [ BF69FF80C3975B1D1E9428A689A16CB1 ] C:\Windows\System32\nlasvc.dll
16:46:40.0062 8652  C:\Windows\System32\nlasvc.dll - ok
16:46:40.0062 8652  [ 62492FAAC26223E8A21E79A2331A3F10 ] C:\Windows\System32\sysmain.dll
16:46:40.0062 8652  C:\Windows\System32\sysmain.dll - ok
16:46:40.0069 8652  [ 1A0A0F6A139148AFDC4622046D4B3CBD ] C:\Windows\System32\themeservice.dll
16:46:40.0069 8652  C:\Windows\System32\themeservice.dll - ok
16:46:40.0069 8652  [ 063E91CD2CB1C372459FD6FBC02509E7 ] C:\Windows\System32\BthAvctpSvc.dll
16:46:40.0069 8652  C:\Windows\System32\BthAvctpSvc.dll - ok
16:46:40.0069 8652  [ C7A606E717A32450AECB922DB8390EF1 ] C:\Windows\System32\dhcpcsvc.dll
16:46:40.0069 8652  C:\Windows\System32\dhcpcsvc.dll - ok
16:46:40.0069 8652  [ 8EE632BFE4BABD4E7A299AF54476F9A5 ] C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
16:46:40.0069 8652  C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - ok
16:46:40.0069 8652  [ C50ECB95BAF5D4D368460A6E09D27AA0 ] C:\Windows\System32\ncsi.dll
16:46:40.0069 8652  C:\Windows\System32\ncsi.dll - ok
16:46:40.0069 8652  [ 30EBAC24A7D60DFB597576B46C9B82FB ] C:\Windows\System32\version.dll
16:46:40.0079 8652  C:\Windows\System32\version.dll - ok
16:46:40.0079 8652  [ 1EB49C9E2716D4924460B2FAA295E313 ] C:\Windows\System32\bthserv.dll
16:46:40.0079 8652  C:\Windows\System32\bthserv.dll - ok
16:46:40.0079 8652  [ 0393EDDEDC245F3A43B5CBF687A75B65 ] C:\Windows\System32\BthTelemetry.dll
16:46:40.0079 8652  C:\Windows\System32\BthTelemetry.dll - ok
16:46:40.0079 8652  [ 35DF7C3AE92A317B791AE265B818F357 ] C:\Windows\System32\dhcpcsvc6.dll
16:46:40.0079 8652  C:\Windows\System32\dhcpcsvc6.dll - ok
16:46:40.0079 8652  [ FE8CB2FC220D01F433F3AFA7579BA97B ] C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvldumdx.dll
16:46:40.0079 8652  C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvldumdx.dll - ok
16:46:40.0079 8652  [ E0121734C2492406034FA23E3D394EBD ] C:\Windows\System32\drivers\bthenum.sys
16:46:40.0079 8652  C:\Windows\System32\drivers\bthenum.sys - ok
16:46:40.0079 8652  [ 59F600BDA5B6EE591802945F1D8388D5 ] C:\Windows\System32\drivers\rfcomm.sys
16:46:40.0079 8652  C:\Windows\System32\drivers\rfcomm.sys - ok
16:46:40.0089 8652  [ CA614C9FBC8307AB1DC937F3393899E2 ] C:\Windows\System32\Sens.dll
16:46:40.0089 8652  C:\Windows\System32\Sens.dll - ok
16:46:40.0089 8652  [ 249573C7FD3A5E5E64BA634FA200DCFF ] C:\Windows\System32\ssdpapi.dll
16:46:40.0089 8652  C:\Windows\System32\ssdpapi.dll - ok
16:46:40.0089 8652  [ B10E0CC936462BBA7BC659C0927617A0 ] C:\Windows\System32\drivers\bthpan.sys
16:46:40.0089 8652  C:\Windows\System32\drivers\bthpan.sys - ok
16:46:40.0089 8652  [ F978F0AFF72B57CEF81E79F70CC64B4C ] C:\Windows\System32\Microsoft.Bluetooth.Service.dll
16:46:40.0089 8652  C:\Windows\System32\Microsoft.Bluetooth.Service.dll - ok
16:46:40.0089 8652  [ 9B14C74B07B8BDB768A63DBA7869CA4B ] C:\Windows\System32\wlanapi.dll
16:46:40.0089 8652  C:\Windows\System32\wlanapi.dll - ok
16:46:40.0089 8652  [ 01F3F7BB9F53EE2D84569CDFDED7BACF ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres64.dll
16:46:40.0089 8652  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres64.dll - ok
16:46:40.0100 8652  [ 49C40F52EB06F9E9C8A14436F97AAEB8 ] C:\Windows\System32\AudioEndpointBuilder.dll
16:46:40.0100 8652  C:\Windows\System32\AudioEndpointBuilder.dll - ok
16:46:40.0100 8652  [ 8F528FD267C55ABE2A156C5F6EA6B867 ] C:\Windows\System32\FntCache.dll
16:46:40.0100 8652  C:\Windows\System32\FntCache.dll - ok
16:46:40.0100 8652  [ E9931F57F05696CBF53A086449D97BF6 ] C:\Windows\System32\netprofmsvc.dll
16:46:40.0100 8652  C:\Windows\System32\netprofmsvc.dll - ok
16:46:40.0100 8652  [ 1E7E58DA013EDF715347FA6F58A4987E ] C:\Windows\System32\D3D12.dll
16:46:40.0100 8652  C:\Windows\System32\D3D12.dll - ok
16:46:40.0100 8652  [ 3E73262483D4FB1BB88BA1B2B9BB3D5A ] C:\Windows\System32\dxgiadaptercache.exe
16:46:40.0100 8652  C:\Windows\System32\dxgiadaptercache.exe - ok
16:46:40.0108 8652  [ 14C76DCCCF34C41AEC6AEED50C19FCD2 ] C:\Windows\System32\MMDevAPI.dll
16:46:40.0108 8652  C:\Windows\System32\MMDevAPI.dll - ok
16:46:40.0108 8652  [ 76860EBFE574A058C26A6C4E180C8A69 ] C:\Windows\System32\Windows.Internal.Bluetooth.dll
16:46:40.0108 8652  C:\Windows\System32\Windows.Internal.Bluetooth.dll - ok
16:46:40.0108 8652  [ D9CFFBA4DEA51154AF111D58CD1E3CF5 ] C:\Windows\System32\FontProvider.dll
16:46:40.0108 8652  C:\Windows\System32\FontProvider.dll - ok
16:46:40.0108 8652  [ 4A260665446BD725BB498E93FED81E3B ] C:\Windows\System32\npmproxy.dll
16:46:40.0108 8652  C:\Windows\System32\npmproxy.dll - ok
16:46:40.0108 8652  [ F37481B8BD079D685990E2FB4F3A4F29 ] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session\nvxdsyncplugin.dll
16:46:40.0108 8652  C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session\nvxdsyncplugin.dll - ok
16:46:40.0108 8652  [ 620D7FFDE92896196F096498FE4E43A9 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
16:46:40.0108 8652  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
16:46:40.0108 8652  [ 8C90F68E7095B145CB292B6367628EDF ] C:\Windows\System32\ClipRenew.exe
16:46:40.0108 8652  C:\Windows\System32\ClipRenew.exe - ok
16:46:40.0119 8652  [ 8E46E4886AB3BCBA2BAA56882D4B3CC2 ] C:\Windows\System32\Microsoft.Bluetooth.Proxy.dll
16:46:40.0119 8652  C:\Windows\System32\Microsoft.Bluetooth.Proxy.dll - ok
16:46:40.0119 8652  [ D69DDDB6977F263603F6FBF4A52D6529 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl64.dll
16:46:40.0119 8652  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl64.dll - ok
16:46:40.0119 8652  [ 85F5808D19879E1803E46405090F29C8 ] C:\Windows\System32\BTAGService.dll
16:46:40.0119 8652  C:\Windows\System32\BTAGService.dll - ok
16:46:40.0119 8652  [ 68809DED4F6200C6C460CAB5B1B2DB0A ] C:\Windows\System32\BthRadioMedia.dll
16:46:40.0119 8652  C:\Windows\System32\BthRadioMedia.dll - ok
16:46:40.0119 8652  [ D4476EF825CBFE3DDF13FEAE4522D893 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
16:46:40.0119 8652  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
16:46:40.0129 8652  [ B65E32AB4AB426624086C6B3BF246434 ] C:\Windows\System32\CallHistoryClient.dll
16:46:40.0129 8652  C:\Windows\System32\CallHistoryClient.dll - ok
16:46:40.0129 8652  [ 3DE5F85C5B856D2D48A33C4E2CEA7E3C ] C:\Windows\System32\PhoneOm.dll
16:46:40.0129 8652  C:\Windows\System32\PhoneOm.dll - ok
16:46:40.0129 8652  [ 460C47E19526C7E02CA465BE726128FB ] C:\Windows\System32\Pimstore.dll
16:46:40.0129 8652  C:\Windows\System32\Pimstore.dll - ok
16:46:40.0129 8652  [ 8DF502E8116C625387DD789936D7A0C2 ] C:\Windows\System32\das.dll
16:46:40.0129 8652  C:\Windows\System32\das.dll - ok
16:46:40.0129 8652  [ 36FC3E2F6217213B2FAE4060E2CB73D5 ] C:\Windows\System32\devrtl.dll
16:46:40.0129 8652  C:\Windows\System32\devrtl.dll - ok
16:46:40.0139 8652  [ 5152016E505C47F193C8B6CFD9A75DDC ] C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvwgf2umx_cfg.dll
16:46:40.0139 8652  C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvwgf2umx_cfg.dll - ok
16:46:40.0139 8652  [ D65440FC64AE2D7BF1F54A7DD2AA8F1C ] C:\Windows\System32\Phoneutil.dll
16:46:40.0139 8652  C:\Windows\System32\Phoneutil.dll - ok
16:46:40.0139 8652  [ 5A23970F738A1180587EB0261963FC85 ] C:\Windows\System32\spinf.dll
16:46:40.0139 8652  C:\Windows\System32\spinf.dll - ok
16:46:40.0139 8652  [ 103B99915045328627DA103391420CA0 ] C:\Windows\System32\UserDataPlatformHelperUtil.dll
16:46:40.0139 8652  C:\Windows\System32\UserDataPlatformHelperUtil.dll - ok
16:46:40.0139 8652  [ 871DCEF7FA90B183C5D41CD84E638C92 ] C:\Windows\System32\UserDataTypeHelperUtil.dll
16:46:40.0139 8652  C:\Windows\System32\UserDataTypeHelperUtil.dll - ok
16:46:40.0149 8652  [ 605CCC9CE1839BC5583017DF7CAE27A6 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:40.0149 8652  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
16:46:40.0149 8652  [ 408327C4234D4879B3964EEDC95110EC ] C:\Windows\System32\drvstore.dll
16:46:40.0149 8652  C:\Windows\System32\drvstore.dll - ok
16:46:40.0149 8652  [ CDC66BF7EF420EA0F569FC632EE25F58 ] C:\Windows\SysWOW64\ntdll.dll
16:46:40.0149 8652  C:\Windows\SysWOW64\ntdll.dll - ok
16:46:40.0153 8652  [ 37D30636231CC642329689570812111B ] C:\Windows\System32\wshbth.dll
16:46:40.0153 8652  C:\Windows\System32\wshbth.dll - ok
16:46:40.0153 8652  [ FD83C3389817C5246FE544EEE63E4115 ] C:\Windows\System32\dasHost.exe
16:46:40.0153 8652  C:\Windows\System32\dasHost.exe - ok
16:46:40.0153 8652  [ AC52357B052937AA12B23202E547B8A1 ] C:\Windows\SysWOW64\kernel32.dll
16:46:40.0153 8652  C:\Windows\SysWOW64\kernel32.dll - ok
16:46:40.0159 8652  [ 841F34F27193E2EE207ABA44B27B12F2 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
16:46:40.0159 8652  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
16:46:40.0159 8652  [ 44F570BF8066D93C8AE75C1FCA3058B2 ] C:\Windows\SysWOW64\KernelBase.dll
16:46:40.0159 8652  C:\Windows\SysWOW64\KernelBase.dll - ok
16:46:40.0159 8652  [ E8FBD0959C56B0BD098318F25CA289A3 ] C:\Windows\SysWOW64\advapi32.dll
16:46:40.0159 8652  C:\Windows\SysWOW64\advapi32.dll - ok
16:46:40.0159 8652  [ 4B874467477F3381496885B131FAD7DF ] C:\Windows\System32\msimg32.dll
16:46:40.0159 8652  C:\Windows\System32\msimg32.dll - ok
16:46:40.0159 8652  [ 3182E8D81D4F52AD021D91525311ED67 ] C:\Windows\SysWOW64\msvcrt.dll
16:46:40.0159 8652  C:\Windows\SysWOW64\msvcrt.dll - ok
16:46:40.0169 8652  [ 17E005BCBD45AA6F14678187D1BDD998 ] C:\Windows\SysWOW64\sechost.dll
16:46:40.0169 8652  C:\Windows\SysWOW64\sechost.dll - ok
16:46:40.0169 8652  [ E9E2295915DEE68E8872975FDABA00EE ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.17134.165_none_f954469b3093f6d5\comctl32.dll
16:46:40.0169 8652  C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.17134.165_none_f954469b3093f6d5\comctl32.dll - ok
16:46:40.0169 8652  [ 72D264D6330FA262A31455CA01A13284 ] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17134.165_none_2c2d892a8af7e37a\GdiPlus.dll
16:46:40.0169 8652  C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17134.165_none_2c2d892a8af7e37a\GdiPlus.dll - ok
16:46:40.0169 8652  [ 45F4CC58E3A605FB9F58341DA31D4063 ] C:\Windows\System32\winspool.drv
16:46:40.0169 8652  C:\Windows\System32\winspool.drv - ok
16:46:40.0169 8652  [ 8B99A08F24E0C863744F283BF112BB33 ] C:\Windows\SysWOW64\rpcrt4.dll
16:46:40.0169 8652  C:\Windows\SysWOW64\rpcrt4.dll - ok
16:46:40.0169 8652  [ B5EA6B1F5BABF9B5EEFA17E4FA46D03D ] C:\Windows\System32\oleacc.dll
16:46:40.0169 8652  C:\Windows\System32\oleacc.dll - ok
16:46:40.0179 8652  [ EF73F42D95A6577D8AE7E3A331C258C0 ] C:\Windows\SysWOW64\sspicli.dll
16:46:40.0179 8652  C:\Windows\SysWOW64\sspicli.dll - ok
16:46:40.0179 8652  [ 50DE2E82D65B6006360660D085E80B8B ] C:\Windows\System32\audiosrv.dll
16:46:40.0179 8652  C:\Windows\System32\audiosrv.dll - ok
16:46:40.0179 8652  [ 343E33C6481A260A2371F78B17D3D360 ] C:\Windows\SysWOW64\bcryptprimitives.dll
16:46:40.0179 8652  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
16:46:40.0179 8652  [ 142FF7671B14EE5ECC36982BB6B2F857 ] C:\Windows\SysWOW64\cryptbase.dll
16:46:40.0179 8652  C:\Windows\SysWOW64\cryptbase.dll - ok
16:46:40.0179 8652  [ A3438EB5B7174D5AEDCF73BF80EC2242 ] C:\Windows\SysWOW64\shell32.dll
16:46:40.0179 8652  C:\Windows\SysWOW64\shell32.dll - ok
16:46:40.0189 8652  [ C68563F7EF31BBDC8EB2820DAB516F80 ] C:\Windows\System32\AudioSrvPolicyManager.dll
16:46:40.0189 8652  C:\Windows\System32\AudioSrvPolicyManager.dll - ok
16:46:40.0189 8652  [ 4C8BE01DB9ABA6F767FBD2B44C575E78 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
16:46:40.0189 8652  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll - ok
16:46:40.0189 8652  [ B9E4174DFBDCA9979A92D17C2E67890E ] C:\Windows\System32\Windows.StateRepository.dll
16:46:40.0189 8652  C:\Windows\System32\Windows.StateRepository.dll - ok
16:46:40.0189 8652  [ 4720E70204844E629A728B06CB5AD186 ] C:\Windows\System32\coreaudiopolicymanagerext.dll
16:46:40.0189 8652  C:\Windows\System32\coreaudiopolicymanagerext.dll - ok
16:46:40.0189 8652  [ 71E0B7E22597B315B1BCBEAEA6E14A82 ] C:\Windows\System32\nvapi64.dll
16:46:40.0189 8652  C:\Windows\System32\nvapi64.dll - ok
16:46:40.0189 8652  [ 680968AB182F75979C9FAEA19EEF8342 ] C:\Windows\System32\MitigationConfiguration.dll
16:46:40.0189 8652  C:\Windows\System32\MitigationConfiguration.dll - ok
16:46:40.0200 8652  [ 751A7105BC4ED2A513D933F141654401 ] C:\Windows\System32\urlmon.dll
16:46:40.0200 8652  C:\Windows\System32\urlmon.dll - ok
16:46:40.0200 8652  [ D88A67FB28159E1818BE705A322300EE ] C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvumdshimx.dll
16:46:40.0200 8652  C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvumdshimx.dll - ok
16:46:40.0200 8652  [ 659C644545BA6C7697D359D42A41500B ] C:\Windows\System32\iertutil.dll
16:46:40.0200 8652  C:\Windows\System32\iertutil.dll - ok
16:46:40.0200 8652  [ 46CB8D7571BE0E2BC967CD0F75F03C5E ] C:\Windows\SysWOW64\cfgmgr32.dll
16:46:40.0200 8652  C:\Windows\SysWOW64\cfgmgr32.dll - ok
16:46:40.0200 8652  [ 2166BD37EECF7F797B30FF34EE1D9004 ] C:\Windows\SysWOW64\ucrtbase.dll
16:46:40.0200 8652  C:\Windows\SysWOW64\ucrtbase.dll - ok
16:46:40.0208 8652  [ 215BDA791F9BC240EFD4BE5310F86B78 ] C:\Windows\SysWOW64\combase.dll
16:46:40.0208 8652  C:\Windows\SysWOW64\combase.dll - ok
16:46:40.0208 8652  [ A7A9F233464A914E11FCF8F4DDB2D759 ] C:\Windows\SysWOW64\SHCore.dll
16:46:40.0208 8652  C:\Windows\SysWOW64\SHCore.dll - ok
16:46:40.0208 8652  [ 573FE831154D806E4E33AD7A565576D9 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
16:46:40.0208 8652  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
16:46:40.0208 8652  [ 16D9ECB3866356C7ACD44A2BDEA16C4F ] C:\Windows\System32\cabinet.dll
16:46:40.0208 8652  C:\Windows\System32\cabinet.dll - ok
16:46:40.0208 8652  [ A188B022B78E27ED7E6F168166D8811C ] C:\Windows\SysWOW64\windows.storage.dll
16:46:40.0208 8652  C:\Windows\SysWOW64\windows.storage.dll - ok
16:46:40.0208 8652  [ 86061D0F15D35FB9D1750B7D91EC87AE ] C:\Windows\System32\drivers\aswStm.sys
16:46:40.0208 8652  C:\Windows\System32\drivers\aswStm.sys - ok
16:46:40.0208 8652  [ 6B958095EF9BCA1A256277DE717A8635 ] C:\Windows\System32\nvsvc64.dll
16:46:40.0208 8652  C:\Windows\System32\nvsvc64.dll - ok
16:46:40.0218 8652  [ E317E6A8FD5BD3FA731A056B058B0861 ] C:\Windows\System32\Windows.StateRepositoryPS.dll
16:46:40.0218 8652  C:\Windows\System32\Windows.StateRepositoryPS.dll - ok
16:46:40.0218 8652  [ 3CF979AFF0196DF3DF5E54DFC049EB1F ] C:\Windows\System32\drivers\lltdio.sys
16:46:40.0218 8652  C:\Windows\System32\drivers\lltdio.sys - ok
16:46:40.0218 8652  [ AECFFBE104D428E8A74BCABF5B3B9912 ] C:\Windows\System32\drivers\mslldp.sys
16:46:40.0218 8652  C:\Windows\System32\drivers\mslldp.sys - ok
16:46:40.0218 8652  [ E6ED5DA40CBF2237061F54A669F664BE ] C:\Windows\SysWOW64\shlwapi.dll
16:46:40.0218 8652  C:\Windows\SysWOW64\shlwapi.dll - ok
16:46:40.0218 8652  [ FFFB16EF6E0B8B5F7F19B425923E7D12 ] C:\Windows\System32\drivers\rspndr.sys
16:46:40.0218 8652  C:\Windows\System32\drivers\rspndr.sys - ok
16:46:40.0229 8652  [ 85E187443F68F285DB78BD2279AE3701 ] C:\Windows\System32\drivers\wanarp.sys
16:46:40.0229 8652  C:\Windows\System32\drivers\wanarp.sys - ok
16:46:40.0229 8652  [ 26A7AC6D85C56722D904CB0AD5272AD8 ] C:\Windows\System32\mscms.dll
16:46:40.0229 8652  C:\Windows\System32\mscms.dll - ok
16:46:40.0229 8652  [ 9E83C81EFCC84DB0E4FAC7A0B5077A9A ] C:\Windows\SysWOW64\gdi32.dll
16:46:40.0229 8652  C:\Windows\SysWOW64\gdi32.dll - ok
16:46:40.0229 8652  [ 7714B9470817C1A5F5B4AAAB35AF2038 ] C:\Windows\SysWOW64\gdi32full.dll
16:46:40.0229 8652  C:\Windows\SysWOW64\gdi32full.dll - ok
16:46:40.0229 8652  [ 1FCC3AF7C3127E5566F051BCDE5BD5BC ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac\comctl32.dll
16:46:40.0229 8652  C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_fb429645306569ac\comctl32.dll - ok
16:46:40.0229 8652  [ C3ED024C9F557518D56CAAB96E91C782 ] C:\Windows\System32\coloradapterclient.dll
16:46:40.0229 8652  C:\Windows\System32\coloradapterclient.dll - ok
16:46:40.0239 8652  [ B66E5DDF484DE03D61B83118E45D5E11 ] C:\Windows\System32\drivers\nwifi.sys
16:46:40.0239 8652  C:\Windows\System32\drivers\nwifi.sys - ok
16:46:40.0239 8652  [ 24E96C02CBCCFFDE8D5CB9E7509DE374 ] C:\Windows\System32\wcmsvc.dll
16:46:40.0239 8652  C:\Windows\System32\wcmsvc.dll - ok
16:46:40.0239 8652  [ DE3F0FD089B909EA80D7ECA81D4128DF ] C:\Windows\System32\Windows.ApplicationModel.dll
16:46:40.0239 8652  C:\Windows\System32\Windows.ApplicationModel.dll - ok
16:46:40.0239 8652  [ 76A96AA2CB1E3FE8DC4BC87507DA0BC1 ] C:\Windows\SysWOW64\msvcp_win.dll
16:46:40.0239 8652  C:\Windows\SysWOW64\msvcp_win.dll - ok
16:46:40.0239 8652  [ E65844BC31FE3687A745C2E48C845CBC ] C:\Windows\System32\dnsrslvr.dll
16:46:40.0239 8652  C:\Windows\System32\dnsrslvr.dll - ok
16:46:40.0239 8652  [ 974BC06C0EC847EA4DC8D9002D394FEB ] C:\Windows\System32\dusmsvc.dll
16:46:40.0239 8652  C:\Windows\System32\dusmsvc.dll - ok
16:46:40.0249 8652  [ 35ACC58E2C05CD2AACFB875DBF4BFDED ] C:\Windows\System32\nvsvcr.dll
16:46:40.0249 8652  C:\Windows\System32\nvsvcr.dll - ok
16:46:40.0249 8652  [ B9DFDDCD276872A0A71A3A6081FE3019 ] C:\Windows\SysWOW64\user32.dll
16:46:40.0249 8652  C:\Windows\SysWOW64\user32.dll - ok
16:46:40.0249 8652  [ 44F886F2595D02C41DE59C16F3B75E4D ] C:\Windows\System32\AppXDeploymentServer.dll
16:46:40.0249 8652  C:\Windows\System32\AppXDeploymentServer.dll - ok
16:46:40.0249 8652  [ 6A4DB71C85A33AC26CBFB4E39AB58554 ] C:\Windows\System32\FWPUCLNT.DLL
16:46:40.0249 8652  C:\Windows\System32\FWPUCLNT.DLL - ok
16:46:40.0249 8652  [ 6F5D9183D8500948FA9AB56F42961FB3 ] C:\Windows\System32\mobilenetworking.dll
16:46:40.0249 8652  C:\Windows\System32\mobilenetworking.dll - ok
16:46:40.0249 8652  [ 939AA47A32AFE2BC17EB39FB2ED1DDC2 ] C:\Windows\System32\winhttp.dll
16:46:40.0249 8652  C:\Windows\System32\winhttp.dll - ok
16:46:40.0258 8652  [ 2082DEBC3D014238033D19104BBE7CDE ] C:\Windows\SysWOW64\kernel.appcore.dll
16:46:40.0258 8652  C:\Windows\SysWOW64\kernel.appcore.dll - ok
16:46:40.0258 8652  [ 3B95B6837C936C4290D6CAA61D742B20 ] C:\Windows\SysWOW64\powrprof.dll
16:46:40.0258 8652  C:\Windows\SysWOW64\powrprof.dll - ok
16:46:40.0258 8652  [ 2545F5AA189DF907BC4A6E000E231A6D ] C:\Windows\SysWOW64\profapi.dll
16:46:40.0258 8652  C:\Windows\SysWOW64\profapi.dll - ok
16:46:40.0258 8652  [ D6CC8015FC848A5B11D0AC56032C4765 ] C:\Windows\SysWOW64\win32u.dll
16:46:40.0258 8652  C:\Windows\SysWOW64\win32u.dll - ok
16:46:40.0258 8652  [ FA0FEB89C14E42A6EBF5CD0D981817CD ] C:\Windows\System32\nvcpl.dll
16:46:40.0258 8652  C:\Windows\System32\nvcpl.dll - ok
16:46:40.0258 8652  [ BCD19EE9170E023FB80FB3E513E97447 ] C:\Windows\System32\Windows.UI.Logon.dll
16:46:40.0258 8652  C:\Windows\System32\Windows.UI.Logon.dll - ok
16:46:40.0268 8652  [ 947317BB01136296335E9D1182D791B7 ] C:\Windows\SysWOW64\fltLib.dll
16:46:40.0268 8652  C:\Windows\SysWOW64\fltLib.dll - ok
16:46:40.0268 8652  [ 76DB7B344F90A29A16CB6B7C67B87CF6 ] C:\Windows\System32\drivers\ndisuio.sys
16:46:40.0268 8652  C:\Windows\System32\drivers\ndisuio.sys - ok
16:46:40.0268 8652  [ D9423F2D21BBA1F25AA1C7B60A461B69 ] C:\Windows\System32\MrmCoreR.dll
16:46:40.0268 8652  C:\Windows\System32\MrmCoreR.dll - ok
16:46:40.0268 8652  [ 945E977B9C051476164C56CAC8E3D448 ] C:\Windows\System32\MrmDeploy.dll
16:46:40.0268 8652  C:\Windows\System32\MrmDeploy.dll - ok
16:46:40.0268 8652  [ 8407A7F9202C64ED49B242CDF86F8FB9 ] C:\Windows\System32\OnDemandConnRouteHelper.dll
16:46:40.0268 8652  C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
16:46:40.0268 8652  [ BA823FD3A53C71EDDCAEC6EC4807C0D0 ] C:\Windows\System32\wincorlib.dll
16:46:40.0268 8652  C:\Windows\System32\wincorlib.dll - ok
16:46:40.0279 8652  [ CD73D54BD6229A4B1BEF2D1E4659EBC0 ] C:\Windows\System32\BCP47Langs.dll
16:46:40.0279 8652  C:\Windows\System32\BCP47Langs.dll - ok
16:46:40.0279 8652  [ 7F2B2DF08014179D4C37BDB501E53253 ] C:\Windows\System32\HrtfApo.dll
16:46:40.0279 8652  C:\Windows\System32\HrtfApo.dll - ok
16:46:40.0279 8652  [ 31825AAB541E3BE148F222962B29A68D ] C:\Windows\System32\Windows.UI.dll
16:46:40.0279 8652  C:\Windows\System32\Windows.UI.dll - ok
16:46:40.0279 8652  [ 54833E28C61194B868782EFDC273218C ] C:\Windows\System32\Windows.UI.XamlHost.dll
16:46:40.0279 8652  C:\Windows\System32\Windows.UI.XamlHost.dll - ok
16:46:40.0279 8652  [ EF780C909F0071A45E2438EF274D3ABE ] C:\Windows\System32\cmintegrator.dll
16:46:40.0279 8652  C:\Windows\System32\cmintegrator.dll - ok
16:46:40.0279 8652  [ BE470361B0650AD5DD3DB4B124B1F510 ] C:\Windows\System32\dafupnp.dll
16:46:40.0279 8652  C:\Windows\System32\dafupnp.dll - ok
16:46:40.0289 8652  [ 11AEA2BBBDA9DDDD312940717A254FEF ] C:\Windows\System32\deviceassociation.dll
16:46:40.0289 8652  C:\Windows\System32\deviceassociation.dll - ok
16:46:40.0289 8652  [ BB1480586B5C174900A1051CEB2B462F ] C:\Windows\System32\InputHost.dll
16:46:40.0289 8652  C:\Windows\System32\InputHost.dll - ok
16:46:40.0289 8652  [ C3F1C6DE0F00BAB78BFC8A0D84734805 ] C:\Windows\System32\rasadhlp.dll
16:46:40.0289 8652  C:\Windows\System32\rasadhlp.dll - ok
16:46:40.0289 8652  [ D89D92A0CAEC527AB59E688AD90659F9 ] C:\Windows\System32\TextInputFramework.dll
16:46:40.0289 8652  C:\Windows\System32\TextInputFramework.dll - ok
16:46:40.0289 8652  [ B5A0CFDBB0BAA217C50928BA5CAFC517 ] C:\Windows\System32\wcmcsp.dll
16:46:40.0289 8652  C:\Windows\System32\wcmcsp.dll - ok
16:46:40.0289 8652  [ 4F0AC2316F3A39A1E762E9A98F9631BD ] C:\Windows\System32\BCP47mrm.dll
16:46:40.0289 8652  C:\Windows\System32\BCP47mrm.dll - ok
16:46:40.0299 8652  [ B96A51E96768A56180EF4934A8613E54 ] C:\Windows\System32\drivers\http.sys
16:46:40.0299 8652  C:\Windows\System32\drivers\http.sys - ok
16:46:40.0300 8652  [ EC58D3A7F0DABE62104AB16F1923F214 ] C:\Windows\System32\LanguageOverlayUtil.dll
16:46:40.0300 8652  C:\Windows\System32\LanguageOverlayUtil.dll - ok
16:46:40.0300 8652  [ 2490E373EC18869BA4FE435CFDE3ADEE ] C:\Windows\System32\wlansvc.dll
16:46:40.0300 8652  C:\Windows\System32\wlansvc.dll - ok
16:46:40.0300 8652  [ B2587EC1E362121908A9B0222395CE44 ] C:\Windows\System32\onex.dll
16:46:40.0300 8652  C:\Windows\System32\onex.dll - ok
16:46:40.0300 8652  [ 1BD2018FEEE37AF5C66FFE991DB56B48 ] C:\Windows\System32\wlanmsm.dll
16:46:40.0300 8652  C:\Windows\System32\wlanmsm.dll - ok
16:46:40.0300 8652  [ E648016EA3558D496CF9315171AEA742 ] C:\Windows\System32\eappprxy.dll
16:46:40.0300 8652  C:\Windows\System32\eappprxy.dll - ok
16:46:40.0300 8652  [ 1AEA66706573E8CCD6038369FE37F237 ] C:\Windows\System32\ssdpsrv.dll
16:46:40.0300 8652  C:\Windows\System32\ssdpsrv.dll - ok
16:46:40.0309 8652  [ 5CE75B4120BEB4C1CC2148A5C8E851D4 ] C:\Windows\System32\Windows.UI.Xaml.dll
16:46:40.0309 8652  C:\Windows\System32\Windows.UI.Xaml.dll - ok
16:46:40.0309 8652  [ 005783A3552A4F98E39D3E46102791A8 ] C:\Windows\System32\wlansec.dll
16:46:40.0309 8652  C:\Windows\System32\wlansec.dll - ok
16:46:40.0309 8652  [ CB14C46C0E9BE52EF849A0632684F553 ] C:\Windows\System32\wlansvcpal.dll
16:46:40.0309 8652  C:\Windows\System32\wlansvcpal.dll - ok
16:46:40.0309 8652  [ 85F903B98812FB03EB79200BD975729D ] C:\Windows\System32\msxml6.dll
16:46:40.0309 8652  C:\Windows\System32\msxml6.dll - ok
16:46:40.0309 8652  [ 617FBB060747EDED6B11A8F258A99F62 ] C:\Windows\System32\TetheringIeProvider.dll
16:46:40.0309 8652  C:\Windows\System32\TetheringIeProvider.dll - ok
16:46:40.0319 8652  [ 3455CD07D1FBF4AA63406C52A45DF5E3 ] C:\Windows\System32\WiFiDisplay.dll
16:46:40.0319 8652  C:\Windows\System32\WiFiDisplay.dll - ok
16:46:40.0319 8652  [ 867B26C9EC58411495457E987A5254A6 ] C:\Windows\System32\wlgpclnt.dll
16:46:40.0319 8652  C:\Windows\System32\wlgpclnt.dll - ok
16:46:40.0319 8652  [ FDD24E3DF8311B21320619C06AAC39AC ] C:\Windows\System32\wifinetworkmanager.dll
16:46:40.0319 8652  C:\Windows\System32\wifinetworkmanager.dll - ok
16:46:40.0319 8652  [ 40D301BCCDC61577268B35A596DFDD2B ] C:\Windows\System32\Windows.UI.Immersive.dll
16:46:40.0319 8652  C:\Windows\System32\Windows.UI.Immersive.dll - ok
16:46:40.0319 8652  [ 52ABD1BF5531508A9C20B44DDF840D85 ] C:\Windows\System32\wlanext.exe
16:46:40.0319 8652  C:\Windows\System32\wlanext.exe - ok
16:46:40.0328 8652  [ 59F72F3F3623B047E6F7C960F782A056 ] C:\Windows\System32\wlanhlp.dll
16:46:40.0328 8652  C:\Windows\System32\wlanhlp.dll - ok
16:46:40.0328 8652  [ E9DAE2C99E8A812ADE5C60B6DC198487 ] C:\Windows\System32\WlanRadioManager.dll
16:46:40.0328 8652  C:\Windows\System32\WlanRadioManager.dll - ok
16:46:40.0328 8652  [ EA777DEEA782E8B4D7C7C33BBF8A4496 ] C:\Windows\System32\conhost.exe
16:46:40.0328 8652  C:\Windows\System32\conhost.exe - ok
16:46:40.0328 8652  [ 3799A9DFB162D9AAD6AC12CB8185FD19 ] C:\Windows\System32\drivers\condrv.sys
16:46:40.0328 8652  C:\Windows\System32\drivers\condrv.sys - ok
16:46:40.0328 8652  [ 63B104867F70F0D81125C37989146960 ] C:\Windows\System32\shsvcs.dll
16:46:40.0328 8652  C:\Windows\System32\shsvcs.dll - ok
16:46:40.0328 8652  [ C3E324C9D0BFA801CC7249A7DCA81FA3 ] C:\Windows\System32\wwapi.dll
16:46:40.0328 8652  C:\Windows\System32\wwapi.dll - ok
16:46:40.0328 8652  [ EDA0770FABB2A27615485BFF07D4E109 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:46:40.0328 8652  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
16:46:40.0338 8652  [ 3A9DB444B68841A161824FE50D6D36E9 ] C:\Windows\System32\fveapi.dll
16:46:40.0338 8652  C:\Windows\System32\fveapi.dll - ok
16:46:40.0338 8652  [ FF025428FAA9480399A6421B3B71F940 ] C:\Windows\System32\tetheringclient.dll
16:46:40.0338 8652  C:\Windows\System32\tetheringclient.dll - ok
16:46:40.0338 8652  [ A978AE7D6F84B07661AF30CB66E6EECE ] C:\Windows\SysWOW64\apphelp.dll
16:46:40.0338 8652  C:\Windows\SysWOW64\apphelp.dll - ok
16:46:40.0338 8652  [ 215239F1D4D6F86D2CE9AD10FEBA9E75 ] C:\Windows\System32\bcmihvsrv64.dll
16:46:40.0338 8652  C:\Windows\System32\bcmihvsrv64.dll - ok
16:46:40.0338 8652  [ 64BD34257E8A18248E792A603322CD39 ] C:\Windows\System32\CellularAPI.dll
16:46:40.0338 8652  C:\Windows\System32\CellularAPI.dll - ok
16:46:40.0338 8652  [ 6CF1D7746AFF7809724ADDCAA6E557DE ] C:\Windows\System32\rilproxy.dll
16:46:40.0338 8652  C:\Windows\System32\rilproxy.dll - ok
16:46:40.0349 8652  [ 5883B08552A41333DE31E4EC49DDD00D ] C:\Windows\SysWOW64\AcGenral.dll
16:46:40.0349 8652  C:\Windows\SysWOW64\AcGenral.dll - ok
16:46:40.0349 8652  [ A96774B27136CAEF9334E0F78DA32ECF ] C:\Windows\System32\DWrite.dll
16:46:40.0349 8652  C:\Windows\System32\DWrite.dll - ok
16:46:40.0349 8652  [ F85CA911911F140B5782169842C330F6 ] C:\Windows\System32\netwphelper.dll
16:46:40.0349 8652  C:\Windows\System32\netwphelper.dll - ok
16:46:40.0353 8652  [ FFCD0F8D336C24C77A08D58523225C46 ] C:\Windows\SysWOW64\ole32.dll
16:46:40.0353 8652  C:\Windows\SysWOW64\ole32.dll - ok
16:46:40.0353 8652  [ C3650B62A92649DFA098C90A7482AE27 ] C:\Windows\System32\ProximityService.dll
16:46:40.0353 8652  C:\Windows\System32\ProximityService.dll - ok
16:46:40.0353 8652  [ 8C14A038DBDA375802483A2D4711BC62 ] C:\Windows\SysWOW64\oleaut32.dll
16:46:40.0353 8652  C:\Windows\SysWOW64\oleaut32.dll - ok
16:46:40.0353 8652  [ CA3917F77E312CCE7ADA3F5F811E3CE6 ] C:\Windows\System32\ProximityCommon.dll
16:46:40.0353 8652  C:\Windows\System32\ProximityCommon.dll - ok
16:46:40.0359 8652  [ 088B70FB1C35BE0B8720D2C07EA71B7D ] C:\Windows\System32\ProximityCommonPal.dll
16:46:40.0359 8652  C:\Windows\System32\ProximityCommonPal.dll - ok
16:46:40.0359 8652  [ 1C80E90FD6B691BDD39DDF3CFCA3A359 ] C:\Windows\System32\ProximityServicePal.dll
16:46:40.0359 8652  C:\Windows\System32\ProximityServicePal.dll - ok
16:46:40.0359 8652  [ FCD63D68603F544508CE9672C5491242 ] C:\Windows\SysWOW64\uxtheme.dll
16:46:40.0359 8652  C:\Windows\SysWOW64\uxtheme.dll - ok
16:46:40.0359 8652  [ 5FDE7FF6B11ECF0BE6D2A906B3A85A75 ] C:\Windows\SysWOW64\winmm.dll
16:46:40.0359 8652  C:\Windows\SysWOW64\winmm.dll - ok
16:46:40.0359 8652  [ 9D27DA2A615A37F3721D49C09059FF2A ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_88df21dd2faf7c49\msvcr80.dll
16:46:40.0359 8652  C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9445_none_88df21dd2faf7c49\msvcr80.dll - ok
16:46:40.0359 8652  [ 7CA76A35E0F66025BD2883EE8F9D83BA ] C:\Windows\System32\fundisc.dll
16:46:40.0359 8652  C:\Windows\System32\fundisc.dll - ok
16:46:40.0359 8652  [ D7440D448AB6794A68886BC642AB4CA8 ] C:\Windows\SysWOW64\dwmapi.dll
16:46:40.0359 8652  C:\Windows\SysWOW64\dwmapi.dll - ok
16:46:40.0368 8652  [ E017BFFD523AA4BC12ED8F2E8DFD4E0C ] C:\Windows\SysWOW64\msacm32.dll
16:46:40.0368 8652  C:\Windows\SysWOW64\msacm32.dll - ok
16:46:40.0368 8652  [ 9AA08681C9731F245806F7E1075807AA ] C:\Windows\SysWOW64\samcli.dll
16:46:40.0368 8652  C:\Windows\SysWOW64\samcli.dll - ok
16:46:40.0368 8652  [ 6963E2CBCFC44CE4A1812942671459F2 ] C:\Windows\SysWOW64\userenv.dll
16:46:40.0368 8652  C:\Windows\SysWOW64\userenv.dll - ok
16:46:40.0368 8652  [ B387B893C0FE2ACD4690ACAE73252DAC ] C:\Windows\SysWOW64\version.dll
16:46:40.0368 8652  C:\Windows\SysWOW64\version.dll - ok
16:46:40.0368 8652  [ 8DD954DDB4944587A5841BAC5383A722 ] C:\Windows\System32\atl.dll
16:46:40.0368 8652  C:\Windows\System32\atl.dll - ok
16:46:40.0368 8652  [ 4CC9B9FDAEACD9F5BD4C13AE55EE6146 ] C:\Windows\System32\fdPnp.dll
16:46:40.0368 8652  C:\Windows\System32\fdPnp.dll - ok
16:46:40.0368 8652  [ 6037E546770C43CE641A2C34DDF19F41 ] C:\Windows\System32\Windows.Globalization.dll
16:46:40.0368 8652  C:\Windows\System32\Windows.Globalization.dll - ok
16:46:40.0379 8652  [ 2112E3882124C31F9DCB181DAA553F46 ] C:\Windows\SysWOW64\urlmon.dll
16:46:40.0379 8652  C:\Windows\SysWOW64\urlmon.dll - ok
16:46:40.0379 8652  [ 0FEE0346C1AC8FBDFFA41F60EC2DCDD4 ] C:\Windows\System32\NetSetupShim.dll
16:46:40.0379 8652  C:\Windows\System32\NetSetupShim.dll - ok
16:46:40.0379 8652  [ 9924376C7D37ADE87AB8F4320E83A320 ] C:\Windows\SysWOW64\mpr.dll
16:46:40.0379 8652  C:\Windows\SysWOW64\mpr.dll - ok
16:46:40.0379 8652  [ B6DBA4EB73AD324A01FCF98D0573C410 ] C:\Windows\SysWOW64\winspool.drv
16:46:40.0379 8652  C:\Windows\SysWOW64\winspool.drv - ok
16:46:40.0379 8652  [ 4BD57B197339AF69C313FF410D5985C5 ] C:\Windows\System32\directmanipulation.dll
16:46:40.0379 8652  C:\Windows\System32\directmanipulation.dll - ok
16:46:40.0379 8652  [ 0D9CB4D2F147EC8AFA612B0EFF4EE874 ] C:\Windows\System32\NetSetupApi.dll
16:46:40.0379 8652  C:\Windows\System32\NetSetupApi.dll - ok
16:46:40.0379 8652  [ E81CE74F4C96FE32FACCB7A35A729509 ] C:\Windows\System32\NetSetupEngine.dll
16:46:40.0379 8652  C:\Windows\System32\NetSetupEngine.dll - ok
16:46:40.0389 8652  [ EF94E9BB044893F24E9E8B9591CAB547 ] C:\Windows\SysWOW64\iertutil.dll
16:46:40.0389 8652  C:\Windows\SysWOW64\iertutil.dll - ok
16:46:40.0389 8652  [ FB0BFBFA2327615AAD384370364D1CF1 ] C:\Windows\SysWOW64\winmmbase.dll
16:46:40.0389 8652  C:\Windows\SysWOW64\winmmbase.dll - ok
16:46:40.0389 8652  [ A237D5C1E95631C1815904D473B188D1 ] C:\Windows\SysWOW64\propsys.dll
16:46:40.0389 8652  C:\Windows\SysWOW64\propsys.dll - ok
16:46:40.0389 8652  [ 431E09A9087927948E724D05E551C96F ] C:\Windows\System32\FontGlyphAnimator.dll
16:46:40.0389 8652  C:\Windows\System32\FontGlyphAnimator.dll - ok
16:46:40.0389 8652  [ 0E6AAEA276D7B02879628E0B4F9856D4 ] C:\Windows\SysWOW64\bcrypt.dll
16:46:40.0389 8652  C:\Windows\SysWOW64\bcrypt.dll - ok
16:46:40.0398 8652  [ 485225B827F67B6A1CF041EFE154C530 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
16:46:40.0398 8652  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
16:46:40.0398 8652  [ 5468C2FE6AC9362EF35D140242DE63E1 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
16:46:40.0398 8652  C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
16:46:40.0400 8652  [ 291C4B86E9842A28CDE53B31F3C6FBE4 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
16:46:40.0400 8652  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
16:46:40.0400 8652  [ 527953887ED57F014D235ACC21AB4D1A ] C:\Windows\System32\CredProvDataModel.dll
16:46:40.0400 8652  C:\Windows\System32\CredProvDataModel.dll - ok
16:46:40.0400 8652  [ C8B1AF912319FEF251288BDD27E9576D ] C:\Windows\System32\NetSetupSvc.dll
16:46:40.0400 8652  C:\Windows\System32\NetSetupSvc.dll - ok
16:46:40.0400 8652  [ EEB929FAC4F71E3708708F44B965B9D8 ] C:\Windows\System32\threadpoolwinrt.dll
16:46:40.0400 8652  C:\Windows\System32\threadpoolwinrt.dll - ok
16:46:40.0400 8652  [ 2661737ED102D8C5FE8659201F6E119F ] C:\Windows\SysWOW64\psapi.dll
16:46:40.0400 8652  C:\Windows\SysWOW64\psapi.dll - ok
16:46:40.0408 8652  [ A6E323B01C41612CFD2665393DA29EF2 ] C:\Windows\SysWOW64\ws2_32.dll
16:46:40.0408 8652  C:\Windows\SysWOW64\ws2_32.dll - ok
16:46:40.0408 8652  [ 109F0F02FD37C84BFC7508D4227D7ED5 ] C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\msvcp140.dll
16:46:40.0408 8652  C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\msvcp140.dll - ok
16:46:40.0408 8652  [ C9AF5A71227712AD2B349C58F0365A7F ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
16:46:40.0408 8652  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
16:46:40.0408 8652  [ A31E389A9006D17C55334262D9DF3496 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
16:46:40.0408 8652  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
16:46:40.0408 8652  [ B02AC5FAB69A46500166D0BA2698B6E5 ] C:\Windows\System32\AuthExt.dll
16:46:40.0408 8652  C:\Windows\System32\AuthExt.dll - ok
16:46:40.0408 8652  [ 7587BF9CB4147022CD5681B015183046 ] C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\vcruntime140.dll
16:46:40.0408 8652  C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\vcruntime140.dll - ok
16:46:40.0408 8652  [ 6B1CB067E9EE4E2A2C65737A9ABD0B31 ] C:\Windows\SysWOW64\crypt32.dll
16:46:40.0408 8652  C:\Windows\SysWOW64\crypt32.dll - ok
16:46:40.0408 8652  [ FAE7A7AE1F939FCECA20F074A23CA929 ] C:\Windows\SysWOW64\msasn1.dll
16:46:40.0408 8652  C:\Windows\SysWOW64\msasn1.dll - ok
16:46:40.0419 8652  [ 1D7A5C72E879B525A59E74B65FD622D1 ] C:\Windows\SysWOW64\wintrust.dll
16:46:40.0419 8652  C:\Windows\SysWOW64\wintrust.dll - ok
16:46:40.0419 8652  [ 9D733EB540B37A0CFFDB0466FCCC3FDF ] C:\Windows\SysWOW64\wsock32.dll
16:46:40.0419 8652  C:\Windows\SysWOW64\wsock32.dll - ok
16:46:40.0419 8652  [ E126BEC0975A6B31BFED8AD8EB09C0A5 ] C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll
16:46:40.0419 8652  C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll - ok
16:46:40.0419 8652  [ B5587568475336D11242FE9C9FE77462 ] C:\Program Files\AVAST Software\Avast\libssl-1_1.dll
16:46:40.0419 8652  C:\Program Files\AVAST Software\Avast\libssl-1_1.dll - ok
16:46:40.0419 8652  [ BACA683669D71E301235280BAD8D898C ] C:\Windows\System32\credprovhost.dll
16:46:40.0419 8652  C:\Windows\System32\credprovhost.dll - ok
16:46:40.0419 8652  [ 4559B8B000FFA56761D39F4ED4F5618D ] C:\Windows\System32\ImplatSetup.dll
16:46:40.0419 8652  C:\Windows\System32\ImplatSetup.dll - ok
16:46:40.0419 8652  [ BC7BE1DD76E2D30FE97D9DD17CFC80FE ] C:\Windows\System32\NetworkStatus.dll
16:46:40.0419 8652  C:\Windows\System32\NetworkStatus.dll - ok
16:46:40.0429 8652  [ 81D4AA01B549F492E59447C7AE203AC9 ] C:\Windows\SysWOW64\setupapi.dll
16:46:40.0429 8652  C:\Windows\SysWOW64\setupapi.dll - ok
16:46:40.0429 8652  [ 463A426DA94FC2418A713CEEBB799E22 ] C:\Program Files (x86)\Google\Update\1.3.33.17\goopdate.dll
16:46:40.0429 8652  C:\Program Files (x86)\Google\Update\1.3.33.17\goopdate.dll - ok
16:46:40.0429 8652  [ 7C481943E5D8BFA757EAD3410AF01EC9 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
16:46:40.0429 8652  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
16:46:40.0429 8652  [ 35DF520717C51A958647A8205C00E23A ] C:\Program Files\AVAST Software\Avast\CommChannel.dll
16:46:40.0429 8652  C:\Program Files\AVAST Software\Avast\CommChannel.dll - ok
16:46:40.0429 8652  [ 3A64BD77C5BD6F5CCE16CDC33194A4D1 ] C:\Windows\System32\credprovs.dll
16:46:40.0429 8652  C:\Windows\System32\credprovs.dll - ok
16:46:40.0429 8652  [ B464F5143B51286295A023B9D510C389 ] C:\Windows\System32\credprovslegacy.dll
16:46:40.0429 8652  C:\Windows\System32\credprovslegacy.dll - ok
16:46:40.0429 8652  [ B1553ED69BEE8E271FA0A310893B206C ] C:\Program Files\AVAST Software\Avast\aswIP.dll
16:46:40.0429 8652  C:\Program Files\AVAST Software\Avast\aswIP.dll - ok
16:46:40.0429 8652  [ E872B12F98EB9AF020DEA2ED011C48CC ] C:\Windows\SysWOW64\wininet.dll
16:46:40.0429 8652  C:\Windows\SysWOW64\wininet.dll - ok
16:46:40.0439 8652  [ 17A1600707251AE5B26A27FED81B83A4 ] C:\Program Files\AVAST Software\Avast\module_lifetime.dll
16:46:40.0439 8652  C:\Program Files\AVAST Software\Avast\module_lifetime.dll - ok
16:46:40.0439 8652  [ 8B5AAA84E1BB8B7B81451A4A11226C6A ] C:\Windows\System32\facecredentialprovider.dll
16:46:40.0439 8652  C:\Windows\System32\facecredentialprovider.dll - ok
16:46:40.0439 8652  [ B307495CF3C09803006DC205EA7AD4E5 ] C:\Windows\SysWOW64\netapi32.dll
16:46:40.0439 8652  C:\Windows\SysWOW64\netapi32.dll - ok
16:46:40.0439 8652  [ 7861035446B780E63685E6C6A68BDE9B ] C:\Windows\SysWOW64\winhttp.dll
16:46:40.0439 8652  C:\Windows\SysWOW64\winhttp.dll - ok
16:46:40.0439 8652  [ 589A907B52A654CD6FAE280B1BF4B19E ] C:\Windows\SysWOW64\wtsapi32.dll
16:46:40.0439 8652  C:\Windows\SysWOW64\wtsapi32.dll - ok
16:46:40.0439 8652  [ 93A23D624D22A4CCA8A981A9F94CB7F8 ] C:\Windows\System32\Windows.Devices.Enumeration.dll
16:46:40.0439 8652  C:\Windows\System32\Windows.Devices.Enumeration.dll - ok
16:46:40.0448 8652  [ BE663A3C8E4F3ED2E8404A808614BCE3 ] C:\Windows\SysWOW64\dnsapi.dll
16:46:40.0448 8652  C:\Windows\SysWOW64\dnsapi.dll - ok
16:46:40.0448 8652  [ 35F4198433E8C0852177D4412269ACCA ] C:\Windows\SysWOW64\msi.dll
16:46:40.0448 8652  C:\Windows\SysWOW64\msi.dll - ok
16:46:40.0448 8652  [ 7041B608BDA6AFC4E4B6E3A0A46799EE ] C:\Windows\SysWOW64\msimg32.dll
16:46:40.0448 8652  C:\Windows\SysWOW64\msimg32.dll - ok
16:46:40.0448 8652  [ 070922D5AF85A2C7C7F8B144C9886E85 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2\comctl32.dll
16:46:40.0448 8652  C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.165_none_42efcd1c44e192b2\comctl32.dll - ok
16:46:40.0448 8652  [ 52488276C0D10F361557C8855ADB9194 ] C:\Windows\System32\biwinrt.dll
16:46:40.0448 8652  C:\Windows\System32\biwinrt.dll - ok
16:46:40.0448 8652  [ 2437EF99A75785F69BF24E715499C9B8 ] C:\Windows\SysWOW64\nsi.dll
16:46:40.0448 8652  C:\Windows\SysWOW64\nsi.dll - ok
16:46:40.0458 8652  [ EBBE82FF8ED32F3A01818670BE84D975 ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:46:40.0458 8652  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:46:40.0458 8652  [ 0EFD11F60DB5CF3FEC86216BB6F163A8 ] C:\Windows\System32\PhotoMetadataHandler.dll
16:46:40.0458 8652  C:\Windows\System32\PhotoMetadataHandler.dll - ok
16:46:40.0458 8652  [ 5086A22F5BF60AF7D29B7EC5F1CB4900 ] C:\Windows\System32\StructuredQuery.dll
16:46:40.0458 8652  C:\Windows\System32\StructuredQuery.dll - ok
16:46:40.0458 8652  [ B211FC64FFC453D86FCD780952D52D55 ] C:\Windows\SysWOW64\netutils.dll
16:46:40.0458 8652  C:\Windows\SysWOW64\netutils.dll - ok
16:46:40.0458 8652  [ 8FD043F4FB9196A15279A737A43C0698 ] C:\Windows\SysWOW64\wkscli.dll
16:46:40.0458 8652  C:\Windows\SysWOW64\wkscli.dll - ok
16:46:40.0468 8652  [ 854BD5B157713C28607556EA007E02DA ] C:\Windows\System32\BioCredProv.dll
16:46:40.0468 8652  C:\Windows\System32\BioCredProv.dll - ok
16:46:40.0468 8652  [ 23ED1BC9D5015D937ED01B3F82BEBAA4 ] C:\Windows\System32\ngccredprov.dll
16:46:40.0468 8652  C:\Windows\System32\ngccredprov.dll - ok
16:46:40.0468 8652  [ 1588206F51C8E86183E374B8F32D8A2D ] C:\Windows\System32\ngckeyenum.dll
16:46:40.0468 8652  C:\Windows\System32\ngckeyenum.dll - ok
16:46:40.0468 8652  [ 2693B3E2BF3947895FF2793C15BFDE92 ] C:\Windows\System32\MSWB7.dll
16:46:40.0468 8652  C:\Windows\System32\MSWB7.dll - ok
16:46:40.0468 8652  [ 1AAC4F897D67A0771B9DF11B92836686 ] C:\Windows\System32\rasplap.dll
16:46:40.0468 8652  C:\Windows\System32\rasplap.dll - ok
16:46:40.0468 8652  [ BBC69094EDBC05D2B0CF6CF70A4F96F8 ] C:\Windows\System32\wlidcredprov.dll
16:46:40.0468 8652  C:\Windows\System32\wlidcredprov.dll - ok
16:46:40.0478 8652  [ BB402969C3F9E39DC9FF97384E4F4620 ] C:\Program Files\AVAST Software\Avast\dll_loader.dll
16:46:40.0478 8652  C:\Program Files\AVAST Software\Avast\dll_loader.dll - ok
16:46:40.0478 8652  [ 23022BABD77FC3CEE6B3F671C3165FDD ] C:\Program Files\AVAST Software\Avast\log.dll
16:46:40.0478 8652  C:\Program Files\AVAST Software\Avast\log.dll - ok
16:46:40.0478 8652  [ 7FAD43A44A93F41B6C927DF72BFE9E45 ] C:\Windows\System32\CredProv2faHelper.dll
16:46:40.0478 8652  C:\Windows\System32\CredProv2faHelper.dll - ok
16:46:40.0478 8652  [ A2671A64CF49A0FDF42CB53EE2F9F1E0 ] C:\Windows\System32\CredProvHelper.dll
16:46:40.0478 8652  C:\Windows\System32\CredProvHelper.dll - ok
16:46:40.0478 8652  [ 92A4F83DD00CAE45C7C2B8554084E48A ] C:\Windows\System32\rtutils.dll
16:46:40.0478 8652  C:\Windows\System32\rtutils.dll - ok
16:46:40.0489 8652  [ A76E626AA52C79ABB1DBED73FD908B31 ] C:\Windows\System32\DevDispItemProvider.dll
16:46:40.0489 8652  C:\Windows\System32\DevDispItemProvider.dll - ok
16:46:40.0489 8652  [ CFEE838BCB4565EB65D7726C8BD513A5 ] C:\Windows\System32\IDStore.dll
16:46:40.0489 8652  C:\Windows\System32\IDStore.dll - ok
16:46:40.0489 8652  [ 320C4E47055CBF8F5ECFCE01DC74931B ] C:\Windows\SysWOW64\cscapi.dll
16:46:40.0489 8652  C:\Windows\SysWOW64\cscapi.dll - ok
16:46:40.0489 8652  [ 85705CE0BAFDA7B53FC598D6772B73F8 ] C:\Windows\SysWOW64\dbghelp.dll
16:46:40.0489 8652  C:\Windows\SysWOW64\dbghelp.dll - ok
16:46:40.0489 8652  [ FBDF1A8218EB2AA3CE00031DCA342E72 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
16:46:40.0489 8652  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
16:46:40.0498 8652  [ 5FDDE45F6639233CA26D9FBDDB8A6EE2 ] C:\Windows\System32\winbio.dll
16:46:40.0498 8652  C:\Windows\System32\winbio.dll - ok
16:46:40.0500 8652  [ ADF6BEEFF889B1EE76B4A3266ED5CB31 ] C:\Windows\SysWOW64\dbgcore.dll
16:46:40.0500 8652  C:\Windows\SysWOW64\dbgcore.dll - ok
16:46:40.0500 8652  [ 82156EE8648916718166B5D0C9F52DE0 ] C:\Windows\SysWOW64\ntmarta.dll
16:46:40.0500 8652  C:\Windows\SysWOW64\ntmarta.dll - ok
16:46:40.0500 8652  [ 30A27BE9A217D9BCA5E668E15B00EDD4 ] C:\Windows\System32\Windows.Media.dll
16:46:40.0500 8652  C:\Windows\System32\Windows.Media.dll - ok
16:46:40.0500 8652  [ 431A59074E05421426B1D0269AB8A010 ] C:\Windows\SysWOW64\cryptsp.dll
16:46:40.0500 8652  C:\Windows\SysWOW64\cryptsp.dll - ok
16:46:40.0507 8652  [ D16F2B1F5C3DABE4D03FC5D56DD59439 ] C:\Windows\SysWOW64\rsaenh.dll
16:46:40.0507 8652  C:\Windows\SysWOW64\rsaenh.dll - ok
16:46:40.0507 8652  [ D84F570F91625229DB69EFB62D895E33 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
16:46:40.0507 8652  C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
16:46:40.0507 8652  [ 0CBC88DD2363BBC5E9B9CC1E8D3CD26D ] C:\Windows\System32\RTWorkQ.dll
16:46:40.0507 8652  C:\Windows\System32\RTWorkQ.dll - ok
16:46:40.0507 8652  [ 6358774D6F4C4DB5FF9EA2263B0EA0A2 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
16:46:40.0507 8652  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
16:46:40.0507 8652  [ 4BBBFA74B1C6C546632EF8D56039A7B5 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
16:46:40.0507 8652  C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
16:46:40.0507 8652  [ 609030FCD06DFE09052BA6FD6093E89C ] C:\Program Files\AVAST Software\Avast\ashTask.dll
16:46:40.0507 8652  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
16:46:40.0507 8652  [ EAAC2D3E07A4D0B1C8AF086CA747BF6F ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
16:46:40.0507 8652  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
16:46:40.0521 8652  [ 6D314F0E49BA9BAD87C86B9FA653A291 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
16:46:40.0521 8652  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
16:46:40.0521 8652  [ 3E804968E9E4FF74CF892756FAA861D2 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
16:46:40.0521 8652  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
16:46:40.0521 8652  [ DDBDE9F4D486FEAE11887C945C6F79BD ] C:\Program Files\AVAST Software\Avast\aswAux.dll
16:46:40.0521 8652  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
16:46:40.0521 8652  [ A7CCF6BE375B6321332B3B7A388E7DB9 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
16:46:40.0521 8652  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
16:46:40.0521 8652  [ DC043623081C32D07BF1B4A387C1DA06 ] C:\Program Files\AVAST Software\Avast\streamback.dll
16:46:40.0521 8652  C:\Program Files\AVAST Software\Avast\streamback.dll - ok
16:46:40.0528 8652  [ FAAF441132B7C82411323D985CA1C4C8 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
16:46:40.0528 8652  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
16:46:40.0528 8652  [ 9BB603424EAF2D2B6987ED98064C2D78 ] C:\Windows\SysWOW64\SensApi.dll
16:46:40.0528 8652  C:\Windows\SysWOW64\SensApi.dll - ok
16:46:40.0528 8652  [ 2EE309AA40B42A3031705F054FB856B8 ] C:\Windows\SysWOW64\srvcli.dll
16:46:40.0528 8652  C:\Windows\SysWOW64\srvcli.dll - ok
16:46:40.0528 8652  [ 96F4DA82031D2A050EFCEE15981F797C ] C:\Program Files\AVAST Software\Avast\event_routing.dll
16:46:40.0528 8652  C:\Program Files\AVAST Software\Avast\event_routing.dll - ok
16:46:40.0528 8652  [ C05A19A38D7D203B738771FD1854656F ] C:\Windows\System32\spoolsv.exe
16:46:40.0528 8652  C:\Windows\System32\spoolsv.exe - ok
16:46:40.0539 8652  [ 0B9B6D7A2F31FBD63301D19B1B08238E ] C:\Windows\System32\BFE.DLL
16:46:40.0539 8652  C:\Windows\System32\BFE.DLL - ok
16:46:40.0539 8652  [ 00C33AC3096BB64BACD5554A55025F8F ] C:\Windows\System32\drivers\bowser.sys
16:46:40.0539 8652  C:\Windows\System32\drivers\bowser.sys - ok
16:46:40.0539 8652  [ BF86023E0B240159AC07BE57C4FD6AF6 ] C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
16:46:40.0539 8652  C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll - ok
16:46:40.0539 8652  [ E2D76E92B35C1ACAD22F36BCC0D7E019 ] C:\Program Files\AVAST Software\Avast\tasks_core.dll
16:46:40.0539 8652  C:\Program Files\AVAST Software\Avast\tasks_core.dll - ok
16:46:40.0539 8652  [ D78D87D9F0F6A0BB96A712DB3CD47440 ] C:\Windows\System32\drivers\mpsdrv.sys
16:46:40.0539 8652  C:\Windows\System32\drivers\mpsdrv.sys - ok
16:46:40.0549 8652  [ 3C0FA2ED75875481D00F3D77B1A3E336 ] C:\Windows\System32\drivers\mrxsmb.sys
16:46:40.0549 8652  C:\Windows\System32\drivers\mrxsmb.sys - ok
16:46:40.0549 8652  [ A0694EC4374B351252C653300EDBDFC1 ] C:\Program Files\AVAST Software\Avast\process_monitor.dll
16:46:40.0549 8652  C:\Program Files\AVAST Software\Avast\process_monitor.dll - ok
16:46:40.0549 8652  [ 42FE3D84EFE835443151DC2A50D05643 ] C:\Windows\System32\drivers\mrxsmb20.sys
16:46:40.0549 8652  C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:46:40.0553 8652  [ 514E8BD07F42D95667F54777D57403D0 ] C:\Windows\System32\wkssvc.dll
16:46:40.0553 8652  C:\Windows\System32\wkssvc.dll - ok
16:46:40.0553 8652  [ 0A12FE22E0578E7DB1FA189DC8EA85D7 ] C:\Windows\SysWOW64\winsta.dll
16:46:40.0553 8652  C:\Windows\SysWOW64\winsta.dll - ok
16:46:40.0553 8652  [ 50A00F077BC785E6B8B6A5754C17BA08 ] C:\Program Files\AVAST Software\Avast\event_manager.dll
16:46:40.0553 8652  C:\Program Files\AVAST Software\Avast\event_manager.dll - ok
16:46:40.0559 8652  [ B2C3F329C1D5C6118E5AC3B7AB1EE1D5 ] C:\Windows\System32\dsparse.dll
16:46:40.0559 8652  C:\Windows\System32\dsparse.dll - ok
16:46:40.0559 8652  [ F0B5317A745A4908AE29E05FE3E67B90 ] C:\Program Files\AVAST Software\Avast\event_manager_burger.dll
16:46:40.0559 8652  C:\Program Files\AVAST Software\Avast\event_manager_burger.dll - ok
16:46:40.0559 8652  [ 9C7CE5CF0CDB6F41FDB96EF03754D283 ] C:\Windows\System32\MPSSVC.dll
16:46:40.0559 8652  C:\Windows\System32\MPSSVC.dll - ok
16:46:40.0559 8652  [ C9EA65E04B910588BDADC1CD0D54C7E8 ] C:\Program Files\AVAST Software\Avast\burger_client.dll
16:46:40.0559 8652  C:\Program Files\AVAST Software\Avast\burger_client.dll - ok
16:46:40.0559 8652  [ C177DDE4136173B333A6A51C6252BEB8 ] C:\Windows\System32\fwpolicyiomgr.dll
16:46:40.0559 8652  C:\Windows\System32\fwpolicyiomgr.dll - ok
16:46:40.0559 8652  [ A56E8B4CA8536C10EB5784386EC906BF ] C:\Program Files\AVAST Software\Avast\event_manager_ga.dll
16:46:40.0559 8652  C:\Program Files\AVAST Software\Avast\event_manager_ga.dll - ok
16:46:40.0569 8652  [ F913C6A333EB248959BDA57CF92B875A ] C:\Program Files\AVAST Software\Avast\network_notifications.dll
16:46:40.0569 8652  C:\Program Files\AVAST Software\Avast\network_notifications.dll - ok
16:46:40.0569 8652  [ 1EC5678915A83C9EC6FC6F6D2BFCD462 ] C:\Program Files\AVAST Software\Avast\event_manager_er.dll
16:46:40.0569 8652  C:\Program Files\AVAST Software\Avast\event_manager_er.dll - ok
16:46:40.0569 8652  [ 379A89DEA63825C59FC629F4B1CC8067 ] C:\Windows\SysWOW64\winnsi.dll
16:46:40.0569 8652  C:\Windows\SysWOW64\winnsi.dll - ok
16:46:40.0569 8652  [ C8E8255500497724CF323F070ACCF6E5 ] C:\Program Files\AVAST Software\Avast\lim.dll
16:46:40.0569 8652  C:\Program Files\AVAST Software\Avast\lim.dll - ok
16:46:40.0569 8652  [ 06BD67C7610C107E738CF62C82EDBB93 ] C:\Windows\System32\adhapi.dll
16:46:40.0569 8652  C:\Windows\System32\adhapi.dll - ok
16:46:40.0579 8652  [ EB4D7C9354CB88DE4B085EA3EEA5BC76 ] C:\Windows\System32\drivers\mmcss.sys
16:46:40.0579 8652  C:\Windows\System32\drivers\mmcss.sys - ok
16:46:40.0579 8652  [ 0E3B0F3645D1BAE79397C66FE8AF6402 ] C:\Windows\System32\drivers\Ndu.sys
16:46:40.0579 8652  C:\Windows\System32\drivers\Ndu.sys - ok
16:46:40.0579 8652  [ ED9D315068F2576046BC76D7CA91F29E ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswEngin.dll
16:46:40.0579 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswEngin.dll - ok
16:46:40.0579 8652  [ 462DFF3DDB80510DD9282C6CD2437F33 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe
16:46:40.0579 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsorsp64.exe - ok
16:46:40.0579 8652  [ DB472E3377770B0D54BFFE8866081803 ] C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
16:46:40.0579 8652  C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe - ok
16:46:40.0579 8652  [ 004D1CF0250B5635C572DDEC489E3709 ] C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
16:46:40.0579 8652  C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe - ok
16:46:40.0589 8652  [ 085F8A5F09E64CC27309AF160EF4F9BA ] C:\Windows\System32\drivers\tcpipreg.sys
16:46:40.0589 8652  C:\Windows\System32\drivers\tcpipreg.sys - ok
16:46:40.0589 8652  [ 6C6073B45D65887A6035F1A8D073274A ] C:\Windows\System32\cryptsvc.dll
16:46:40.0589 8652  C:\Windows\System32\cryptsvc.dll - ok
16:46:40.0589 8652  [ 93DF24D0C33F2894429D4180145CBDA7 ] C:\Windows\System32\drivers\srvnet.sys
16:46:40.0589 8652  C:\Windows\System32\drivers\srvnet.sys - ok
16:46:40.0589 8652  [ 927AEFF824C08AD5E22BB27E4A1D50AA ] C:\Windows\System32\SecurityHealthService.exe
16:46:40.0589 8652  C:\Windows\System32\SecurityHealthService.exe - ok
16:46:40.0589 8652  [ EAB24B20D777A1CE0B7BF22AF7B2E8C8 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswCmnIS.dll
16:46:40.0589 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswCmnIS.dll - ok
16:46:40.0589 8652  [ DA2F5F1385A23F34548B366E2535593D ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\orspplug64.dll
16:46:40.0589 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\orspplug64.dll - ok
16:46:40.0600 8652  [ 2D7F1C02B94D6F0F3E10107E5EA8E141 ] C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys
16:46:40.0600 8652  C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys - ok
16:46:40.0600 8652  [ D62EB723FCC62E2DCBCD03E675D4D625 ] C:\Windows\System32\crypttpmeksvc.dll
16:46:40.0600 8652  C:\Windows\System32\crypttpmeksvc.dll - ok
16:46:40.0600 8652  [ 5B1EF28DE7302A6BD5DF8459E2C598EF ] C:\Windows\System32\dps.dll
16:46:40.0600 8652  C:\Windows\System32\dps.dll - ok
16:46:40.0600 8652  [ E38C7C4D57B1438F70A1B913870E8665 ] C:\Windows\System32\tapisrv.dll
16:46:40.0600 8652  C:\Windows\System32\tapisrv.dll - ok
16:46:40.0600 8652  [ A5C0F857C38278A90E953A24E1701196 ] C:\Windows\System32\trkwks.dll
16:46:40.0600 8652  C:\Windows\System32\trkwks.dll - ok
16:46:40.0608 8652  [ 72D83880FEF0C788C5F305F330744208 ] C:\Windows\System32\wbem\WMIsvc.dll
16:46:40.0608 8652  C:\Windows\System32\wbem\WMIsvc.dll - ok
16:46:40.0608 8652  [ 506F0A1CCABF4428733CF854BCBB6832 ] C:\Windows\System32\wecsvc.dll
16:46:40.0608 8652  C:\Windows\System32\wecsvc.dll - ok
16:46:40.0608 8652  [ 069311D873521BB1071E75CC0F68F859 ] C:\Windows\System32\wfapigp.dll
16:46:40.0608 8652  C:\Windows\System32\wfapigp.dll - ok
16:46:40.0608 8652  [ EB2C25A3700309F3F67D9334CF33A36C ] C:\Windows\System32\wiaservc.dll
16:46:40.0608 8652  C:\Windows\System32\wiaservc.dll - ok
16:46:40.0608 8652  [ 096969606BB5C4822AB020081EA07FC5 ] C:\Windows\System32\wpnservice.dll
16:46:40.0608 8652  C:\Windows\System32\wpnservice.dll - ok
16:46:40.0608 8652  [ 8DB822F3C52DD8BC8D61DE54971A8576 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswCmnOS.dll
16:46:40.0608 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswCmnOS.dll - ok
16:46:40.0619 8652  [ 28BFA28C67570EC241B4883C6A6B43DD ] C:\Windows\System32\cryptcatsvc.dll
16:46:40.0619 8652  C:\Windows\System32\cryptcatsvc.dll - ok
16:46:40.0619 8652  [ E74FCFD1499A4F816A99D35E297CCE63 ] C:\Windows\System32\diagtrack.dll
16:46:40.0619 8652  C:\Windows\System32\diagtrack.dll - ok
16:46:40.0623 8652  [ 42B12A76D3C98AE69C97727E3BEC7D8A ] C:\Windows\System32\drivers\PEAuth.sys
16:46:40.0623 8652  C:\Windows\System32\drivers\PEAuth.sys - ok
16:46:40.0623 8652  [ AF7651B5DF1A5B27043D0EAB8D9D40A1 ] C:\Windows\System32\TpmCoreProvisioning.dll
16:46:40.0623 8652  C:\Windows\System32\TpmCoreProvisioning.dll - ok
16:46:40.0623 8652  [ F7E40FF0226C392D71BBA09EEE138C30 ] C:\Windows\System32\vbsapi.dll
16:46:40.0623 8652  C:\Windows\System32\vbsapi.dll - ok
16:46:40.0629 8652  [ 0EE6715BBCE057A560AD4014DD8A3930 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\spapi64.dll
16:46:40.0629 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\spapi64.dll - ok
16:46:40.0629 8652  [ 4E39D428308147A2F092319FB12393F3 ] C:\Windows\System32\netapi32.dll
16:46:40.0629 8652  C:\Windows\System32\netapi32.dll - ok
16:46:40.0629 8652  [ C7DF51E24DD853E7E2D3C0BCDCE57D6C ] C:\Windows\System32\sstpsvc.dll
16:46:40.0629 8652  C:\Windows\System32\sstpsvc.dll - ok
16:46:40.0629 8652  [ C0DC631907683E15443B288FC9EFE9BB ] C:\Windows\System32\wbemcomn.dll
16:46:40.0629 8652  C:\Windows\System32\wbemcomn.dll - ok
16:46:40.0629 8652  [ E9D3D9822D755C1087B56055B7CB9DAA ] C:\Windows\System32\webauthn.dll
16:46:40.0629 8652  C:\Windows\System32\webauthn.dll - ok
16:46:40.0638 8652  [ F68552D6DF27AE6A7E6D2A232D78018C ] C:\Windows\System32\wpncore.dll
16:46:40.0638 8652  C:\Windows\System32\wpncore.dll - ok
16:46:40.0638 8652  [ C57185CC62AA13E4F5A989D904CC9A16 ] C:\Windows\System32\WsmSvc.dll
16:46:40.0638 8652  C:\Windows\System32\WsmSvc.dll - ok
16:46:40.0638 8652  [ C9E96520473C01DF887CF9C32BE25F43 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswCmnBS.dll
16:46:40.0638 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswCmnBS.dll - ok
16:46:40.0638 8652  [ 91000301FE40E5D1E4819B0E3AC2B94E ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe
16:46:40.0638 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshoster64.exe - ok
16:46:40.0638 8652  [ E59589471F58AF1413B18A6817769B15 ] C:\Windows\System32\drivers\mrxsmb10.sys
16:46:40.0638 8652  C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:46:40.0649 8652  [ 067D1A81B4708CA97523709FDF57B728 ] C:\Windows\System32\wdi.dll
16:46:40.0649 8652  C:\Windows\System32\wdi.dll - ok
16:46:40.0649 8652  [ F3577BE1B7E03FDD2F2CF404517CD78E ] C:\Windows\System32\wiatrace.dll
16:46:40.0649 8652  C:\Windows\System32\wiatrace.dll - ok
16:46:40.0649 8652  [ 6A38D3EABE9CCBD24E2C3126559F33DC ] C:\Windows\System32\windowsperformancerecordercontrol.dll
16:46:40.0649 8652  C:\Windows\System32\windowsperformancerecordercontrol.dll - ok
16:46:40.0649 8652  [ 0E605B7F6C80B2A959C1B3ED72B1FFCA ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswScan.dll
16:46:40.0649 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswScan.dll - ok
16:46:40.0649 8652  [ 47D4C79436D546B732D01F4F8F3B657B ] C:\Windows\System32\cdp.dll
16:46:40.0649 8652  C:\Windows\System32\cdp.dll - ok
16:46:40.0649 8652  [ 3EB4023AC700182D84CB6761D3727394 ] C:\Windows\System32\drivers\srv2.sys
16:46:40.0649 8652  C:\Windows\System32\drivers\srv2.sys - ok
16:46:40.0659 8652  [ F3B98726D624C95B702E7CF080300FE2 ] C:\Windows\System32\httpapi.dll
16:46:40.0659 8652  C:\Windows\System32\httpapi.dll - ok
16:46:40.0659 8652  [ 737B7CC90900A0CC59E17D7FA43AF1E8 ] C:\Windows\System32\miutils.dll
16:46:40.0659 8652  C:\Windows\System32\miutils.dll - ok
16:46:40.0659 8652  [ 6F7EFFE4E96F15F73E888584215CAF6C ] C:\Windows\System32\pcwum.dll
16:46:40.0659 8652  C:\Windows\System32\pcwum.dll - ok
16:46:40.0659 8652  [ 84D17B43435877C9168A76FE414CFDE3 ] C:\Windows\System32\webio.dll
16:46:40.0659 8652  C:\Windows\System32\webio.dll - ok
16:46:40.0659 8652  [ 2CD0DB96D69B2010C582E68D23178C8B ] C:\Windows\System32\weretw.dll
16:46:40.0659 8652  C:\Windows\System32\weretw.dll - ok
16:46:40.0669 8652  [ AA1FC2A90BAA6E393EFD357F4003FD6B ] C:\Windows\System32\winsqlite3.dll
16:46:40.0669 8652  C:\Windows\System32\winsqlite3.dll - ok
16:46:40.0669 8652  [ 72A6CFCE50223434C0E1E676FE503651 ] C:\Program Files\Windows Defender\MpClient.dll
16:46:40.0669 8652  C:\Program Files\Windows Defender\MpClient.dll - ok
16:46:40.0669 8652  [ 71CC3C17874842710199FE1BC52CA827 ] C:\Windows\System32\mi.dll
16:46:40.0669 8652  C:\Windows\System32\mi.dll - ok
16:46:40.0669 8652  [ 874D450DFC718C1DCC747A1C044AA1FE ] C:\Windows\System32\vssapi.dll
16:46:40.0669 8652  C:\Windows\System32\vssapi.dll - ok
16:46:40.0669 8652  [ DDB2994DC32B50D622EFA2511799E75B ] C:\Windows\System32\wsdchngr.dll
16:46:40.0669 8652  C:\Windows\System32\wsdchngr.dll - ok
16:46:40.0669 8652  [ 415ED7196B1AE29345700F5B572468F7 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswRep.dll
16:46:40.0669 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswRep.dll - ok
16:46:40.0679 8652  [ 71928B5905034E884B327C6F34C48C42 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\CCFIPC64.dll
16:46:40.0679 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\CCFIPC64.dll - ok
16:46:40.0679 8652  [ 87B9BD1AE6FCFC9179143DABE947A128 ] C:\Windows\System32\srvcli.dll
16:46:40.0679 8652  C:\Windows\System32\srvcli.dll - ok
16:46:40.0679 8652  [ 6966753FF1D863499C64DBDF1FCE2E52 ] C:\Windows\System32\diagperf.dll
16:46:40.0679 8652  C:\Windows\System32\diagperf.dll - ok
16:46:40.0679 8652  [ ED80563D25C600CA00523D5ACD63F96F ] C:\Windows\System32\drivers\srv.sys
16:46:40.0679 8652  C:\Windows\System32\drivers\srv.sys - ok
16:46:40.0679 8652  [ 9064A49C03F1CED42EAC2B4636C87192 ] C:\Windows\System32\iphlpsvc.dll
16:46:40.0679 8652  C:\Windows\System32\iphlpsvc.dll - ok
16:46:40.0688 8652  [ 8DA2C8B6C75DC4588E5156D97B43F435 ] C:\Windows\System32\vsstrace.dll
16:46:40.0688 8652  C:\Windows\System32\vsstrace.dll - ok
16:46:40.0688 8652  [ 88A72EBE2CB9A7E6A8CA41D3C4B358A2 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswFiDb.dll
16:46:40.0688 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswFiDb.dll - ok
16:46:40.0688 8652  [ 137A212ADA263A03764E8E95C999000F ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsclm64.dll
16:46:40.0688 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fsclm64.dll - ok
16:46:40.0688 8652  [ 6C467362165C76A138779C7066041735 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\json_c64.dll
16:46:40.0688 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\json_c64.dll - ok
16:46:40.0688 8652  [ 59E5DD26035A7E707C5481E561357284 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\senddump_fshoster_plugin64.dll
16:46:40.0688 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\senddump_fshoster_plugin64.dll - ok
16:46:40.0700 8652  [ EE5D1D51FA74ECCE57CF2DB8F6A417D8 ] C:\Windows\System32\drivers\rassstp.sys
16:46:40.0700 8652  C:\Windows\System32\drivers\rassstp.sys - ok
16:46:40.0700 8652  [ A9695525E299115691726EDD66316C4F ] C:\Windows\System32\ReAgent.dll
16:46:40.0700 8652  C:\Windows\System32\ReAgent.dll - ok
16:46:40.0700 8652  [ 081D030BC669BDEDC68B8FE81A67E6A7 ] C:\Windows\System32\srvsvc.dll
16:46:40.0700 8652  C:\Windows\System32\srvsvc.dll - ok
16:46:40.0700 8652  [ F1A11BBE2BBBA91CF16B3DD3A816C362 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswArray.dll
16:46:40.0700 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswArray.dll - ok
16:46:40.0700 8652  [ B8C88BB0B5C56BC3B7739C453995EF30 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\gkhsm64.dll
16:46:40.0700 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\gkhsm64.dll - ok
16:46:40.0708 8652  [ 934E4A5CFD9CB891CD338052FA3467C6 ] C:\Windows\System32\drivers\ndproxy.sys
16:46:40.0708 8652  C:\Windows\System32\drivers\ndproxy.sys - ok
16:46:40.0708 8652  [ 416794EBFBCB9651C2D7E609462314EF ] C:\Windows\System32\httpprxm.dll
16:46:40.0708 8652  C:\Windows\System32\httpprxm.dll - ok
16:46:40.0708 8652  [ 397A5A9539A5D41D7616C4C28050FC6C ] C:\Windows\System32\perftrack.dll
16:46:40.0708 8652  C:\Windows\System32\perftrack.dll - ok
16:46:40.0708 8652  [ 74D8EE4493FE009498442726D529C4CD ] C:\Windows\System32\pnpts.dll
16:46:40.0708 8652  C:\Windows\System32\pnpts.dll - ok
16:46:40.0708 8652  [ A2B827C5081BA1E9D4C4CF66283D393C ] C:\Windows\System32\sscore.dll
16:46:40.0708 8652  C:\Windows\System32\sscore.dll - ok
16:46:40.0708 8652  [ 0836B94AD97E2B8588C68A867E525B36 ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswCleanerDLL.dll
16:46:40.0708 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswCleanerDLL.dll - ok
16:46:40.0719 8652  [ 44C8DE445E3ACC78BA0ED5069ACCE2DC ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\daas2_x64.dll
16:46:40.0719 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\daas2_x64.dll - ok
16:46:40.0719 8652  [ B240638117E664B2D0203356C13C129F ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\obusclient2_64.dll
16:46:40.0719 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\obusclient2_64.dll - ok
16:46:40.0719 8652  [ 6382E416CD8E6D09C25DD444E630EE5C ] C:\Windows\System32\adhsvc.dll
16:46:40.0719 8652  C:\Windows\System32\adhsvc.dll - ok
16:46:40.0719 8652  [ 9800F5182FF123E4725F48104F4805A4 ] C:\Windows\System32\sscoreext.dll
16:46:40.0719 8652  C:\Windows\System32\sscoreext.dll - ok
16:46:40.0719 8652  [ CBBFB04A63A120ECDD06CF65A9307537 ] C:\Windows\System32\wdscore.dll
16:46:40.0719 8652  C:\Windows\System32\wdscore.dll - ok
16:46:40.0719 8652  [ 9F4B436955863D0A2D113ADA2EC93C73 ] C:\Windows\System32\wmidcom.dll
16:46:40.0719 8652  C:\Windows\System32\wmidcom.dll - ok
16:46:40.0729 8652  [ CBB7D0BFCBA686699E1B42553BCC9A30 ] C:\Windows\System32\dbghelp.dll
16:46:40.0729 8652  C:\Windows\System32\dbghelp.dll - ok
16:46:40.0729 8652  [ 8D607E7E8A6793F281572B380937BCDF ] C:\Windows\System32\HNetCfgClient.dll
16:46:40.0729 8652  C:\Windows\System32\HNetCfgClient.dll - ok
16:46:40.0729 8652  [ 032D13E37743DA2559E586D5BBDCB895 ] C:\Windows\System32\rasmans.dll
16:46:40.0729 8652  C:\Windows\System32\rasmans.dll - ok
16:46:40.0729 8652  [ 2F8FA405BDD9925F4B37E87D165F7E23 ] C:\Windows\System32\resutils.dll
16:46:40.0729 8652  C:\Windows\System32\resutils.dll - ok
16:46:40.0729 8652  [ CDFC9C2FEFEB128BB8923CFD1C2842AA ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\hotfix_plugin.dll
16:46:40.0729 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\hotfix_plugin.dll - ok
16:46:40.0729 8652  [ 214379F5E40C4FBE65776BB5679DC3FD ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\orspapi64.dll
16:46:40.0729 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\orspapi64.dll - ok
16:46:40.0729 8652  [ 9C7EB48086D0FDD1FC3FBACBAFBFB3AC ] C:\Windows\System32\clusapi.dll
16:46:40.0729 8652  C:\Windows\System32\clusapi.dll - ok
16:46:40.0739 8652  [ 105CC28A40A0920368C0FB92008FF592 ] C:\Windows\System32\dbgcore.dll
16:46:40.0739 8652  C:\Windows\System32\dbgcore.dll - ok
16:46:40.0739 8652  [ E7FA370E9EEF345E80BC2BC410E591CA ] C:\Windows\System32\wbem\wbemprox.dll
16:46:40.0739 8652  C:\Windows\System32\wbem\wbemprox.dll - ok
16:46:40.0739 8652  [ FA99CE309B66586A0AA6EF9CFF7BC467 ] C:\Windows\System32\drivers\agilevpn.sys
16:46:40.0739 8652  C:\Windows\System32\drivers\agilevpn.sys - ok
16:46:40.0739 8652  [ 775ED7E51B58CF9EB415A1DBA540DACF ] C:\Windows\System32\drivers\rasl2tp.sys
16:46:40.0739 8652  C:\Windows\System32\drivers\rasl2tp.sys - ok
16:46:40.0739 8652  [ D3A717716546EC65E730133DC796AC17 ] C:\Windows\System32\wbem\wbemcore.dll
16:46:40.0739 8652  C:\Windows\System32\wbem\wbemcore.dll - ok
16:46:40.0748 8652  [ 616335A03E37AE39A1722F192A42CB24 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\hashlib_x64.dll
16:46:40.0748 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\hashlib_x64.dll - ok
16:46:40.0748 8652  [ E2433A620ABF4083157944E4692C500D ] C:\Windows\System32\drivers\raspppoe.sys
16:46:40.0748 8652  C:\Windows\System32\drivers\raspppoe.sys - ok
16:46:40.0748 8652  [ 1FB09FD846D5030B82EB345E9970A105 ] C:\Windows\System32\drivers\raspptp.sys
16:46:40.0748 8652  C:\Windows\System32\drivers\raspptp.sys - ok
16:46:40.0748 8652  [ 225F69152008527EAF2B8F44A48FB95E ] C:\Windows\System32\icmp.dll
16:46:40.0748 8652  C:\Windows\System32\icmp.dll - ok
16:46:40.0748 8652  [ 953123D024CB96A9CCE51EFB37936B54 ] C:\Windows\System32\newdev.dll
16:46:40.0748 8652  C:\Windows\System32\newdev.dll - ok
16:46:40.0748 8652  [ 7AA67C6F3649C1DDD962B25ED319E6B4 ] C:\Windows\System32\wbem\esscli.dll
16:46:40.0748 8652  C:\Windows\System32\wbem\esscli.dll - ok
16:46:40.0758 8652  [ 832652F16D7C8046BFE357EB895F9527 ] C:\Windows\System32\wbem\fastprox.dll
16:46:40.0758 8652  C:\Windows\System32\wbem\fastprox.dll - ok
16:46:40.0758 8652  [ 4C8BBD7EE829CE9BFB8E21134AC477E0 ] C:\Windows\System32\drivers\ndistapi.sys
16:46:40.0758 8652  C:\Windows\System32\drivers\ndistapi.sys - ok
16:46:40.0758 8652  [ DA9896F6ED9EAFDAC19177ADF99DD932 ] C:\Windows\System32\drivers\ndiswan.sys
16:46:40.0758 8652  C:\Windows\System32\drivers\ndiswan.sys - ok
16:46:40.0758 8652  [ 38C059F9CBEC83EBB6B25AB3498EDA46 ] C:\Windows\System32\secur32.dll
16:46:40.0758 8652  C:\Windows\System32\secur32.dll - ok
16:46:40.0758 8652  [ AA7BFFC213D9B6253C93A6630FCE47D1 ] C:\Windows\System32\wbem\repdrvfs.dll
16:46:40.0758 8652  C:\Windows\System32\wbem\repdrvfs.dll - ok
16:46:40.0758 8652  [ 4004199A7D48D8183E091C7EE69885C4 ] C:\Windows\System32\wbem\wbemsvc.dll
16:46:40.0758 8652  C:\Windows\System32\wbem\wbemsvc.dll - ok
16:46:40.0769 8652  [ B1C3EA01E2C4485A5C5BF61C0F194AED ] C:\Windows\System32\wbem\wmiutils.dll
16:46:40.0769 8652  C:\Windows\System32\wbem\wmiutils.dll - ok
16:46:40.0769 8652  [ 19B96AB680A63377A1FC2BAEE65ABE4C ] C:\Windows\System32\wcmapi.dll
16:46:40.0769 8652  C:\Windows\System32\wcmapi.dll - ok
16:46:40.0769 8652  [ B08AD6C8B4A9E101FBEA0B4674F2D133 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshive2.dll
16:46:40.0769 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fshive2.dll - ok
16:46:40.0769 8652  [ 7A050C1F6F266A9B11BA3C4482177222 ] C:\Windows\System32\rastapi.dll
16:46:40.0769 8652  C:\Windows\System32\rastapi.dll - ok
16:46:40.0769 8652  [ 815F4A7E8E8696F6C8749AFFC21E65A2 ] C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fs_win_store_app_api_64.dll
16:46:40.0769 8652  C:\Program Files\F-Secure\Ultralight\ulcore\1530012511\fs_win_store_app_api_64.dll - ok
16:46:40.0769 8652  [ E9DCF71B92D156FD1D67A279F98BB0E8 ] C:\Windows\System32\bcd.dll
16:46:40.0769 8652  C:\Windows\System32\bcd.dll - ok
16:46:40.0779 8652  [ 08BEB7851B4B8AA07325C23A657233F1 ] C:\Windows\System32\FlightSettings.dll
16:46:40.0779 8652  C:\Windows\System32\FlightSettings.dll - ok
16:46:40.0779 8652  [ F34F4BDE92A9742E2EAA0130EB732FFB ] C:\Windows\System32\tapi32.dll
16:46:40.0779 8652  C:\Windows\System32\tapi32.dll - ok
16:46:40.0779 8652  [ CF3BDEF6AD8748FFB6232396A1FCDECF ] C:\Program Files\F-Secure\Ultralight\hydra\1533653148\fsecr64.dll
16:46:40.0779 8652  C:\Program Files\F-Secure\Ultralight\hydra\1533653148\fsecr64.dll - ok
16:46:40.0779 8652  [ DA739E32C76BDFFF43CCB42BC651222D ] C:\Windows\System32\kmddsp.tsp
16:46:40.0779 8652  C:\Windows\System32\kmddsp.tsp - ok
16:46:40.0779 8652  [ 90605DAC8A11CCB89D1DE541AA22A54E ] C:\Windows\System32\unimdm.tsp
16:46:40.0779 8652  C:\Windows\System32\unimdm.tsp - ok
16:46:40.0789 8652  [ 7FCC0C72263D2D2759BE17CDF55A9BCD ] C:\Windows\System32\uniplat.dll
16:46:40.0789 8652  C:\Windows\System32\uniplat.dll - ok
16:46:40.0789 8652  [ 5288E38F46FB3BF3C471BD600530BF46 ] C:\Windows\System32\hidphone.tsp
16:46:40.0789 8652  C:\Windows\System32\hidphone.tsp - ok
16:46:40.0789 8652  [ 52B9EF0502CA9C698905557D36667EC1 ] C:\Windows\System32\rasppp.dll
16:46:40.0789 8652  C:\Windows\System32\rasppp.dll - ok
16:46:40.0789 8652  [ BE81E2538E2A3622E959AFFB26DC7458 ] C:\Windows\System32\wbem\WmiPrvSD.dll
16:46:40.0789 8652  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
16:46:40.0789 8652  [ 8D45C5047178DAE9D51B6E688FDC1A12 ] C:\Windows\System32\wshhyperv.dll
16:46:40.0789 8652  C:\Windows\System32\wshhyperv.dll - ok
16:46:40.0800 8652  [ 12C7A949DFCF7E8A03798049FD8F3D1F ] C:\Windows\System32\ncobjapi.dll
16:46:40.0800 8652  C:\Windows\System32\ncobjapi.dll - ok
16:46:40.0800 8652  [ 71A25F5901A58354EDA73A500FABA9FF ] C:\Windows\System32\msi.dll
16:46:40.0800 8652  C:\Windows\System32\msi.dll - ok
16:46:40.0800 8652  [ 085A8132CC89B6485AA439BB9F1F8D5C ] C:\Windows\System32\wbem\wbemess.dll
16:46:40.0800 8652  C:\Windows\System32\wbem\wbemess.dll - ok
16:46:40.0800 8652  [ DDC146A9B1492C6199003A9DDAA328F6 ] C:\Windows\System32\eappcfg.dll
16:46:40.0800 8652  C:\Windows\System32\eappcfg.dll - ok
16:46:40.0800 8652  [ C44D7591E9AFE7647A9843C8EA88E7CC ] C:\Windows\System32\rasapi32.dll
16:46:40.0800 8652  C:\Windows\System32\rasapi32.dll - ok
16:46:40.0808 8652  [ 46520EB27686E7A197CF6140BEEF4B3C ] C:\Windows\System32\rasman.dll
16:46:40.0808 8652  C:\Windows\System32\rasman.dll - ok
16:46:40.0808 8652  [ 6914E55EF126CF30A8E367EA89920607 ] C:\Windows\System32\vpnike.dll
16:46:40.0808 8652  C:\Windows\System32\vpnike.dll - ok
16:46:40.0808 8652  [ 86A479D423AC0466BF02DB6D3973676A ] C:\Windows\System32\srumsvc.dll
16:46:40.0808 8652  C:\Windows\System32\srumsvc.dll - ok
16:46:40.0808 8652  [ 8F0AE3AFC53B4E03C06E3208DF2CE51B ] C:\Windows\System32\esent.dll
16:46:40.0808 8652  C:\Windows\System32\esent.dll - ok
16:46:40.0808 8652  [ C5C0B1E82185E1BE0705B3BB07D83838 ] C:\Windows\System32\rascustom.dll
16:46:40.0808 8652  C:\Windows\System32\rascustom.dll - ok
16:46:40.0819 8652  [ 194BBDABC356D2B72B36B9E81F9A162D ] C:\Windows\System32\dmenrollengine.dll
16:46:40.0819 8652  C:\Windows\System32\dmenrollengine.dll - ok
16:46:40.0819 8652  [ 51965A8A1942214E64BE9DDD4EEB851E ] C:\Windows\System32\dmprocessxmlfiltered.dll
16:46:40.0819 8652  C:\Windows\System32\dmprocessxmlfiltered.dll - ok
16:46:40.0819 8652  [ BFCEDA228A45DEFD644F43DF7BE744C9 ] C:\Windows\System32\dmcmnutils.dll
16:46:40.0819 8652  C:\Windows\System32\dmcmnutils.dll - ok
16:46:40.0819 8652  [ A506AB7EDD0D2D0A128FEB479C506A14 ] C:\Windows\System32\NapiNSP.dll
16:46:40.0819 8652  C:\Windows\System32\NapiNSP.dll - ok
16:46:40.0819 8652  [ 7F4DD9D57803C32FD66391B1813F198E ] C:\Windows\System32\pnrpnsp.dll
16:46:40.0819 8652  C:\Windows\System32\pnrpnsp.dll - ok
16:46:40.0819 8652  [ DD5CF154F8CEF08889308A173A3471F6 ] C:\Windows\System32\raschap.dll
16:46:40.0819 8652  C:\Windows\System32\raschap.dll - ok
16:46:40.0829 8652  [ C59E990AFFEA710AA1F615AA0CD3F039 ] C:\Windows\System32\winrnr.dll
16:46:40.0829 8652  C:\Windows\System32\winrnr.dll - ok
16:46:40.0829 8652  [ 9345A5D3801ABE2909CB8CE8D6D90D79 ] C:\Windows\Temp\VPN_A90B\6B373776.dll
16:46:40.0829 8652  C:\Windows\Temp\VPN_A90B\6B373776.dll - ok
16:46:40.0829 8652  [ D43624970ADD4BAA672C87262FDD72E8 ] C:\Windows\System32\aepic.dll
16:46:40.0829 8652  C:\Windows\System32\aepic.dll - ok
16:46:40.0829 8652  [ 44608C6B9F3F9A1D1999BA6C0E6B607E ] C:\Windows\System32\eeprov.dll
16:46:40.0829 8652  C:\Windows\System32\eeprov.dll - ok
16:46:40.0829 8652  [ D25B1D4B056E58EE41CBDDC49E022D5F ] C:\Windows\System32\vfuprov.dll
16:46:40.0829 8652  C:\Windows\System32\vfuprov.dll - ok
16:46:40.0829 8652  [ EAB60E9DB5F0F386B7AE07825EE92E4D ] C:\Windows\System32\nduprov.dll
16:46:40.0829 8652  C:\Windows\System32\nduprov.dll - ok
16:46:40.0839 8652  [ 6E079D1066CE9DC03AB6BAF7248A4123 ] C:\Windows\System32\wpnsruprov.dll
16:46:40.0839 8652  C:\Windows\System32\wpnsruprov.dll - ok
16:46:40.0839 8652  [ 1660DB85A75ECA03CE02C79A08C77CBB ] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll
16:46:40.0839 8652  C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll - ok
16:46:40.0839 8652  [ 4C3500B48270ADEC9D5AE70A7E36AF30 ] C:\Windows\System32\appsruprov.dll
16:46:40.0839 8652  C:\Windows\System32\appsruprov.dll - ok
16:46:40.0839 8652  [ E0696CCBA40A07F4CBF9615B45A76847 ] C:\Windows\System32\energyprov.dll
16:46:40.0839 8652  C:\Windows\System32\energyprov.dll - ok
16:46:40.0839 8652  [ 9F070304EF7DFEEFFDB0326DE0E59CF5 ] C:\Windows\System32\ncuprov.dll
16:46:40.0839 8652  C:\Windows\System32\ncuprov.dll - ok
16:46:40.0849 8652  [ 6165ED5421397EE2A2274C6E39730584 ] C:\Windows\System32\srumapi.dll
16:46:40.0849 8652  C:\Windows\System32\srumapi.dll - ok
16:46:40.0849 8652  [ AC97AF2DFB08AA1E07F112623D78FD95 ] C:\Program Files\AVAST Software\Avast\defs\18081704\algo.dll
16:46:40.0849 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\algo.dll - ok
16:46:40.0849 8652  [ 3FFCE61C7397B5D684A4A41B2E46D1B5 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
16:46:40.0849 8652  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
16:46:40.0849 8652  [ 1729BA2390E80053F3088E3E70304584 ] C:\Windows\SysWOW64\secur32.dll
16:46:40.0849 8652  C:\Windows\SysWOW64\secur32.dll - ok
16:46:40.0849 8652  [ EEDBF203A3B2414748AE2851795AA44A ] C:\Windows\SysWOW64\dhcpcsvc.dll
16:46:40.0849 8652  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
16:46:40.0849 8652  [ 76AA70B69DD491FE0265A446DC7145F7 ] C:\Program Files\AVAST Software\Avast\aswpsicx.dll
16:46:40.0849 8652  C:\Program Files\AVAST Software\Avast\aswpsicx.dll - ok
16:46:40.0859 8652  [ DDC06FFB9CC51761F1619CB8BB5B69F4 ] C:\Program Files\F-Secure\Ultralight\uss\1533627685\fsusscr.dll
16:46:40.0859 8652  C:\Program Files\F-Secure\Ultralight\uss\1533627685\fsusscr.dll - ok
16:46:40.0859 8652  [ D428FFD760F7D5C7FB95DAE69E6D840B ] C:\Program Files\F-Secure\Ultralight\virgo\1533275836\fsvirgo64.dll
16:46:40.0859 8652  C:\Program Files\F-Secure\Ultralight\virgo\1533275836\fsvirgo64.dll - ok
16:46:40.0859 8652  [ C42B7494A0BBBBE74355F7D201561803 ] C:\Program Files\AVAST Software\Avast\aswsysx.dll
16:46:40.0859 8652  C:\Program Files\AVAST Software\Avast\aswsysx.dll - ok
16:46:40.0859 8652  [ 6A30CE9A63482BF2D9BED1F7809EAE0C ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
16:46:40.0859 8652  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
16:46:40.0859 8652  [ 7D9F79CF1EC3A14275908D41CE74874D ] C:\Program Files\AVAST Software\Avast\fltlib_wrapper.dll
16:46:40.0859 8652  C:\Program Files\AVAST Software\Avast\fltlib_wrapper.dll - ok
16:46:40.0859 8652  [ FA8CBB48FCFCA3B4757B623031CA419B ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
16:46:40.0859 8652  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
16:46:40.0868 8652  [ F45D52C619D9940E9703496AFE94357A ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
16:46:40.0868 8652  C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
16:46:40.0868 8652  [ 23855D782B5DCC5DF7A5F596CF0477FE ] C:\Program Files\AVAST Software\Avast\AhResIdp.dll
16:46:40.0868 8652  C:\Program Files\AVAST Software\Avast\AhResIdp.dll - ok
16:46:40.0872 8652  [ ED96AF70F820F7C7CB030E85EF992581 ] C:\Program Files\AVAST Software\Avast\aswsecapix.dll
16:46:40.0872 8652  C:\Program Files\AVAST Software\Avast\aswsecapix.dll - ok
16:46:40.0872 8652  [ 5C6D465A34D66AB6FA005895009FC2E0 ] C:\Program Files\AVAST Software\Avast\aswcmlx.dll
16:46:40.0872 8652  C:\Program Files\AVAST Software\Avast\aswcmlx.dll - ok
16:46:40.0872 8652  [ D8892B622132E0F2C0EA9679BF930CE9 ] C:\Program Files\AVAST Software\Avast\aswlogx.dll
16:46:40.0872 8652  C:\Program Files\AVAST Software\Avast\aswlogx.dll - ok
16:46:40.0879 8652  [ EF8A0820197AB341E01E6060F333EF2F ] C:\Program Files\AVAST Software\Avast\aswdetallocatorx.dll
16:46:40.0879 8652  C:\Program Files\AVAST Software\Avast\aswdetallocatorx.dll - ok
16:46:40.0879 8652  [ ED6520277F624DFC6D9BA096E437F56A ] C:\Program Files\AVAST Software\Avast\aswcommx.dll
16:46:40.0879 8652  C:\Program Files\AVAST Software\Avast\aswcommx.dll - ok
16:46:40.0879 8652  [ C74C22B0EDDCDCEFC26D1FE4E9A9B099 ] C:\Program Files\AVAST Software\Avast\aswremovalx.dll
16:46:40.0879 8652  C:\Program Files\AVAST Software\Avast\aswremovalx.dll - ok
16:46:40.0879 8652  [ C8C657CFDA908FC3D0016C73E1970A8B ] C:\Program Files\AVAST Software\Avast\aswntsqlitex.dll
16:46:40.0879 8652  C:\Program Files\AVAST Software\Avast\aswntsqlitex.dll - ok
16:46:40.0879 8652  [ 9FE67E7058E57F1D53746C1ACCF02C5B ] C:\Program Files\AVAST Software\Avast\aswidpsdkx.dll
16:46:40.0879 8652  C:\Program Files\AVAST Software\Avast\aswidpsdkx.dll - ok
16:46:40.0879 8652  [ A99E701C80018A2B741672A5BE3C1FBD ] C:\Program Files\AVAST Software\Avast\aswVmm.dll
16:46:40.0879 8652  C:\Program Files\AVAST Software\Avast\aswVmm.dll - ok
16:46:40.0889 8652  [ 1349B504E31AF5F46E756AAFD3B44DF6 ] C:\Program Files\AVAST Software\Avast\aswwinamapix.dll
16:46:40.0889 8652  C:\Program Files\AVAST Software\Avast\aswwinamapix.dll - ok
16:46:40.0889 8652  [ E7FE1B872E78ECE456702D27FDB0F378 ] C:\Program Files\AVAST Software\Avast\custody.dll
16:46:40.0889 8652  C:\Program Files\AVAST Software\Avast\custody.dll - ok
16:46:40.0889 8652  [ FF6C2260C32E26CFC6AF139F354E4EC7 ] C:\Windows\SysWOW64\clbcatq.dll
16:46:40.0889 8652  C:\Windows\SysWOW64\clbcatq.dll - ok
16:46:40.0889 8652  [ 88B11A0A4E708EBDD8F3082F53CC7BE7 ] C:\Windows\SysWOW64\AppXDeploymentClient.dll
16:46:40.0889 8652  C:\Windows\SysWOW64\AppXDeploymentClient.dll - ok
16:46:40.0889 8652  [ B3602B07E32FA42F899055C7B407DCDD ] C:\Windows\SysWOW64\StateRepository.Core.dll
16:46:40.0889 8652  C:\Windows\SysWOW64\StateRepository.Core.dll - ok
16:46:40.0899 8652  [ 204D7D323B43F08DDE7F5737B36F5CD3 ] C:\Program Files\AVAST Software\Avast\ffl2.dll
16:46:40.0899 8652  C:\Program Files\AVAST Software\Avast\ffl2.dll - ok
16:46:40.0900 8652  [ 5F588B08F9438841D6FC44FED6EBB719 ] C:\Windows\SysWOW64\samlib.dll
16:46:40.0900 8652  C:\Windows\SysWOW64\samlib.dll - ok
16:46:40.0900 8652  [ E926F8DFE19BAE7EC389E56C23A17845 ] C:\Program Files\AVAST Software\Avast\defs\18081704\ArPot.dll
16:46:40.0900 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\ArPot.dll - ok
16:46:40.0900 8652  [ D4AF0AB0F46B22D98BA1FABCB5455025 ] C:\Windows\SysWOW64\wlanapi.dll
16:46:40.0900 8652  C:\Windows\SysWOW64\wlanapi.dll - ok
16:46:40.0900 8652  [ D1E329AF47E9387E37A0C3456C7FF54F ] C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
16:46:40.0900 8652  C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll - ok
16:46:40.0907 8652  [ AF3D25BA2CF96C471087457053028EF2 ] C:\Program Files\AVAST Software\Avast\anen.dll
16:46:40.0907 8652  C:\Program Files\AVAST Software\Avast\anen.dll - ok
16:46:40.0907 8652  [ D44EF86361E200D154DE3CC0B61661BA ] C:\Windows\SysWOW64\webio.dll
16:46:40.0907 8652  C:\Windows\SysWOW64\webio.dll - ok
16:46:40.0907 8652  [ CD717BD0EFBC5C02B9D3161CAECF7622 ] C:\Windows\SysWOW64\mswsock.dll
16:46:40.0907 8652  C:\Windows\SysWOW64\mswsock.dll - ok
16:46:40.0907 8652  [ 8EB58E064AA203E628DDA9EC80AA1314 ] C:\Windows\SysWOW64\netprofm.dll
16:46:40.0907 8652  C:\Windows\SysWOW64\netprofm.dll - ok
16:46:40.0907 8652  [ E7E0F04017D75D2FAA9E286CF561216B ] C:\Windows\SysWOW64\rasadhlp.dll
16:46:40.0907 8652  C:\Windows\SysWOW64\rasadhlp.dll - ok
16:46:40.0907 8652  [ D60E034BD37DE314A552C45BBFA5E326 ] C:\Windows\SysWOW64\netshell.dll
16:46:40.0907 8652  C:\Windows\SysWOW64\netshell.dll - ok
16:46:40.0919 8652  [ A0E789C8AAFE36223DAAE9D62F2324BB ] C:\Windows\SysWOW64\nlaapi.dll
16:46:40.0919 8652  C:\Windows\SysWOW64\nlaapi.dll - ok
16:46:40.0919 8652  [ 5ED5711CF38BFB41653457AF4D06A842 ] C:\Windows\SysWOW64\npmproxy.dll
16:46:40.0919 8652  C:\Windows\SysWOW64\npmproxy.dll - ok
16:46:40.0919 8652  [ 77F03D1E5DB4331A7C177D0D3488D865 ] C:\Program Files\AVAST Software\Avast\gui_cache.dll
16:46:40.0919 8652  C:\Program Files\AVAST Software\Avast\gui_cache.dll - ok
16:46:40.0919 8652  [ C3D07481FDD607F9B66B2CF1D8E26EF0 ] C:\Windows\System32\netman.dll
16:46:40.0919 8652  C:\Windows\System32\netman.dll - ok
16:46:40.0919 8652  [ 10DB60D2D9D1E4FD5CD9317AF2A5D0C6 ] C:\Windows\System32\netshell.dll
16:46:40.0919 8652  C:\Windows\System32\netshell.dll - ok
16:46:40.0919 8652  [ 6B2150FD18D708E013451DA56A47C9C9 ] C:\Windows\System32\dot3api.dll
16:46:40.0919 8652  C:\Windows\System32\dot3api.dll - ok
16:46:40.0929 8652  [ 25C01F56ED3715EC52CF9DF77DC89884 ] C:\Windows\System32\SecurityCenterBroker.dll
16:46:40.0929 8652  C:\Windows\System32\SecurityCenterBroker.dll - ok
16:46:40.0929 8652  [ DCB549367EB94CD8AFAA28E3F77F6493 ] C:\Windows\System32\wscsvc.dll
16:46:40.0929 8652  C:\Windows\System32\wscsvc.dll - ok
16:46:40.0929 8652  [ 07D5816856E2F8296E04B0C7A15D94C0 ] C:\Windows\System32\wbem\NCProv.dll
16:46:40.0929 8652  C:\Windows\System32\wbem\NCProv.dll - ok
16:46:40.0929 8652  [ 78C39C02C1E8901D616BC0562ADD62C0 ] C:\Windows\SysWOW64\NapiNSP.dll
16:46:40.0929 8652  C:\Windows\SysWOW64\NapiNSP.dll - ok
16:46:40.0929 8652  [ 828C641DB4C04C4A6717150822F0FA88 ] C:\Windows\SysWOW64\pnrpnsp.dll
16:46:40.0929 8652  C:\Windows\SysWOW64\pnrpnsp.dll - ok
16:46:40.0929 8652  [ 52E3E55F89258934FD3493F403C32B52 ] C:\Windows\SysWOW64\winrnr.dll
16:46:40.0929 8652  C:\Windows\SysWOW64\winrnr.dll - ok
16:46:40.0929 8652  [ 457C30C6B758C5B0A569A29B092BB10F ] C:\Windows\SysWOW64\wshbth.dll
16:46:40.0929 8652  C:\Windows\SysWOW64\wshbth.dll - ok
16:46:40.0939 8652  [ F39651810F3A8E10DCA40FE74B30F79E ] C:\Windows\SysWOW64\wscapi.dll
16:46:40.0939 8652  C:\Windows\SysWOW64\wscapi.dll - ok
16:46:40.0939 8652  [ FB1C2F2DF5404BB44B725FC755A598DE ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
16:46:40.0939 8652  C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
16:46:40.0939 8652  [ 95A638008AC2A016BEBBBB841C216B13 ] C:\Program Files\AVAST Software\Avast\defs\18081704\exts.dll
16:46:40.0939 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\exts.dll - ok
16:46:40.0939 8652  [ 96E5E4C1A2D6E531CB0921468DC9E2EC ] C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll
16:46:40.0939 8652  C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll - ok
16:46:40.0939 8652  [ 0C857B7686F71EBFB776E452873780F9 ] C:\Program Files\AVAST Software\Avast\wsc.dll
16:46:40.0939 8652  C:\Program Files\AVAST Software\Avast\wsc.dll - ok
16:46:40.0939 8652  [ C3C506E08ECA39F9BF741963C9CBC7B1 ] C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
16:46:40.0939 8652  C:\Program Files\AVAST Software\Avast\wsc_proxy.exe - ok
16:46:40.0949 8652  [ 35B8B2D7C22BE9AFF0D4A5FE6AA39348 ] C:\Program Files\AVAST Software\Avast\hns_tools.dll
16:46:40.0949 8652  C:\Program Files\AVAST Software\Avast\hns_tools.dll - ok
16:46:40.0949 8652  [ 3DBE46CFF78F5162BC31A980860C476A ] C:\Program Files\AVAST Software\Avast\aswDnsCache.dll
16:46:40.0949 8652  C:\Program Files\AVAST Software\Avast\aswDnsCache.dll - ok
16:46:40.0949 8652  [ 623F665A3CBB3211D6A331E64B358359 ] C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
16:46:40.0949 8652  C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe - ok
16:46:40.0949 8652  [ CEB7751435C12E6427C6AC135DBDE340 ] C:\Windows\SysWOW64\wscisvif.dll
16:46:40.0949 8652  C:\Windows\SysWOW64\wscisvif.dll - ok
16:46:40.0949 8652  [ EAD4552E674005C2A3AC23979B00F1F4 ] C:\Windows\SysWOW64\wscproxystub.dll
16:46:40.0949 8652  C:\Windows\SysWOW64\wscproxystub.dll - ok
16:46:40.0949 8652  [ 9574AEFFF7806523120CF2D2F31D5357 ] C:\Program Files\AVAST Software\Avast\x64\aswCmnBS.dll
16:46:40.0949 8652  C:\Program Files\AVAST Software\Avast\x64\aswCmnBS.dll - ok
16:46:40.0958 8652  [ 747A0867971E07B410FC23E32A5788EC ] C:\Program Files\AVAST Software\Avast\x64\aswsysa.dll
16:46:40.0958 8652  C:\Program Files\AVAST Software\Avast\x64\aswsysa.dll - ok
16:46:40.0958 8652  [ D396985225D85CAA7D743D67C7DA6316 ] C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\msvcp140.dll
16:46:40.0958 8652  C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\msvcp140.dll - ok
16:46:40.0958 8652  [ 9A53905892D9C9F3BF9D295C8B32E446 ] C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\vcruntime140.dll
16:46:40.0958 8652  C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\vcruntime140.dll - ok
16:46:40.0958 8652  [ 8310E1E4D67811ED0BF54AF6F76BCE5F ] C:\Program Files\AVAST Software\Avast\x64\aswCmnIS.dll
16:46:40.0958 8652  C:\Program Files\AVAST Software\Avast\x64\aswCmnIS.dll - ok
16:46:40.0958 8652  [ 366BD041D0B23DEEAE6DA3F46A903C51 ] C:\Program Files\AVAST Software\Avast\x64\aswCmnOS.dll
16:46:40.0958 8652  C:\Program Files\AVAST Software\Avast\x64\aswCmnOS.dll - ok
16:46:40.0958 8652  [ 1B54DE30B804D6BA7DFFBD9BAE625591 ] C:\Windows\SysWOW64\dpapi.dll
16:46:40.0958 8652  C:\Windows\SysWOW64\dpapi.dll - ok
16:46:40.0969 8652  [ 7E9BFF402FA1F27743B1AD468F8B02FF ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswAR.dll
16:46:40.0969 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswAR.dll - ok
16:46:40.0969 8652  [ 619FC5217C63E94152CB5387F51FED0A ] C:\Program Files\AVAST Software\Avast\defs\18081704\aswRawFS.dll
16:46:40.0969 8652  C:\Program Files\AVAST Software\Avast\defs\18081704\aswRawFS.dll - ok
16:46:40.0973 8652  [ 815B3714B40C1010814B031D3B262E49 ] C:\Program Files\AVAST Software\Avast\rescue_disk.dll
16:46:40.0973 8652  C:\Program Files\AVAST Software\Avast\rescue_disk.dll - ok
16:46:40.0973 8652  [ 7A1503FE7E8FDE88100D8E937DC82547 ] C:\Program Files\AVAST Software\Avast\x64\AavmRpch.dll
16:46:40.0973 8652  C:\Program Files\AVAST Software\Avast\x64\AavmRpch.dll - ok
16:46:40.0973 8652  [ 197D9311A6D40BAACCC504C8A13BB426 ] C:\Program Files\AVAST Software\Avast\x64\aswcmla.dll
16:46:40.0973 8652  C:\Program Files\AVAST Software\Avast\x64\aswcmla.dll - ok
16:46:40.0973 8652  [ 810C3E1BA2CCD2CBBF5D9F8F7B4673B2 ] C:\Program Files\AVAST Software\Avast\aswUrlCache.dll
16:46:40.0973 8652  C:\Program Files\AVAST Software\Avast\aswUrlCache.dll - ok
16:46:40.0979 8652  [ 5547AC14555FF2D01AF7231BD7A3334B ] C:\Program Files\AVAST Software\Avast\x64\libcrypto-1_1-x64.dll
16:46:40.0979 8652  C:\Program Files\AVAST Software\Avast\x64\libcrypto-1_1-x64.dll - ok
16:46:40.0979 8652  [ 7225F0D9E23C496256ADFD24B6158B41 ] C:\Program Files\AVAST Software\Avast\x64\aswloga.dll
16:46:40.0979 8652  C:\Program Files\AVAST Software\Avast\x64\aswloga.dll - ok
16:46:40.0979 8652  [ 4DF519C447E44D2D6079692B26254D68 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
16:46:40.0979 8652  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
16:46:40.0979 8652  [ 7D022533FEE227058B2C88F171C1E8EE ] C:\Program Files\AVAST Software\Avast\x64\aswcomma.dll
16:46:40.0979 8652  C:\Program Files\AVAST Software\Avast\x64\aswcomma.dll - ok
16:46:40.0979 8652  [ 8C777D9E37DA31D32FE4C4E92C83E460 ] C:\Program Files\AVAST Software\Avast\x64\aswcerta.dll
16:46:40.0979 8652  C:\Program Files\AVAST Software\Avast\x64\aswcerta.dll - ok
16:46:40.0979 8652  [ C1A13B2F746D0F878929FEA055E6BD64 ] C:\Program Files\AVAST Software\Avast\x64\aswdetallocatora.dll
16:46:40.0979 8652  C:\Program Files\AVAST Software\Avast\x64\aswdetallocatora.dll - ok
16:46:40.0989 8652  [ 31068615DCD806D9A2DAD1437E0B401B ] C:\Program Files\AVAST Software\Avast\x64\aswpsica.dll
16:46:40.0989 8652  C:\Program Files\AVAST Software\Avast\x64\aswpsica.dll - ok
16:46:40.0989 8652  [ F12E9863E179C2A549FE22538243F71F ] C:\Program Files\AVAST Software\Avast\x64\aswProperty.dll
16:46:40.0989 8652  C:\Program Files\AVAST Software\Avast\x64\aswProperty.dll - ok
16:46:40.0989 8652  [ FEED6E15B6F28D68EEC8AC9203ACB221 ] C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
16:46:40.0989 8652  C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll - ok
16:46:40.0989 8652  [ 7B7DB8B3455B27EC1AC79047C7D949FA ] C:\Program Files\AVAST Software\Avast\x64\log.dll
16:46:40.0989 8652  C:\Program Files\AVAST Software\Avast\x64\log.dll - ok
16:46:40.0989 8652  [ 6B061CBF4F1471D5DEC98B39FC256D40 ] C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
16:46:40.0989 8652  C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll - ok
16:46:40.0989 8652  [ C913C6CC7FD2DBBDEFF6BEFA9404300C ] C:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
16:46:40.0989 8652  C:\Program Files\AVAST Software\Avast\x64\vaarclient.dll - ok
16:46:40.0999 8652  [ F70F3655B904163F9FF8EF139AF05888 ] C:\Windows\System32\sfc.dll
16:46:40.0999 8652  C:\Windows\System32\sfc.dll - ok
16:46:41.0000 8652  [ 231B1806126F08181DEDDB0FA58B6115 ] C:\Windows\System32\sfc_os.dll
16:46:41.0000 8652  C:\Windows\System32\sfc_os.dll - ok
16:46:41.0000 8652  [ FF20D3EDA64F7FEB45CD9DF4ACF431C1 ] C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
16:46:41.0000 8652  C:\Program Files\AVAST Software\Avast\x64\ffl2.dll - ok
16:46:41.0000 8652  [ D83997FA1A635318CFDA20A081BBF5AA ] C:\Windows\System32\Winlangdb.dll
16:46:41.0000 8652  C:\Windows\System32\Winlangdb.dll - ok
16:46:41.0000 8652  [ 857673123F18A0B82A32734DBF64E6B2 ] C:\Program Files\AVAST Software\Avast\x64\streamback.dll
16:46:41.0000 8652  C:\Program Files\AVAST Software\Avast\x64\streamback.dll - ok
16:46:41.0008 8652  [ 8913E491244DA695BCEE02BC15F72FCD ] C:\Windows\System32\globinputhost.dll
16:46:41.0008 8652  C:\Windows\System32\globinputhost.dll - ok
16:46:41.0008 8652  [ 4B534DB2DD5F6B904549AF2085D6ED80 ] C:\Program Files\AVAST Software\Avast\x64\CommChannel.dll
16:46:41.0008 8652  C:\Program Files\AVAST Software\Avast\x64\CommChannel.dll - ok
16:46:41.0008 8652  [ E249160900092EA62796202C1E2B939E ] C:\Windows\System32\InputSwitch.dll
16:46:41.0008 8652  C:\Windows\System32\InputSwitch.dll - ok
16:46:41.0008 8652  [ 52A0F47166127BAB2C93000B5919E589 ] C:\Program Files\AVAST Software\Avast\x64\aswIP.dll
16:46:41.0008 8652  C:\Program Files\AVAST Software\Avast\x64\aswIP.dll - ok
16:46:41.0008 8652  [ 73FF1844030943E6D81A405FF419A245 ] C:\Windows\System32\wininet.dll
16:46:41.0008 8652  C:\Windows\System32\wininet.dll - ok
16:46:41.0008 8652  [ 7C4CC6E5C98BB7B360E13974718245F3 ] C:\Windows\System32\msftedit.dll
16:46:41.0008 8652  C:\Windows\System32\msftedit.dll - ok
16:46:41.0008 8652  [ 3DDE846F3FAF8786244C59A0FCCB9DA1 ] C:\Windows\System32\Windows.UI.Xaml.Controls.dll
16:46:41.0008 8652  C:\Windows\System32\Windows.UI.Xaml.Controls.dll - ok
16:46:41.0019 8652  [ 6809068360DF36C8BB8A8D9E98CC2378 ] C:\Windows\System32\Windows.Energy.dll
16:46:41.0019 8652  C:\Windows\System32\Windows.Energy.dll - ok
16:46:41.0019 8652  [ 16BD98353E685AC84676888C2DBB456B ] C:\Windows\System32\Windows.Graphics.dll
16:46:41.0019 8652  C:\Windows\System32\Windows.Graphics.dll - ok
16:46:41.0019 8652  [ 161023E96E0BF8789BB7709331F8EFB7 ] C:\Program Files\AVAST Software\Avast\shepherdsync.dll
16:46:41.0019 8652  C:\Program Files\AVAST Software\Avast\shepherdsync.dll - ok
16:46:41.0019 8652  [ 1BCF2AE8E0A87DB0706EE34A6188AE9E ] C:\Program Files\AVAST Software\Avast\TuneupBin\TuneupSmartScan.dll
16:46:41.0019 8652  C:\Program Files\AVAST Software\Avast\TuneupBin\TuneupSmartScan.dll - ok
16:46:41.0019 8652  [ E0D014C9FA27206F5362E561C1DA996E ] C:\Windows\SysWOW64\rasapi32.dll
16:46:41.0019 8652  C:\Windows\SysWOW64\rasapi32.dll - ok
16:46:41.0029 8652  [ EC0EBCB3ADCEA09BCA1F6CE0F6352E9F ] C:\Windows\SysWOW64\rasman.dll
16:46:41.0029 8652  C:\Windows\SysWOW64\rasman.dll - ok
16:46:41.0029 8652  [ CE65EE68D57B958E61A54A638DAA804B ] C:\Windows\SysWOW64\sfc.dll
16:46:41.0029 8652  C:\Windows\SysWOW64\sfc.dll - ok
16:46:41.0029 8652  [ E5881D5EF01DD2A9C360DB4B0D8FACDA ] C:\Windows\SysWOW64\sfc_os.dll
16:46:41.0029 8652  C:\Windows\SysWOW64\sfc_os.dll - ok
16:46:41.0029 8652  [ 390BEF0B7ED54C90A186D7D33E0F6EFF ] C:\Windows\SysWOW64\ncrypt.dll
16:46:41.0029 8652  C:\Windows\SysWOW64\ncrypt.dll - ok
16:46:41.0029 8652  [ A210890C6C6E1E0303A09A6CE279970F ] C:\Windows\SysWOW64\ntasn1.dll
16:46:41.0029 8652  C:\Windows\SysWOW64\ntasn1.dll - ok
16:46:41.0029 8652  [ 03E948A848EF103477E6BD87E22F7983 ] C:\Windows\SysWOW64\RstrtMgr.dll
16:46:41.0029 8652  C:\Windows\SysWOW64\RstrtMgr.dll - ok
16:46:41.0039 8652  [ 7FEC4A0E44007B117BA44C1AA985519F ] C:\Windows\SysWOW64\wbem\wbemprox.dll
16:46:41.0039 8652  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
16:46:41.0039 8652  [ 10CF80E5533C252E44A763DA4F390595 ] C:\Windows\SysWOW64\wbemcomn.dll
16:46:41.0039 8652  C:\Windows\SysWOW64\wbemcomn.dll - ok
16:46:41.0039 8652  [ 74BFBA2F59C8FA3A58556268D44DAACE ] C:\Windows\SysWOW64\wbem\fastprox.dll
16:46:41.0039 8652  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
16:46:41.0039 8652  [ 9E2C6A76DDE7D547FCD70EAAF5451BB9 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
16:46:41.0039 8652  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
16:46:41.0039 8652  [ 3305CD6B2ABCF461341BE73B64A98DC8 ] C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll
16:46:41.0039 8652  C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll - ok
16:46:41.0039 8652  [ 9CBD3EC8D9E4F8CE54258B0573C66BEB ] C:\Windows\System32\wbem\unsecapp.exe
16:46:41.0039 8652  C:\Windows\System32\wbem\unsecapp.exe - ok
16:46:41.0049 8652  [ 55E892B6380DEF10ACB12BAF9674DFC2 ] C:\Windows\SysWOW64\dsparse.dll
16:46:41.0049 8652  C:\Windows\SysWOW64\dsparse.dll - ok
16:46:41.0049 8652  [ A782A4ED336750D10B3CAF776AFE8E70 ] C:\Windows\System32\wbem\WmiPrvSE.exe
16:46:41.0049 8652  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
16:46:41.0049 8652  [ A96ABA8D15D35B32627B739BAC78BA81 ] C:\Windows\System32\wbem\cimwin32.dll
16:46:41.0049 8652  C:\Windows\System32\wbem\cimwin32.dll - ok
16:46:41.0049 8652  [ D99C4E583EE62033A32508E364644254 ] C:\Windows\System32\framedynos.dll
16:46:41.0049 8652  C:\Windows\System32\framedynos.dll - ok
16:46:41.0049 8652  [ FB6DFED4E3B62D2AD496A779A997CE1B ] C:\Windows\System32\winbrand.dll
16:46:41.0049 8652  C:\Windows\System32\winbrand.dll - ok
16:46:41.0059 8652  [ BD35F484DA59014D091736F8F10BFB42 ] C:\Windows\System32\lmhsvc.dll
16:46:41.0059 8652  C:\Windows\System32\lmhsvc.dll - ok
16:46:41.0059 8652  [ 4E8E3E81BE889F3BCD7093BEEC67EE62 ] C:\Windows\System32\nrpsrv.dll
16:46:41.0059 8652  C:\Windows\System32\nrpsrv.dll - ok
16:46:41.0059 8652  [ FF214585BF10206E21EA8EBA202FACFD ] C:\Windows\System32\wermgr.exe
16:46:41.0059 8652  C:\Windows\System32\wermgr.exe - ok
16:46:41.0059 8652  [ 579A0E8EDD707EDD08193EBD867DBEE1 ] C:\Windows\System32\DeviceCredential.dll
16:46:41.0059 8652  C:\Windows\System32\DeviceCredential.dll - ok
16:46:41.0059 8652  [ 99123999471B45A9702B6E04DED09E59 ] C:\Windows\System32\shacctprofile.dll
16:46:41.0059 8652  C:\Windows\System32\shacctprofile.dll - ok
16:46:41.0069 8652  [ D9661132E752766C72459BE4A5CDE7E7 ] C:\Windows\System32\SettingSync.dll
16:46:41.0069 8652  C:\Windows\System32\SettingSync.dll - ok
16:46:41.0069 8652  [ 2528137C6745C4EADD87817A1909677E ] C:\Windows\System32\dllhost.exe
16:46:41.0069 8652  C:\Windows\System32\dllhost.exe - ok
16:46:41.0069 8652  [ E8E90AA46E0A83F65DE5C33EA9AD23C0 ] C:\Windows\System32\CredentialMigrationHandler.dll
16:46:41.0069 8652  C:\Windows\System32\CredentialMigrationHandler.dll - ok
16:46:41.0069 8652  [ 8BE3F15F91FA4A9993322A2E576B71E9 ] C:\Windows\System32\Windows.CloudStore.dll
16:46:41.0069 8652  C:\Windows\System32\Windows.CloudStore.dll - ok
16:46:41.0069 8652  [ E6820A3B7408E54A1A71CCDB673FA710 ] C:\Windows\System32\AppxAllUserStore.dll
16:46:41.0069 8652  C:\Windows\System32\AppxAllUserStore.dll - ok
16:46:41.0079 8652  [ 71CECDA2DCF81E0AD8C30440C77966E2 ] C:\Windows\System32\fhsvc.dll
16:46:41.0079 8652  C:\Windows\System32\fhsvc.dll - ok
16:46:41.0079 8652  [ 6F84A5C939F9DA91F5946AF4EC6E2503 ] C:\Windows\System32\sihost.exe
16:46:41.0079 8652  C:\Windows\System32\sihost.exe - ok
16:46:41.0079 8652  [ 5137CB19B1832866044102B5DD5C7AA9 ] C:\Windows\System32\mpr.dll
16:46:41.0079 8652  C:\Windows\System32\mpr.dll - ok
16:46:41.0079 8652  [ BE26174332CC2D02936A07760C9B903C ] C:\Windows\System32\msidle.dll
16:46:41.0079 8652  C:\Windows\System32\msidle.dll - ok
16:46:41.0079 8652  [ 9FBF5849A6F51E3B3F8AF2A4171648DA ] C:\Windows\System32\cdpusersvc.dll
16:46:41.0079 8652  C:\Windows\System32\cdpusersvc.dll - ok
16:46:41.0079 8652  [ F21B49560E599273BB1C7BA72B3192D8 ] C:\Windows\System32\DesktopShellExt.dll
16:46:41.0079 8652  C:\Windows\System32\DesktopShellExt.dll - ok
16:46:41.0089 8652  [ 01EC1C3DCB6F179A2085F946D43C1464 ] C:\Windows\System32\fhcfg.dll
16:46:41.0089 8652  C:\Windows\System32\fhcfg.dll - ok
16:46:41.0089 8652  [ 30D75769E23CCFBE13DB41FC54243BB1 ] C:\Windows\System32\Microsoft.Bluetooth.UserService.dll
16:46:41.0089 8652  C:\Windows\System32\Microsoft.Bluetooth.UserService.dll - ok
16:46:41.0089 8652  [ 63C79AD0202728F4608757340B7D602B ] C:\Windows\System32\wuaueng.dll
16:46:41.0089 8652  C:\Windows\System32\wuaueng.dll - ok
16:46:41.0099 8652  [ EB55968DB9EEB288E5B7CAA2D9518144 ] C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
16:46:41.0099 8652  C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll - ok
16:46:41.0100 8652  [ 8B694BC50D2D2B98311283CFE5B40EE6 ] C:\Windows\System32\WpnUserService.dll
16:46:41.0100 8652  C:\Windows\System32\WpnUserService.dll - ok
16:46:41.0100 8652  [ C1103F5BDD81B4E935F32688EC324675 ] C:\Windows\System32\efsutil.dll
16:46:41.0100 8652  C:\Windows\System32\efsutil.dll - ok
16:46:41.0100 8652  [ 21DECAAAC635AD1716284CD1E2081AA6 ] C:\Windows\System32\cryptxml.dll
16:46:41.0100 8652  C:\Windows\System32\cryptxml.dll - ok
16:46:41.0100 8652  [ 390C63EF7A2058487B169D253EECB808 ] C:\Windows\System32\wups.dll
16:46:41.0100 8652  C:\Windows\System32\wups.dll - ok
16:46:41.0108 8652  [ 681F012EA0D641BC86AF05726EFCB4B8 ] C:\Windows\System32\wups2.dll
16:46:41.0108 8652  C:\Windows\System32\wups2.dll - ok
16:46:41.0108 8652  [ E1D6E98DC801C5AB76105290228296A8 ] C:\Windows\System32\MDMAgent.exe
16:46:41.0108 8652  C:\Windows\System32\MDMAgent.exe - ok
16:46:41.0108 8652  [ 2371E940721C9251469193891F05AE9A ] C:\Windows\System32\modernexecserver.dll
16:46:41.0108 8652  C:\Windows\System32\modernexecserver.dll - ok
16:46:41.0108 8652  [ AC2EFBE78E1ECCE24277E58F4625B759 ] C:\Windows\System32\webservices.dll
16:46:41.0108 8652  C:\Windows\System32\webservices.dll - ok
16:46:41.0108 8652  [ D1E23027543E73F12084A34ABE0CA1B5 ] C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
16:46:41.0108 8652  C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe - ok
16:46:41.0108 8652  [ B4960F732FE0B7F76904F7DA38E51875 ] C:\Windows\System32\MsCtfMonitor.dll
16:46:41.0108 8652  C:\Windows\System32\MsCtfMonitor.dll - ok
16:46:41.0108 8652  [ D723A2080121430AE10ADC77D6E3D04B ] C:\Windows\System32\ClipboardServer.dll
16:46:41.0108 8652  C:\Windows\System32\ClipboardServer.dll - ok
16:46:41.0119 8652  [ 712EF5A2EEF4D09D5A8065B1992E8DDE ] C:\Windows\System32\msutb.dll
16:46:41.0119 8652  C:\Windows\System32\msutb.dll - ok
16:46:41.0119 8652  [ 28EC6113CEF09F1976C4483373B74F68 ] C:\Windows\System32\NotificationController.dll
16:46:41.0119 8652  C:\Windows\System32\NotificationController.dll - ok
16:46:41.0119 8652  [ E5A50C84BBCB733A323D905A4502E621 ] C:\Windows\System32\ActivationManager.dll
16:46:41.0119 8652  C:\Windows\System32\ActivationManager.dll - ok
16:46:41.0119 8652  [ 4F18268C195B606433AFFB472D5960B2 ] C:\Windows\System32\AppointmentActivation.dll
16:46:41.0119 8652  C:\Windows\System32\AppointmentActivation.dll - ok
16:46:41.0119 8652  [ 2FC0594D04452EEEF2B7956634DB3663 ] C:\Windows\System32\QuietHours.dll
16:46:41.0119 8652  C:\Windows\System32\QuietHours.dll - ok
16:46:41.0129 8652  [ CE9975A9E0DFBEFECECE218D2674C1CD ] C:\Windows\System32\TabSvc.dll
16:46:41.0129 8652  C:\Windows\System32\TabSvc.dll - ok
16:46:41.0129 8652  [ E1433C8ECD8E7E30B4B649750F1C6E67 ] C:\Windows\System32\NotificationControllerPS.dll
16:46:41.0129 8652  C:\Windows\System32\NotificationControllerPS.dll - ok
16:46:41.0129 8652  [ 0D6D72DA967CC1CA9145A5CC43449042 ] C:\Windows\System32\PlaySndSrv.dll
16:46:41.0129 8652  C:\Windows\System32\PlaySndSrv.dll - ok
16:46:41.0129 8652  [ 0978689D2ACAC68FD32037F6837600C7 ] C:\Windows\System32\security.dll
16:46:41.0129 8652  C:\Windows\System32\security.dll - ok
16:46:41.0129 8652  [ D4DAF47FBF707B23B874DE6F139CB0C7 ] C:\Windows\System32\ctfmon.exe
16:46:41.0129 8652  C:\Windows\System32\ctfmon.exe - ok
16:46:41.0139 8652  [ 0491E1D655E3F387E482FB59C571AE82 ] C:\Windows\System32\ncryptsslp.dll
16:46:41.0139 8652  C:\Windows\System32\ncryptsslp.dll - ok
16:46:41.0139 8652  [ DEA21508D66366029AC8F424C8B52DC9 ] C:\Windows\System32\ACPBackgroundManagerPolicy.dll
16:46:41.0139 8652  C:\Windows\System32\ACPBackgroundManagerPolicy.dll - ok
16:46:41.0139 8652  [ 74BCF8617D9444A961D40597CA8BD925 ] C:\Windows\System32\ExecModelClient.dll
16:46:41.0139 8652  C:\Windows\System32\ExecModelClient.dll - ok
16:46:41.0139 8652  [ 90862BDE986870E95F12578FDE905B6F ] C:\Windows\System32\ncryptprov.dll
16:46:41.0139 8652  C:\Windows\System32\ncryptprov.dll - ok
16:46:41.0139 8652  [ B33A556206EB558812EFE396BD900B95 ] C:\Windows\System32\BackgroundMediaPolicy.dll
16:46:41.0139 8652  C:\Windows\System32\BackgroundMediaPolicy.dll - ok
16:46:41.0148 8652  [ F24C0FBA6B82F95F9400AFF07F09D754 ] C:\Windows\System32\dssenh.dll
16:46:41.0148 8652  C:\Windows\System32\dssenh.dll - ok
16:46:41.0148 8652  [ E79B4BFA3F1E4E07BD40BC4AA5F6F738 ] C:\Windows\System32\mskeyprotect.dll
16:46:41.0148 8652  C:\Windows\System32\mskeyprotect.dll - ok
16:46:41.0152 8652  [ B7494380BA4B31672B18965770E51462 ] C:\Windows\System32\pnpui.dll
16:46:41.0152 8652  C:\Windows\System32\pnpui.dll - ok
16:46:41.0152 8652  [ B790F35982333282D2F039F368C37A5E ] C:\Windows\System32\SmartCardBackgroundPolicy.dll
16:46:41.0152 8652  C:\Windows\System32\SmartCardBackgroundPolicy.dll - ok
16:46:41.0152 8652  [ DC1AD1F39AC5CEAE1D4E3B0F20D9F2AD ] C:\Windows\System32\WindowManagement.dll
16:46:41.0152 8652  C:\Windows\System32\WindowManagement.dll - ok
16:46:41.0152 8652  [ E667E60473AE498871561D1A5B103AA2 ] C:\Windows\System32\notificationplatformcomponent.dll
16:46:41.0152 8652  C:\Windows\System32\notificationplatformcomponent.dll - ok
16:46:41.0159 8652  [ 99802E44D1D33A376839103FF543C383 ] C:\Windows\System32\SebBackgroundManagerPolicy.dll
16:46:41.0159 8652  C:\Windows\System32\SebBackgroundManagerPolicy.dll - ok
16:46:41.0159 8652  [ 5E72A6792B013F8275EFCD1A574A56A6 ] C:\Windows\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
16:46:41.0159 8652  C:\Windows\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll - ok
16:46:41.0159 8652  [ E66AC1B45FDA70368A8D5186BF0D5F4A ] C:\Windows\System32\cscapi.dll
16:46:41.0159 8652  C:\Windows\System32\cscapi.dll - ok
16:46:41.0159 8652  [ 7FBD5D94984CDD726F9B379ED92CA0DE ] C:\Windows\System32\InputService.dll
16:46:41.0159 8652  C:\Windows\System32\InputService.dll - ok
16:46:41.0159 8652  [ 2B033BC25E0A5CFE8A27ED9F9608C5D0 ] C:\Windows\System32\OneCoreCommonProxyStub.dll
16:46:41.0159 8652  C:\Windows\System32\OneCoreCommonProxyStub.dll - ok
16:46:41.0169 8652  [ 2AE6F0A5769CBF8DF68DA1BAEF02777A ] C:\Windows\System32\schedcli.dll
16:46:41.0169 8652  C:\Windows\System32\schedcli.dll - ok
16:46:41.0169 8652  [ AB80EB2A1A6642E8323DBED870822B0F ] C:\Windows\System32\AppContracts.dll
16:46:41.0169 8652  C:\Windows\System32\AppContracts.dll - ok
16:46:41.0169 8652  [ FFCD4E0B01BA3F9E3BDBE193E6535B0C ] C:\Windows\System32\execmodelproxy.dll
16:46:41.0169 8652  C:\Windows\System32\execmodelproxy.dll - ok
16:46:41.0169 8652  [ 01B8D1CE3B40441A17EC7CD91ADCFF7E ] C:\Windows\System32\InputLocaleManager.dll
16:46:41.0169 8652  C:\Windows\System32\InputLocaleManager.dll - ok
16:46:41.0169 8652  [ FD7175DCDAA81F5D4A911F686C4897C4 ] C:\Windows\System32\MTFServer.dll
16:46:41.0169 8652  C:\Windows\System32\MTFServer.dll - ok
16:46:41.0179 8652  [ 229012B7B186C36C3E923309908A5699 ] C:\Windows\System32\ShareHost.dll
16:46:41.0179 8652  C:\Windows\System32\ShareHost.dll - ok
16:46:41.0179 8652  [ E021EBEA59E0B3B8E796E931DC8D34E7 ] C:\Windows\System32\Windows.System.Launcher.dll
16:46:41.0179 8652  C:\Windows\System32\Windows.System.Launcher.dll - ok
16:46:41.0179 8652  [ CCB68BBD6AC62B733F99B999F7269C0F ] C:\Windows\System32\TileDataRepository.dll
16:46:41.0179 8652  C:\Windows\System32\TileDataRepository.dll - ok
16:46:41.0179 8652  [ 30871CF3C3A3A2AE5EEF31CE0746CA71 ] C:\Windows\System32\twinui.appcore.dll
16:46:41.0179 8652  C:\Windows\System32\twinui.appcore.dll - ok
16:46:41.0179 8652  [ 681822FB7D73DB8008C2CEBF87B6C108 ] C:\Windows\System32\Windows.Networking.Connectivity.dll
16:46:41.0179 8652  C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
16:46:41.0179 8652  [ 36794196DCD4204BA0264C3B4A7E94E2 ] C:\Windows\System32\UiaManager.dll
16:46:41.0179 8652  C:\Windows\System32\UiaManager.dll - ok
16:46:41.0179 8652  [ 381900C1B6023A792C7B5EFFB6667F62 ] C:\Windows\System32\daxexec.dll
16:46:41.0179 8652  C:\Windows\System32\daxexec.dll - ok
16:46:41.0194 8652  [ 71774012DA7A137991CB2F89A4504D79 ] C:\Windows\System32\Windows.StateRepositoryClient.dll
16:46:41.0194 8652  C:\Windows\System32\Windows.StateRepositoryClient.dll - ok
16:46:41.0194 8652  [ D9617CE0E506B0CC2DA84DE195BFCB2A ] C:\Windows\System32\container.dll
16:46:41.0194 8652  C:\Windows\System32\container.dll - ok
16:46:41.0194 8652  [ 289613676B6D6CBA49E2F947945DABCD ] C:\Windows\System32\MTF.dll
16:46:41.0194 8652  C:\Windows\System32\MTF.dll - ok
16:46:41.0194 8652  [ CC3840637F1636EE820B273219395BB7 ] C:\Windows\System32\AppResolver.dll
16:46:41.0194 8652  C:\Windows\System32\AppResolver.dll - ok
16:46:41.0201 8652  [ 2D379B47EEBC2A8BC3CA0CFD1DA2ACA5 ] C:\Windows\System32\mssrch.dll
16:46:41.0201 8652  C:\Windows\System32\mssrch.dll - ok
16:46:41.0201 8652  [ 422ACB8D3DF9F5F93BBE1C4757AF07C1 ] C:\Windows\System32\tquery.dll
16:46:41.0201 8652  C:\Windows\System32\tquery.dll - ok
16:46:41.0201 8652  [ B18F00A4E5E2F2C70C17E71EA6D9127A ] C:\Windows\System32\Windows.CloudStore.Schema.Shell.dll
16:46:41.0201 8652  C:\Windows\System32\Windows.CloudStore.Schema.Shell.dll - ok
16:46:41.0201 8652  [ CE6B3246011D40E647BA3954BFDA0E4D ] C:\Windows\System32\CoreShellExtFramework.dll
16:46:41.0201 8652  C:\Windows\System32\CoreShellExtFramework.dll - ok
16:46:41.0201 8652  [ 2C1F196154F72C5478B2BD892D7CAAD6 ] C:\Windows\System32\wpnclient.dll
16:46:41.0201 8652  C:\Windows\System32\wpnclient.dll - ok
16:46:41.0201 8652  [ 7866C803DDD8D626D760A313B6D92F16 ] C:\Windows\System32\userinit.exe
16:46:41.0201 8652  C:\Windows\System32\userinit.exe - ok
16:46:41.0216 8652  [ C25914606BF6306E0C7F102D1F9DD55F ] C:\Windows\System32\wpnapps.dll
16:46:41.0216 8652  C:\Windows\System32\wpnapps.dll - ok
16:46:41.0216 8652  [ 7E202271B2DDB283E55267FFC4E721D5 ] C:\Windows\System32\ContentDeliveryManager.Utilities.dll
16:46:41.0216 8652  C:\Windows\System32\ContentDeliveryManager.Utilities.dll - ok
16:46:41.0216 8652  [ 7BAF42245E4066768155A61AA6B1D505 ] C:\Windows\System32\userinitext.dll
16:46:41.0216 8652  C:\Windows\System32\userinitext.dll - ok
16:46:41.0216 8652  [ E4A81EDDFF8B844D85C8B45354E4144E ] C:\Windows\explorer.exe
16:46:41.0216 8652  C:\Windows\explorer.exe - ok
16:46:41.0216 8652  [ 9AD62D26F8BDA8088FF68A6EC9966717 ] C:\Windows\System32\twinui.pcshell.dll
16:46:41.0216 8652  C:\Windows\System32\twinui.pcshell.dll - ok
16:46:41.0216 8652  [ 495592143212264758884643EE45320A ] C:\Windows\System32\wbem\wmipcima.dll
16:46:41.0216 8652  C:\Windows\System32\wbem\wmipcima.dll - ok
16:46:41.0232 8652  [ C8C22E2DDDD5776F5DA68198844061F4 ] C:\Windows\System32\twinapi.dll
16:46:41.0232 8652  C:\Windows\System32\twinapi.dll - ok
16:46:41.0232 8652  [ A2C96CBC93B9CC62DA73947ECF52F1D1 ] C:\Windows\System32\SettingSyncCore.dll
16:46:41.0232 8652  C:\Windows\System32\SettingSyncCore.dll - ok
16:46:41.0232 8652  [ 2CF9EB56544DCA897AE539D11D335BE7 ] C:\Program Files\AVAST Software\Avast\aswhookx.dll
16:46:41.0232 8652  C:\Program Files\AVAST Software\Avast\aswhookx.dll - ok
16:46:41.0232 8652  [ FA83E90DEDCF7AA301C8E41DE509474C ] C:\Windows\System32\omadmapi.dll
16:46:41.0232 8652  C:\Windows\System32\omadmapi.dll - ok
16:46:41.0232 8652  [ E994679E94E4AE194DE0534F9E7D722F ] C:\Windows\System32\Windows.StateRepositoryBroker.dll
16:46:41.0232 8652  C:\Windows\System32\Windows.StateRepositoryBroker.dll - ok
16:46:41.0232 8652  [ 891599A4248FB9F44615A837C399064C ] C:\Windows\System32\StartTileData.dll
16:46:41.0232 8652  C:\Windows\System32\StartTileData.dll - ok
16:46:41.0232 8652  [ 8864E8DB01B29CB22B0A973559BDD088 ] C:\Windows\System32\wlidprov.dll
16:46:41.0232 8652  C:\Windows\System32\wlidprov.dll - ok
16:46:41.0247 8652  [ 3D75298AA17859D8B73A338957C4061B ] C:\Windows\System32\dxva2.dll
16:46:41.0247 8652  C:\Windows\System32\dxva2.dll - ok
16:46:41.0247 8652  [ CB0C437434CB3B86E85EA8875DAA1C98 ] C:\Windows\System32\dimsjob.dll
16:46:41.0247 8652  C:\Windows\System32\dimsjob.dll - ok
16:46:41.0247 8652  [ 923706CCE2EB713FA7CC04DB93C52DA3 ] C:\Windows\System32\dui70.dll
16:46:41.0247 8652  C:\Windows\System32\dui70.dll - ok
16:46:41.0247 8652  [ 15DC9CA4E5EF313320A98C60698E75E3 ] C:\Windows\System32\wmi.dll
16:46:41.0247 8652  C:\Windows\System32\wmi.dll - ok
16:46:41.0247 8652  [ 48EA4B4CCC920D130529A1EF85388B6A ] C:\Windows\System32\appinfo.dll
16:46:41.0247 8652  C:\Windows\System32\appinfo.dll - ok
16:46:41.0247 8652  [ E713B809329C9E0806CF05B7099E78D7 ] C:\Windows\System32\appinfoext.dll
16:46:41.0247 8652  C:\Windows\System32\appinfoext.dll - ok
16:46:41.0247 8652  [ 907C2F5CBCCB0D523B42F9F6AB89134F ] C:\Windows\System32\radardt.dll
16:46:41.0247 8652  C:\Windows\System32\radardt.dll - ok
16:46:41.0247 8652  [ FDB050613F50C67BC70F7C760E5C36BF ] C:\Windows\System32\localspl.dll
16:46:41.0247 8652  C:\Windows\System32\localspl.dll - ok
16:46:41.0247 8652  [ 113CCF98F8F39C8260CCA59AB36BCEF7 ] C:\Windows\System32\spoolss.dll
16:46:41.0247 8652  C:\Windows\System32\spoolss.dll - ok
16:46:41.0263 8652  [ 1FD998EEF7CBDBC71C0FCA164B01864F ] C:\Windows\System32\TokenBroker.dll
16:46:41.0263 8652  C:\Windows\System32\TokenBroker.dll - ok
16:46:41.0263 8652  [ F5ACCC5242564276F684949F2664E227 ] C:\Windows\System32\wuuhext.dll
16:46:41.0263 8652  C:\Windows\System32\wuuhext.dll - ok
16:46:41.0263 8652  [ 0208BC53B6901AEE3F9C6807B6AFCF0F ] C:\Windows\System32\AppMon.dll
16:46:41.0263 8652  C:\Windows\System32\AppMon.dll - ok
16:46:41.0263 8652  [ 4D05841851FC4DC91DB99E24F7E1932A ] C:\Windows\System32\PrintIsolationProxy.dll
16:46:41.0263 8652  C:\Windows\System32\PrintIsolationProxy.dll - ok
16:46:41.0263 8652  [ 13A635CA8DDCEE98D5CD10A416721EBC ] C:\Windows\System32\tokenbinding.dll
16:46:41.0263 8652  C:\Windows\System32\tokenbinding.dll - ok
16:46:41.0263 8652  [ 6213188C33052AED9817B844A52375F2 ] C:\Windows\System32\updatepolicy.dll
16:46:41.0279 8652  C:\Windows\System32\updatepolicy.dll - ok
16:46:41.0279 8652  [ 5E4A430677C629E542F10EB63AA6C3C7 ] C:\Windows\System32\wuuhosdeployment.dll
16:46:41.0279 8652  C:\Windows\System32\wuuhosdeployment.dll - ok
16:46:41.0279 8652  [ CE51B96AD8F965C3EA205CE5744A53ED ] C:\Windows\System32\FXSMON.dll
16:46:41.0279 8652  C:\Windows\System32\FXSMON.dll - ok
16:46:41.0279 8652  [ 5F0287FF2BEF25F34C29B9505C72A81D ] C:\Windows\System32\IPPMon.dll
16:46:41.0279 8652  C:\Windows\System32\IPPMon.dll - ok
16:46:41.0279 8652  [ 95DDE660CF5D0CB6A746FF2E24F8C052 ] C:\Windows\System32\wshirda.dll
16:46:41.0279 8652  C:\Windows\System32\wshirda.dll - ok
16:46:41.0279 8652  [ E580DEC4B6CC7D993A344D63B7E94C6F ] C:\Windows\System32\snmpapi.dll
16:46:41.0279 8652  C:\Windows\System32\snmpapi.dll - ok
16:46:41.0294 8652  [ 4C7BF26AC26EF42ECA2F1973F5B30ED4 ] C:\Windows\System32\tcpmon.dll
16:46:41.0294 8652  C:\Windows\System32\tcpmon.dll - ok
16:46:41.0294 8652  [ 55B920EF9A8E9C320A5128E2BA653ED4 ] C:\Windows\System32\usbmon.dll
16:46:41.0294 8652  C:\Windows\System32\usbmon.dll - ok
16:46:41.0294 8652  [ 12DA85981F35E2B0626894FDA45FF7B1 ] C:\Windows\System32\wsnmp32.dll
16:46:41.0294 8652  C:\Windows\System32\wsnmp32.dll - ok
16:46:41.0294 8652  [ BADDF4B17FDC940C525CFBAF5B99F71F ] C:\Windows\System32\WSDMon.dll
16:46:41.0294 8652  C:\Windows\System32\WSDMon.dll - ok
16:46:41.0294 8652  [ 0DC7DA516609D258B9EFBB48F6800BAF ] C:\Windows\System32\WSDApi.dll
16:46:41.0294 8652  C:\Windows\System32\WSDApi.dll - ok
16:46:41.0294 8652  [ F375F80AFA685B86AEB5138B50F55F6B ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
16:46:41.0294 8652  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
16:46:41.0310 8652  [ CC0F0AE22D28521C886D2286DF95CBC9 ] C:\Windows\System32\win32spl.dll
16:46:41.0310 8652  C:\Windows\System32\win32spl.dll - ok
16:46:41.0310 8652  [ A7145E332FD511DA21DAD2F108354BCA ] C:\Windows\System32\inetpp.dll
16:46:41.0310 8652  C:\Windows\System32\inetpp.dll - ok
16:46:41.0310 8652  [ 1E0B39B4F659600BC33B979C2C674C82 ] C:\Windows\System32\iri.dll
16:46:41.0310 8652  C:\Windows\System32\iri.dll - ok
16:46:41.0310 8652  [ 25343A131610D1559DCB387A9E363A53 ] C:\Windows\System32\pautoenr.dll
16:46:41.0310 8652  C:\Windows\System32\pautoenr.dll - ok
16:46:41.0310 8652  [ 6C718849D436A7CCEBED72538F8BD04B ] C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
16:46:41.0310 8652  C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe - ok
16:46:41.0310 8652  [ AAE9B2DC326A6CAE52051F23F40482EB ] C:\Windows\System32\CertEnroll.dll
16:46:41.0310 8652  C:\Windows\System32\CertEnroll.dll - ok
16:46:41.0310 8652  [ EAA267FAABDBE6194985DC6A0AC96664 ] C:\Windows\System32\Windows.Internal.Management.dll
16:46:41.0310 8652  C:\Windows\System32\Windows.Internal.Management.dll - ok
16:46:41.0310 8652  [ DC7B5594662C9638D3C6C200FE087587 ] C:\Windows\System32\mdmmigrator.dll
16:46:41.0310 8652  C:\Windows\System32\mdmmigrator.dll - ok
16:46:41.0310 8652  [ C067CEDF14E72AC05F9617B01CA29BE5 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
16:46:41.0310 8652  C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
16:46:41.0310 8652  [ 99D4A17FD5FDF53FDC70932512C05332 ] C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\goopdate.dll
16:46:41.0310 8652  C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\goopdate.dll - ok
16:46:41.0325 8652  [ D38A41DA7BD0D4379CCD83F63FCB09E7 ] C:\Windows\System32\certca.dll
16:46:41.0325 8652  C:\Windows\System32\certca.dll - ok
16:46:41.0325 8652  [ D2F56E366F1CB26866A6F43BD53B46C3 ] C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
16:46:41.0325 8652  C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe - ok
16:46:41.0325 8652  [ A68EA61D08ABAA803BE0DA46281433FB ] C:\Windows\System32\sti.dll
16:46:41.0325 8652  C:\Windows\System32\sti.dll - ok
16:46:41.0325 8652  [ 3F7B4447640000FD2678921A245236E0 ] C:\Windows\System32\vaultcli.dll
16:46:41.0325 8652  C:\Windows\System32\vaultcli.dll - ok
16:46:41.0325 8652  [ F72C99DBFE49F3E94281CF9BD1E95DF4 ] C:\Windows\SysWOW64\taskschd.dll
16:46:41.0325 8652  C:\Windows\SysWOW64\taskschd.dll - ok
16:46:41.0325 8652  [ 5F3BE52A00D8C741AE0B7FCE861F90AD ] C:\Windows\System32\runonce.exe
16:46:41.0325 8652  C:\Windows\System32\runonce.exe - ok
16:46:41.0325 8652  [ 42187344DAAD07466202B5A3139BC44F ] C:\Windows\System32\SettingSyncPolicy.dll
16:46:41.0325 8652  C:\Windows\System32\SettingSyncPolicy.dll - ok
16:46:41.0325 8652  [ CF0C25B75B6338AD9580A02E66B0A673 ] C:\Windows\System32\SndVolSSO.dll
16:46:41.0325 8652  C:\Windows\System32\SndVolSSO.dll - ok
16:46:41.0341 8652  [ 102FCA07B61824A0255A3804037F8B71 ] C:\Windows\System32\Speech_OneCore\common\sapi_onecore.dll
16:46:41.0341 8652  C:\Windows\System32\Speech_OneCore\common\sapi_onecore.dll - ok
16:46:41.0341 8652  [ 4AF2AA26F953008DDC3884063B4B18A8 ] C:\Windows\System32\DataExchange.dll
16:46:41.0341 8652  C:\Windows\System32\DataExchange.dll - ok
16:46:41.0341 8652  [ 0680B95D1B9196ADC94C5621888E76B3 ] C:\Windows\System32\ExplorerFrame.dll
16:46:41.0341 8652  C:\Windows\System32\ExplorerFrame.dll - ok
16:46:41.0341 8652  [ 15E29E4089EE7668ACEC48ADF7A33B24 ] C:\Windows\System32\thumbcache.dll
16:46:41.0341 8652  C:\Windows\System32\thumbcache.dll - ok
16:46:41.0341 8652  [ E7D353E79280BCD5EB7170D76E854336 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
16:46:41.0341 8652  C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
16:46:41.0341 8652  [ 02B965B472FFFA98AC5E6E2456854AB0 ] C:\Windows\System32\edputil.dll
16:46:41.0341 8652  C:\Windows\System32\edputil.dll - ok
16:46:41.0341 8652  [ FF4A9480B4B72B5F0792CAADB9DB5F57 ] C:\Windows\System32\PeopleBand.dll
16:46:41.0341 8652  C:\Windows\System32\PeopleBand.dll - ok
16:46:41.0341 8652  [ 2D9E8D8CBB524E46D3BE6604A66DE92E ] C:\Windows\System32\cldapi.dll
16:46:41.0341 8652  C:\Windows\System32\cldapi.dll - ok
16:46:41.0357 8652  [ ABE9B5DAB37EBE1013F40B9337D2B32B ] C:\Windows\System32\wuceffects.dll
16:46:41.0357 8652  C:\Windows\System32\wuceffects.dll - ok
16:46:41.0357 8652  [ 6AB7C70550361BF9B28DA0CE5F32C933 ] C:\Windows\System32\twinui.dll
16:46:41.0357 8652  C:\Windows\System32\twinui.dll - ok
16:46:41.0357 8652  [ D7682D0D562817502F77BCAE2B9A7111 ] C:\Windows\System32\ApplicationFrame.dll
16:46:41.0357 8652  C:\Windows\System32\ApplicationFrame.dll - ok
16:46:41.0357 8652  [ 94621E4D391890F5D8A3DD2894DA2916 ] C:\Windows\System32\ntshrui.dll
16:46:41.0357 8652  C:\Windows\System32\ntshrui.dll - ok
16:46:41.0357 8652  [ 2D030BA022C1F8BF06E2912296F68624 ] C:\Windows\System32\HolographicExtensions.dll
16:46:41.0357 8652  C:\Windows\System32\HolographicExtensions.dll - ok
16:46:41.0357 8652  [ 6B355CC5E979153C7AA941D5C7C9729B ] C:\Windows\System32\SecureTimeAggregator.dll
16:46:41.0357 8652  C:\Windows\System32\SecureTimeAggregator.dll - ok
16:46:41.0357 8652  [ BC11F000DD4A515D61F1CC9F145DF634 ] C:\Windows\SysWOW64\runonce.exe
16:46:41.0357 8652  C:\Windows\SysWOW64\runonce.exe - ok
16:46:41.0357 8652  [ F180C938A50693742B14D3BF9D0692D5 ] C:\Windows\System32\AboveLockAppHost.dll
16:46:41.0357 8652  C:\Windows\System32\AboveLockAppHost.dll - ok
16:46:41.0357 8652  [ 049038CB709A509731CD6999D93FFDBC ] C:\Windows\SysWOW64\imm32.dll
16:46:41.0357 8652  C:\Windows\SysWOW64\imm32.dll - ok
16:46:41.0372 8652  [ EE18E5CEC785C7F1C4B8A9E9D197F9FE ] C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
16:46:41.0372 8652  C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll - ok
16:46:41.0372 8652  [ 9DE63C73F61F77BEADEDD12F31E57446 ] C:\Windows\System32\ieframe.dll
16:46:41.0372 8652  C:\Windows\System32\ieframe.dll - ok
16:46:41.0372 8652  [ 38EDE7243E7F84D00E679F6B14BE5213 ] C:\Windows\System32\msIso.dll
16:46:41.0372 8652  C:\Windows\System32\msIso.dll - ok
16:46:41.0372 8652  [ FBBCE67458B155332BB67CBA2C2E1D1D ] C:\Windows\System32\NPSM.dll
16:46:41.0372 8652  C:\Windows\System32\NPSM.dll - ok
16:46:41.0372 8652  [ 724E6EC1371F528CA671543326ABC783 ] C:\Windows\SysWOW64\edputil.dll
16:46:41.0372 8652  C:\Windows\SysWOW64\edputil.dll - ok
16:46:41.0372 8652  [ 84D443EA9F1546195C5F3DFF916C5B70 ] C:\Windows\System32\linkinfo.dll
16:46:41.0372 8652  C:\Windows\System32\linkinfo.dll - ok
16:46:41.0372 8652  [ D036C4C64A9CF5446683E6FA1EB07FA5 ] C:\Windows\System32\Windows.Shell.BlueLightReduction.dll
16:46:41.0372 8652  C:\Windows\System32\Windows.Shell.BlueLightReduction.dll - ok
16:46:41.0372 8652  [ 8DFFB820A8D317C6139D37608A8EE99F ] C:\Windows\System32\Windows.Web.dll
16:46:41.0372 8652  C:\Windows\System32\Windows.Web.dll - ok
16:46:41.0388 8652  [ 56DB12079459B5BE0D348FFC0D315A67 ] C:\Windows\SysWOW64\cldapi.dll
16:46:41.0388 8652  C:\Windows\SysWOW64\cldapi.dll - ok
16:46:41.0388 8652  [ 08DF4B22F3E4566C189127CE33749341 ] C:\Windows\SysWOW64\WinTypes.dll
16:46:41.0388 8652  C:\Windows\SysWOW64\WinTypes.dll - ok
16:46:41.0388 8652  [ 9057D4809323B589F5EB270EB4A5BFCF ] C:\Windows\System32\Windows.Internal.Signals.dll
16:46:41.0388 8652  C:\Windows\System32\Windows.Internal.Signals.dll - ok
16:46:41.0388 8652  [ 01C75CFD4AD925C14B0BEC2A1C75C56D ] C:\Users\PC\AppData\Local\Microsoft\OneDrive\18.131.0701.0007_1\amd64\FileSyncShell64.dll
16:46:41.0388 8652  C:\Users\PC\AppData\Local\Microsoft\OneDrive\18.131.0701.0007_1\amd64\FileSyncShell64.dll - ok
16:46:41.0388 8652  [ C11FFB1CB74E8F8EDA93A0E2548D305D ] C:\Windows\System32\ktmw32.dll
16:46:41.0388 8652  C:\Windows\System32\ktmw32.dll - ok
16:46:41.0388 8652  [ 6D2C19F801E4A980EBCB42EAADBE8878 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
16:46:41.0388 8652  C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
16:46:41.0404 8652  [ 88074DA2630526A086FDF042AF0AD955 ] C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
16:46:41.0404 8652  C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe - ok
16:46:41.0404 8652  [ FB1EA7FCFCC0C7C229406B1FEB97F573 ] C:\Windows\System32\TaskFlowDataEngine.dll
16:46:41.0404 8652  C:\Windows\System32\TaskFlowDataEngine.dll - ok
16:46:41.0404 8652  [ 9A334D68FE015D7DF1307DA14170CE15 ] C:\Windows\System32\EhStorShell.dll
16:46:41.0404 8652  C:\Windows\System32\EhStorShell.dll - ok
16:46:41.0404 8652  [ 8754A1960C6313AD4A9BE7F515E259A4 ] C:\Windows\System32\cscui.dll
16:46:41.0404 8652  C:\Windows\System32\cscui.dll - ok
16:46:41.0404 8652  [ 287777C7976D8D83157E7CEE762CE91B ] C:\Windows\System32\Windows.Data.Activities.dll
16:46:41.0404 8652  C:\Windows\System32\Windows.Data.Activities.dll - ok
16:46:41.0404 8652  [ 60F41C9C86E328015B8FD9A0807F08A4 ] C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
16:46:41.0404 8652  C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll - ok
16:46:41.0404 8652  [ 3C3609482D4A1BFB8BFBC165A6314F41 ] C:\Windows\System32\provsvc.dll
16:46:41.0404 8652  C:\Windows\System32\provsvc.dll - ok
16:46:41.0404 8652  [ 11C41C5C93959235576F2B0172292E7D ] C:\Windows\System32\actxprxy.dll
16:46:41.0404 8652  C:\Windows\System32\actxprxy.dll - ok
16:46:41.0419 8652  [ 20015110C5066CC7A71D4B2C0F6361E5 ] C:\Windows\System32\mlang.dll
16:46:41.0419 8652  C:\Windows\System32\mlang.dll - ok
16:46:41.0419 8652  [ 609C838A20193061BD7E75CA685293AB ] C:\Windows\System32\Windows.UI.Core.TextInput.dll
16:46:41.0419 8652  C:\Windows\System32\Windows.UI.Core.TextInput.dll - ok
16:46:41.0419 8652  [ CDDE4F38339D7A5DB7CC6F268E567280 ] C:\Windows\System32\ShellCommonCommonProxyStub.dll
16:46:41.0419 8652  C:\Windows\System32\ShellCommonCommonProxyStub.dll - ok
16:46:41.0419 8652  [ 0B8777A322C0275581030670B3649140 ] C:\Windows\System32\cflapi.dll
16:46:41.0419 8652  C:\Windows\System32\cflapi.dll - ok
16:46:41.0419 8652  [ F9C3587D25317A64E3BA803A1627E531 ] C:\Windows\System32\LicenseManagerApi.dll
16:46:41.0419 8652  C:\Windows\System32\LicenseManagerApi.dll - ok
16:46:41.0419 8652  [ 94D34E489ACC08D4E36DF96E39561647 ] C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
16:46:41.0419 8652  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe - ok
16:46:41.0419 8652  [ F3BDBE3BB6F734E357235F4D5898582D ] C:\Windows\SysWOW64\cmd.exe
16:46:41.0419 8652  C:\Windows\SysWOW64\cmd.exe - ok
16:46:41.0419 8652  [ 64071EA09380B2C03C993122DDFB135E ] C:\Windows\SysWOW64\cmdext.dll
16:46:41.0419 8652  C:\Windows\SysWOW64\cmdext.dll - ok
16:46:41.0419 8652  [ 3E200C4C914D7DF2EAD62CBC8D7FE004 ] C:\Windows\ShellExperiences\StartUI.dll
16:46:41.0419 8652  C:\Windows\ShellExperiences\StartUI.dll - ok
16:46:41.0435 8652  [ 54DDE28780D925E2EB4868FE351756A7 ] C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
16:46:41.0435 8652  C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll - ok
16:46:41.0435 8652  [ FFD2E43159E3F0908D2864DD76AB39D2 ] C:\Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
16:46:41.0435 8652  C:\Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll - ok
16:46:41.0435 8652  [ 1A5836BAF741B558B05E37746091AAB7 ] C:\Windows\ShellExperiences\QuickActions.dll
16:46:41.0435 8652  C:\Windows\ShellExperiences\QuickActions.dll - ok
16:46:41.0435 8652  [ 4FF8C9595F3644903A8900DBB6CEA7AC ] C:\Windows\ShellExperiences\Windows.UI.ActionCenter.dll
16:46:41.0435 8652  C:\Windows\ShellExperiences\Windows.UI.ActionCenter.dll - ok
16:46:41.0435 8652  [ C170D90B31BE80CC73A0422F3EA0AB44 ] C:\Windows\System32\QuickActionsDataModel.dll
16:46:41.0435 8652  C:\Windows\System32\QuickActionsDataModel.dll - ok
16:46:41.0435 8652  [ 99802B8B209737F500747F0C54809287 ] C:\Windows\SysWOW64\pcacli.dll
16:46:41.0435 8652  C:\Windows\SysWOW64\pcacli.dll - ok
16:46:41.0435 8652  [ 646118D521C8131F6940E8BD808246A0 ] C:\Windows\System32\pcasvc.dll
16:46:41.0435 8652  C:\Windows\System32\pcasvc.dll - ok
16:46:41.0435 8652  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\PC\AppData\Local\Temp\A2494F93-F689-405E-9189-6AF33270EA64.exe
16:46:41.0435 8652  C:\Users\PC\AppData\Local\Temp\A2494F93-F689-405E-9189-6AF33270EA64.exe - ok
16:46:41.0435 8652  [ 13F57837201E92922ACCA5FE0B9CE7D0 ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
16:46:41.0435 8652  C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
16:46:41.0450 8652  [ E627350A481CC09E059B98C165398E0E ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
16:46:41.0450 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe - ok
16:46:41.0450 8652  [ A6B0BEA62673C431793072CFFE325839 ] C:\Windows\System32\fontgroupsoverride.dll
16:46:41.0450 8652  C:\Windows\System32\fontgroupsoverride.dll - ok
16:46:41.0450 8652  [ 6C2B411C6D6D68E46882FE42DE44FBFC ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
16:46:41.0450 8652  C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
16:46:41.0450 8652  [ 1B057849EA59045693818B7EF870EA99 ] C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
16:46:41.0450 8652  C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe - ok
16:46:41.0450 8652  [ AAF0E50500CE5E2A2D5DBC96DEB00700 ] C:\Windows\System32\Windows.Services.TargetedContent.dll
16:46:41.0450 8652  C:\Windows\System32\Windows.Services.TargetedContent.dll - ok
16:46:41.0450 8652  [ D95C56EEF9F975E01882665A97724ED3 ] C:\Windows\SysWOW64\msctf.dll
16:46:41.0450 8652  C:\Windows\SysWOW64\msctf.dll - ok
16:46:41.0450 8652  [ 63A5CE9F0D4CC5CBAD7FAC1011CC4225 ] C:\Windows\System32\dusmapi.dll
16:46:41.0450 8652  C:\Windows\System32\dusmapi.dll - ok
16:46:41.0450 8652  [ 4AE6F411C118D92871C9161BD20CD939 ] C:\Windows\System32\wpnprv.dll
16:46:41.0450 8652  C:\Windows\System32\wpnprv.dll - ok
16:46:41.0450 8652  [ C7E36B4A5D9E6AC600DD7A0E0D52DAC5 ] C:\Windows\System32\RuntimeBroker.exe
16:46:41.0450 8652  C:\Windows\System32\RuntimeBroker.exe - ok
16:46:41.0450 8652  [ 8A5F267ECDF8C60C7D24EEBD87EC04BD ] C:\Windows\System32\UIAutomationCore.dll
16:46:41.0450 8652  C:\Windows\System32\UIAutomationCore.dll - ok
16:46:41.0466 8652  [ D2B7E3E604B0F09ED1E9830D738EC99A ] C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
16:46:41.0466 8652  C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll - ok
16:46:41.0466 8652  [ 41D89D20C92A9854B293110FDB394647 ] C:\Windows\System32\RTMediaFrame.dll
16:46:41.0466 8652  C:\Windows\System32\RTMediaFrame.dll - ok
16:46:41.0466 8652  [ E1A5C780B536F52EBC0C8E9E979472DD ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
16:46:41.0466 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll - ok
16:46:41.0466 8652  [ 7E1C3D4004D27031CB14AB175BEF6F73 ] C:\Windows\System32\Windows.Storage.Search.dll
16:46:41.0466 8652  C:\Windows\System32\Windows.Storage.Search.dll - ok
16:46:41.0466 8652  [ 9621FA24F96B5C96A98027FFCF61815A ] C:\Windows\System32\GlobCollationHost.dll
16:46:41.0466 8652  C:\Windows\System32\GlobCollationHost.dll - ok
16:46:41.0466 8652  [ 8F5817071C4EF77E309036D6B40480F1 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingConfigurationClient.dll
16:46:41.0466 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingConfigurationClient.dll - ok
16:46:41.0466 8652  [ 512A87CAFCD01BDBD6A5662D34D3ADF6 ] C:\Windows\System32\Windows.Cortana.PAL.Desktop.dll
16:46:41.0466 8652  C:\Windows\System32\Windows.Cortana.PAL.Desktop.dll - ok
16:46:41.0466 8652  [ 6AEFE08839BB2A1E985975EDAA81BA13 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
16:46:41.0466 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll - ok
16:46:41.0466 8652  [ D87ECC1B91AF55986AA36EFC26A3F233 ] C:\Windows\System32\Clipc.dll
16:46:41.0466 8652  C:\Windows\System32\Clipc.dll - ok
16:46:41.0482 8652  [ 09E83F1D1C99AD33009DBE6FB129C2D9 ] C:\Windows\System32\Windows.Internal.Shell.Broker.dll
16:46:41.0482 8652  C:\Windows\System32\Windows.Internal.Shell.Broker.dll - ok
16:46:41.0482 8652  [ 5E548E6E9FB35DC9BE1DE62F67F09597 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionMgr.dll
16:46:41.0482 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionMgr.dll - ok
16:46:41.0482 8652  [ D0D059712BE7D694C215182F5651F954 ] C:\Windows\System32\PersonaX.dll
16:46:41.0482 8652  C:\Windows\System32\PersonaX.dll - ok
16:46:41.0482 8652  [ E471E1F331F4EFEB586208C004918152 ] C:\Windows\System32\ConstraintIndex.Search.dll
16:46:41.0482 8652  C:\Windows\System32\ConstraintIndex.Search.dll - ok
16:46:41.0482 8652  [ D37A56CB48246C602A4B84CC28CF14A7 ] C:\Windows\System32\Windows.Web.Http.dll
16:46:41.0482 8652  C:\Windows\System32\Windows.Web.Http.dll - ok
16:46:41.0482 8652  [ 49FC3CF7EDB4CEF4AC89756BB9A8F863 ] C:\Windows\System32\Windows.Cortana.OneCore.dll
16:46:41.0482 8652  C:\Windows\System32\Windows.Cortana.OneCore.dll - ok
16:46:41.0482 8652  [ 495960BEDCFB106A5BA73C6C2B5EC45D ] C:\Windows\System32\Windows.Cortana.ProxyStub.dll
16:46:41.0482 8652  C:\Windows\System32\Windows.Cortana.ProxyStub.dll - ok
16:46:41.0482 8652  [ B7B94ACF6A4A4A339992CA2FEBE77D8B ] C:\Windows\System32\mfplat.dll
16:46:41.0482 8652  C:\Windows\System32\mfplat.dll - ok
16:46:41.0482 8652  [ 57D5CBA343A9CA2A4806E3C9FF0C090A ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
16:46:41.0482 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll - ok
16:46:41.0482 8652  [ 6A24F5848974818882AAC7E6786C432A ] C:\Windows\System32\SpeechPal.dll
16:46:41.0482 8652  C:\Windows\System32\SpeechPal.dll - ok
16:46:41.0497 8652  [ D27FCC181A7636F6A1A33505F71BF27E ] C:\Windows\System32\stobject.dll
16:46:41.0497 8652  C:\Windows\System32\stobject.dll - ok
16:46:41.0497 8652  [ A496500683D3E2EB8E994B9D381D5DBE ] C:\Windows\System32\batmeter.dll
16:46:41.0497 8652  C:\Windows\System32\batmeter.dll - ok
16:46:41.0497 8652  [ 79DE5C2798F2813D7ABF2CFB28DC3FDA ] C:\Windows\System32\SearchIndexer.exe
16:46:41.0497 8652  C:\Windows\System32\SearchIndexer.exe - ok
16:46:41.0497 8652  [ 9AC29C7104159F31703EDCA1FAC60BA0 ] C:\Windows\System32\Windows.UI.Shell.dll
16:46:41.0497 8652  C:\Windows\System32\Windows.UI.Shell.dll - ok
16:46:41.0497 8652  [ 5BF275679036118F3EBCA3B7F538F460 ] C:\Windows\System32\prnfldr.dll
16:46:41.0497 8652  C:\Windows\System32\prnfldr.dll - ok
16:46:41.0497 8652  [ EBC6800D8732CB87EC748ED210412C39 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
16:46:41.0497 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll - ok
16:46:41.0497 8652  [ B6EF70D62E73BCB19435405CCFDB4E69 ] C:\Windows\System32\DXP.dll
16:46:41.0497 8652  C:\Windows\System32\DXP.dll - ok
16:46:41.0497 8652  [ 8516E510AD722044BCFD354382994478 ] C:\Windows\System32\ActionCenter.dll
16:46:41.0513 8652  C:\Windows\System32\ActionCenter.dll - ok
16:46:41.0513 8652  [ C775C55E7F3737017E263BAF4BA6A633 ] C:\Windows\System32\mssprxy.dll
16:46:41.0513 8652  C:\Windows\System32\mssprxy.dll - ok
16:46:41.0513 8652  [ 2F078648C08DA3AA04F205B8EFB88958 ] C:\Windows\System32\shdocvw.dll
16:46:41.0513 8652  C:\Windows\System32\shdocvw.dll - ok
16:46:41.0513 8652  [ 556818B003F121CCCD34F4A85986D3A9 ] C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
16:46:41.0513 8652  C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll - ok
16:46:41.0513 8652  [ 2B879C86D738F69C7A7E04B50B5288EF ] C:\Windows\System32\Windows.ApplicationModel.Background.TimeBroker.dll
16:46:41.0513 8652  C:\Windows\System32\Windows.ApplicationModel.Background.TimeBroker.dll - ok
16:46:41.0513 8652  [ 860C909E59948CEE59AB0DF545A27F87 ] C:\Windows\System32\atlthunk.dll
16:46:41.0513 8652  C:\Windows\System32\atlthunk.dll - ok
16:46:41.0513 8652  [ 057D7D1261BF0D4CB644E7421C056D92 ] C:\Windows\System32\EdgeManager.dll
16:46:41.0513 8652  C:\Windows\System32\EdgeManager.dll - ok
16:46:41.0529 8652  [ 3FAF503632ABD7A1DC552962376F8B88 ] C:\Windows\System32\Syncreg.dll
16:46:41.0529 8652  C:\Windows\System32\Syncreg.dll - ok
16:46:41.0529 8652  [ 377DFC64BB1C11F5400BEEE8E155841A ] C:\Windows\System32\CompPkgSup.dll
16:46:41.0529 8652  C:\Windows\System32\CompPkgSup.dll - ok
16:46:41.0529 8652  [ ECF1D3C43008167F5E73747AC311D3D6 ] C:\Windows\System32\edgeIso.dll
16:46:41.0529 8652  C:\Windows\System32\edgeIso.dll - ok
16:46:41.0529 8652  [ 7EAF1E55B56FA270087E921621E7D5D0 ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
16:46:41.0529 8652  C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
16:46:41.0529 8652  [ 132B8D6D6450A0EB0F81E5A3D0221892 ] C:\Windows\System32\d3d10warp.dll
16:46:41.0529 8652  C:\Windows\System32\d3d10warp.dll - ok
16:46:41.0529 8652  [ 431E4F894D138E3CEAE02F1DC0A030E2 ] C:\Windows\System32\edgehtml.dll
16:46:41.0529 8652  C:\Windows\System32\edgehtml.dll - ok
16:46:41.0544 8652  [ 78B87CABD9F9B2E02537478AA73FCD15 ] C:\Windows\System32\WPDShServiceObj.dll
16:46:41.0544 8652  C:\Windows\System32\WPDShServiceObj.dll - ok
16:46:41.0544 8652  [ EDB79ECD4218FCD7573A891788FCFB9A ] C:\Windows\System32\AudioSes.dll
16:46:41.0544 8652  C:\Windows\System32\AudioSes.dll - ok
16:46:41.0544 8652  [ CC161011632B1B60ED4CF3F7926269EA ] C:\Windows\System32\authui.dll
16:46:41.0544 8652  C:\Windows\System32\authui.dll - ok
16:46:41.0544 8652  [ D1D58BC3F9F40A1EAA95BD0BEECA9D4D ] C:\Windows\System32\PortableDeviceTypes.dll
16:46:41.0544 8652  C:\Windows\System32\PortableDeviceTypes.dll - ok
16:46:41.0544 8652  [ 30AF33E2F43F3C7906CC3C47A79A46B1 ] C:\Windows\System32\SearchProtocolHost.exe
16:46:41.0544 8652  C:\Windows\System32\SearchProtocolHost.exe - ok
16:46:41.0544 8652  [ 9AC9EAE0DDE4283F10C59D15D8B83967 ] C:\Windows\SysWOW64\TextInputFramework.dll
16:46:41.0544 8652  C:\Windows\SysWOW64\TextInputFramework.dll - ok
16:46:41.0560 8652  [ 2A97A249DC845F4EE359C950E47C22A0 ] C:\Windows\System32\SearchFilterHost.exe
16:46:41.0560 8652  C:\Windows\System32\SearchFilterHost.exe - ok
16:46:41.0560 8652  [ 034B04363616303B7ED5DF7B4A185FA1 ] C:\Windows\System32\SettingMonitor.dll
16:46:41.0560 8652  C:\Windows\System32\SettingMonitor.dll - ok
16:46:41.0560 8652  [ 73C519F050C20580F8A62C849D49215A ] C:\Windows\System32\rundll32.exe
16:46:41.0560 8652  C:\Windows\System32\rundll32.exe - ok
16:46:41.0560 8652  [ 8510B04CCF1C3F62608E8D98B8A6A3CC ] C:\Windows\System32\pnidui.dll
16:46:41.0560 8652  C:\Windows\System32\pnidui.dll - ok
16:46:41.0560 8652  [ 21A90458A93624604A3196D269E805AD ] C:\Windows\SysWOW64\CoreUIComponents.dll
16:46:41.0560 8652  C:\Windows\SysWOW64\CoreUIComponents.dll - ok
16:46:41.0560 8652  [ FE4C2F0EE343C14DBBAD8A58B57F6D29 ] C:\Windows\System32\cscobj.dll
16:46:41.0560 8652  C:\Windows\System32\cscobj.dll - ok
16:46:41.0560 8652  [ CAC8E9ADF27BD673E51A6586B398382D ] C:\Windows\SysWOW64\CoreMessaging.dll
16:46:41.0560 8652  C:\Windows\SysWOW64\CoreMessaging.dll - ok
16:46:41.0560 8652  [ 40FC979CEDD950A66E00C06E30CCD158 ] C:\Windows\System32\Chakra.dll
16:46:41.0560 8652  C:\Windows\System32\Chakra.dll - ok
16:46:41.0575 8652  [ 5EB82591B13931E761A3B036CC947A01 ] C:\Windows\System32\NetworkUXBroker.dll
16:46:41.0575 8652  C:\Windows\System32\NetworkUXBroker.dll - ok
16:46:41.0575 8652  [ 139AAC843447445934B3F679326147CD ] C:\Windows\System32\srchadmin.dll
16:46:41.0575 8652  C:\Windows\System32\srchadmin.dll - ok
16:46:41.0575 8652  [ D380A08AD12EDEB5F9AEE713F411C8D1 ] C:\Windows\System32\EthernetMediaManager.dll
16:46:41.0575 8652  C:\Windows\System32\EthernetMediaManager.dll - ok
16:46:41.0575 8652  [ 8C0125557F4E596DA177E18E4FBF8C8B ] C:\Windows\System32\bthprops.cpl
16:46:41.0575 8652  C:\Windows\System32\bthprops.cpl - ok
16:46:41.0575 8652  [ C312959238C0115361408F0C5E1E5574 ] C:\Windows\System32\srpapi.dll
16:46:41.0575 8652  C:\Windows\System32\srpapi.dll - ok
16:46:41.0575 8652  [ 810E9E125A9A2799C4E5480FECE30775 ] C:\Windows\System32\WlanMediaManager.dll
16:46:41.0575 8652  C:\Windows\System32\WlanMediaManager.dll - ok
16:46:41.0575 8652  [ 182E8EBB99C3FEE395B1CB1DC50AD866 ] C:\Windows\System32\BluetoothApis.dll
16:46:41.0575 8652  C:\Windows\System32\BluetoothApis.dll - ok
16:46:41.0575 8652  [ BB07F5F88BD2444B322D14630C717389 ] C:\Windows\System32\TetheringStation.dll
16:46:41.0575 8652  C:\Windows\System32\TetheringStation.dll - ok
16:46:41.0591 8652  [ 33D302B319C92A7197BC651A9149A42B ] C:\Windows\System32\Windows.Internal.SecurityMitigationsBroker.dll
16:46:41.0591 8652  C:\Windows\System32\Windows.Internal.SecurityMitigationsBroker.dll - ok
16:46:41.0591 8652  [ D7F843A4FA8DF1B731630EDA6F721863 ] C:\Windows\System32\msimtf.dll
16:46:41.0591 8652  C:\Windows\System32\msimtf.dll - ok
16:46:41.0591 8652  [ D1F982BBE4E925284B1FD9A01D6C7029 ] C:\Windows\System32\smartscreenps.dll
16:46:41.0591 8652  C:\Windows\System32\smartscreenps.dll - ok
16:46:41.0591 8652  [ 08B4D095DB0D2ED3887D16ADC4086E11 ] C:\Windows\System32\SyncCenter.dll
16:46:41.0591 8652  C:\Windows\System32\SyncCenter.dll - ok
16:46:41.0591 8652  [ 486830201ADA855D7E72146491EB97BE ] C:\Windows\System32\rometadata.dll
16:46:41.0591 8652  C:\Windows\System32\rometadata.dll - ok
16:46:41.0591 8652  [ 05DAE40E9720A527986C914944AB271C ] C:\Windows\System32\smartscreen.exe
16:46:41.0591 8652  C:\Windows\System32\smartscreen.exe - ok
16:46:41.0591 8652  [ 940648BD8BB906884321F551DDDEAE65 ] C:\Windows\System32\WinMetadata\Windows.Foundation.winmd
16:46:41.0591 8652  C:\Windows\System32\WinMetadata\Windows.Foundation.winmd - ok
16:46:41.0591 8652  [ BBAF5B4D8B998BE65A1CAB26CD50E187 ] C:\Windows\System32\WinMetadata\Windows.Security.winmd
16:46:41.0591 8652  C:\Windows\System32\WinMetadata\Windows.Security.winmd - ok
16:46:41.0607 8652  [ 70A216DF0274D5210EAB4C17F8AD3F04 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Internal.Search.winmd
16:46:41.0607 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Internal.Search.winmd - ok
16:46:41.0607 8652  [ 2F4D382A5FF48E20BE35C8F631C8FF8C ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Search.winmd
16:46:41.0607 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Search.winmd - ok
16:46:41.0607 8652  [ E9A38799C4FE08B0E7E3989ABF9BC660 ] C:\Windows\SysWOW64\schannel.dll
16:46:41.0607 8652  C:\Windows\SysWOW64\schannel.dll - ok
16:46:41.0607 8652  [ CC822AC0568B336A2B62F57B66A5BF84 ] C:\Windows\System32\imapi2.dll
16:46:41.0607 8652  C:\Windows\System32\imapi2.dll - ok
16:46:41.0607 8652  [ A20B3873EA2BDD4D70C228BEF14B1D04 ] C:\Windows\System32\WinMetadata\Windows.Storage.winmd
16:46:41.0607 8652  C:\Windows\System32\WinMetadata\Windows.Storage.winmd - ok
16:46:41.0607 8652  [ 2149E38A40C31F8F3F7EC20480C16A08 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.SPA.winmd
16:46:41.0607 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.SPA.winmd - ok
16:46:41.0607 8652  [ 5842415FA839F02D41347199EB7D89CE ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Tips.winmd
16:46:41.0607 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Tips.winmd - ok
16:46:41.0607 8652  [ E43D03998F5C2BCDCD5936C5BEDBA013 ] C:\Windows\System32\WinMetadata\Windows.System.winmd
16:46:41.0607 8652  C:\Windows\System32\WinMetadata\Windows.System.winmd - ok
16:46:41.0607 8652  [ 0942C87ED45B1E227032AD154105F79B ] C:\Windows\System32\cdpsvc.dll
16:46:41.0607 8652  C:\Windows\System32\cdpsvc.dll - ok
16:46:41.0622 8652  [ 072A62BA7F2C671DB1C21B0698921599 ] C:\Windows\System32\msdelta.dll
16:46:41.0622 8652  C:\Windows\System32\msdelta.dll - ok
16:46:41.0622 8652  [ 6492ACEA6AE001C0ED8777CB5B65B5AE ] C:\Windows\System32\canonurl.dll
16:46:41.0622 8652  C:\Windows\System32\canonurl.dll - ok
16:46:41.0622 8652  [ B4C9425510F324459FE083C1C57CB3A7 ] C:\Windows\System32\WinMetadata\Windows.Web.winmd
16:46:41.0622 8652  C:\Windows\System32\WinMetadata\Windows.Web.winmd - ok
16:46:41.0622 8652  [ F4C5BD56F1345D0254595F4E79055CCE ] C:\Windows\System32\keyiso.dll
16:46:41.0622 8652  C:\Windows\System32\keyiso.dll - ok
16:46:41.0622 8652  [ 8309BD7B2FFE60326D49EB82ABCC6974 ] C:\Windows\System32\WinRtTracing.dll
16:46:41.0622 8652  C:\Windows\System32\WinRtTracing.dll - ok
16:46:41.0622 8652  [ 9E04971B7443D38A46E526ED227A97E1 ] C:\Windows\System32\sbservicetrigger.dll
16:46:41.0622 8652  C:\Windows\System32\sbservicetrigger.dll - ok
16:46:41.0622 8652  [ 17EB5BB2D86F1EE63272F1F5E226E036 ] C:\Windows\System32\mssph.dll
16:46:41.0622 8652  C:\Windows\System32\mssph.dll - ok
16:46:41.0622 8652  [ B4A97B30452A20CF9181848D3E892E5D ] C:\Windows\System32\Windows.Devices.Bluetooth.dll
16:46:41.0622 8652  C:\Windows\System32\Windows.Devices.Bluetooth.dll - ok
16:46:41.0622 8652  [ C6864B5287EECFD8BE7066031731C26C ] C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd
16:46:41.0622 8652  C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd - ok
16:46:41.0638 8652  [ 5C814306E5D18B077764A39521FCF9F8 ] C:\Windows\System32\WinMetadata\Windows.UI.winmd
16:46:41.0638 8652  C:\Windows\System32\WinMetadata\Windows.UI.winmd - ok
16:46:41.0638 8652  [ 1D0ABC9DF2B74C8A41EADC0CBA395CDB ] C:\Windows\System32\Windows.Networking.HostName.dll
16:46:41.0638 8652  C:\Windows\System32\Windows.Networking.HostName.dll - ok
16:46:41.0638 8652  [ 538D2765D892D802395CB284A4F0398F ] C:\Windows\System32\Windows.Networking.dll
16:46:41.0638 8652  C:\Windows\System32\Windows.Networking.dll - ok
16:46:41.0638 8652  [ 6D42C4C29EDA3B84140FE446112AE1EF ] C:\Windows\System32\cryptnet.dll
16:46:41.0638 8652  C:\Windows\System32\cryptnet.dll - ok
16:46:41.0638 8652  [ 6A0BA684415E63C901B95423E9571581 ] C:\Windows\System32\deviceaccess.dll
16:46:41.0638 8652  C:\Windows\System32\deviceaccess.dll - ok
16:46:41.0638 8652  [ 2DFC9EFCFF1125ECFDF087A0409AC858 ] C:\Windows\System32\ELSCore.dll
16:46:41.0638 8652  C:\Windows\System32\ELSCore.dll - ok
16:46:41.0638 8652  [ 25B16B7A227D9BF79B92294F07755A69 ] C:\Windows\System32\elsTrans.dll
16:46:41.0638 8652  C:\Windows\System32\elsTrans.dll - ok
16:46:41.0638 8652  [ 1009B8D22FF9860EEE422D3A0E7D3EF4 ] C:\Windows\System32\elslad.dll
16:46:41.0638 8652  C:\Windows\System32\elslad.dll - ok
16:46:41.0638 8652  [ 808CFFD3451EA0125CACF22EDF872BE0 ] C:\Windows\SysWOW64\mskeyprotect.dll
16:46:41.0638 8652  C:\Windows\SysWOW64\mskeyprotect.dll - ok
16:46:41.0654 8652  [ 1EF214BC0F2D3B084571D76A141165C8 ] C:\Windows\SysWOW64\ncryptsslp.dll
16:46:41.0654 8652  C:\Windows\SysWOW64\ncryptsslp.dll - ok
16:46:41.0654 8652  [ 7B00D77B50EB9F3092E97DF492DCC604 ] C:\Windows\SysWOW64\imagehlp.dll
16:46:41.0654 8652  C:\Windows\SysWOW64\imagehlp.dll - ok
16:46:41.0654 8652  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\83023170.sys
16:46:41.0654 8652  C:\Windows\System32\drivers\83023170.sys - ok
16:46:41.0654 8652  [ 1B94470681F62C63B3C2209F68A865B0 ] C:\Windows\SysWOW64\riched20.dll
16:46:41.0654 8652  C:\Windows\SysWOW64\riched20.dll - ok
16:46:41.0654 8652  [ D1F3620A23D77B8FA52CC7FE10B242A3 ] C:\Windows\SysWOW64\usp10.dll
16:46:41.0654 8652  C:\Windows\SysWOW64\usp10.dll - ok
16:46:41.0654 8652  [ 1FCAB57531D7D6C22BD70885E1AF1B80 ] C:\Windows\SysWOW64\msls31.dll
16:46:41.0654 8652  C:\Windows\SysWOW64\msls31.dll - ok
16:46:41.0654 8652  [ 0C670C386D3BA986100962ECB746AFD8 ] C:\Windows\SysWOW64\ExplorerFrame.dll
16:46:41.0654 8652  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
16:46:41.0654 8652  [ 99D4E13A3EAD4460C6E102E905E25A5C ] C:\Windows\System32\mobsync.exe
16:46:41.0654 8652  C:\Windows\System32\mobsync.exe - ok
16:46:41.0654 8652  [ 0D5894CAA935DFB29EBC862B3823ABA4 ] C:\Windows\System32\SyncInfrastructure.dll
16:46:41.0654 8652  C:\Windows\System32\SyncInfrastructure.dll - ok
16:46:41.0669 8652  [ B7FC4A29431D4F795BBAB1FB182B759A ] C:\Windows\System32\backgroundTaskHost.exe
16:46:41.0669 8652  C:\Windows\System32\backgroundTaskHost.exe - ok
16:46:41.0669 8652  [ F1C2BA1E44F3688A0F5E291F948D195C ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxTsr.exe
16:46:41.0669 8652  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxTsr.exe - ok
16:46:41.0669 8652  [ DB8F10ED986BFE0A5B663A1D067F2CCC ] C:\Windows\System32\LicenseManagerSvc.dll
16:46:41.0669 8652  C:\Windows\System32\LicenseManagerSvc.dll - ok
16:46:41.0669 8652  [ 0E30F04E4CAAF47CFB47D613F400C02D ] C:\Windows\System32\LicenseManager.dll
16:46:41.0669 8652  C:\Windows\System32\LicenseManager.dll - ok
16:46:41.0669 8652  [ 401269F2B1B690F3B01ED2C6B626C9B6 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
16:46:41.0669 8652  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll - ok
16:46:41.0669 8652  [ 02140E6B41B958D812B2A8B9F7EEF89A ] C:\Windows\System32\Cortana.Persona.dll
16:46:41.0669 8652  C:\Windows\System32\Cortana.Persona.dll - ok
16:46:41.0669 8652  [ 5BD85187D6A6A37D2A4563F33D7A76E4 ] C:\Windows\System32\ClipSVC.dll
16:46:41.0669 8652  C:\Windows\System32\ClipSVC.dll - ok
16:46:41.0669 8652  [ 5BA02F53663553752090C7CFB8C25D1F ] C:\Windows\System32\Geolocation.dll
16:46:41.0669 8652  C:\Windows\System32\Geolocation.dll - ok
16:46:41.0669 8652  [ C2A49E8EEE7C3D06ECA80847A42F65D5 ] C:\Windows\System32\lfsvc.dll
16:46:41.0669 8652  C:\Windows\System32\lfsvc.dll - ok
16:46:41.0669 8652  [ 6961FD9419BEC986C2CCF46A3D8E9393 ] C:\Windows\System32\LocationFramework.dll
16:46:41.0669 8652  C:\Windows\System32\LocationFramework.dll - ok
16:46:41.0685 8652  [ E51B1E678F964592503FE88B6837C13C ] C:\Windows\System32\LocationFrameworkPS.dll
16:46:41.0685 8652  C:\Windows\System32\LocationFrameworkPS.dll - ok
16:46:41.0685 8652  [ B405F59CF690653105600F85C9B576B9 ] C:\Windows\System32\CapabilityAccessManager.dll
16:46:41.0685 8652  C:\Windows\System32\CapabilityAccessManager.dll - ok
16:46:41.0685 8652  [ 961C91D5085B960768F8904244355A02 ] C:\Windows\System32\CapabilityAccessHandlers.dll
16:46:41.0685 8652  C:\Windows\System32\CapabilityAccessHandlers.dll - ok
16:46:41.0685 8652  [ 78C487A90232F5CEAD28CAF32A39161C ] C:\Windows\System32\CapabilityAccessManagerClient.dll
16:46:41.0685 8652  C:\Windows\System32\CapabilityAccessManagerClient.dll - ok
16:46:41.0685 8652  [ A68875B9CE8BA1D1A71BBEB6F9583447 ] C:\Windows\System32\LocationWinPalMisc.dll
16:46:41.0685 8652  C:\Windows\System32\LocationWinPalMisc.dll - ok
16:46:41.0685 8652  [ ED181941C90C6FF68EA1053AEBC82991 ] C:\Windows\System32\MdmCommon.dll
16:46:41.0685 8652  C:\Windows\System32\MdmCommon.dll - ok
16:46:41.0685 8652  [ FE610AC5392E43DF99A9FD0782BBBA15 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxOutlookBackground.dll
16:46:41.0685 8652  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxOutlookBackground.dll - ok
16:46:41.0685 8652  [ 8BBBBC05608A9B47D1538EEE93C61EA7 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
16:46:41.0685 8652  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll - ok
16:46:41.0685 8652  [ 89909E189303F0D46195593B9E4AFD94 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.25426.0_x64__8wekyb3d8bbwe\msvcp140_app.dll
16:46:41.0685 8652  C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.25426.0_x64__8wekyb3d8bbwe\msvcp140_app.dll - ok
16:46:41.0700 8652  [ 3EC8692D8A22B0969E2C0E5DA6F2B17A ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.25426.0_x64__8wekyb3d8bbwe\vcruntime140_app.dll
16:46:41.0700 8652  C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.25426.0_x64__8wekyb3d8bbwe\vcruntime140_app.dll - ok
16:46:41.0700 8652  [ F6EAD2E47C6EFF306BF236607836A6C6 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.25426.0_x64__8wekyb3d8bbwe\vccorlib140_app.dll
16:46:41.0700 8652  C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.25426.0_x64__8wekyb3d8bbwe\vccorlib140_app.dll - ok
16:46:41.0700 8652  [ E2E4C7706885E5845F12EBB6DC8710EC ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\mso20imm.dll
16:46:41.0700 8652  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\mso20imm.dll - ok
16:46:41.0700 8652  [ 27868C06C4D1B7CB8D5005BD28FB6540 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxComm.dll
16:46:41.0700 8652  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20091.0_x64__8wekyb3d8bbwe\HxComm.dll - ok
16:46:41.0700 8652  [ 254E3C28BF940AF784476A3B4B4A09D3 ] C:\Windows\System32\SystemSettings.DataModel.dll
16:46:41.0700 8652  C:\Windows\System32\SystemSettings.DataModel.dll - ok
16:46:41.0700 8652  [ 27D81744B2B75B8368C2ACAC21B56EC3 ] C:\Windows\System32\Windows.Cortana.Desktop.dll
16:46:41.0700 8652  C:\Windows\System32\Windows.Cortana.Desktop.dll - ok
16:46:41.0700 8652  [ BB142C2316F81011EC4AA15F2CF22C48 ] C:\Windows\System32\dlnashext.dll
16:46:41.0700 8652  C:\Windows\System32\dlnashext.dll - ok
16:46:41.0716 8652  [ 7BC3F3512C40D9C7F7CEFCE17916EE85 ] C:\Windows\System32\wpdshext.dll
16:46:41.0716 8652  C:\Windows\System32\wpdshext.dll - ok
16:46:41.0716 8652  [ BBBF88D1B9B5AD3C1EB1E95F41B9FD46 ] C:\Windows\System32\PlayToDevice.dll
16:46:41.0716 8652  C:\Windows\System32\PlayToDevice.dll - ok
16:46:41.0716 8652  [ 21E680B4ABE41ED07ABB56A516E79BBC ] C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll
16:46:41.0716 8652  C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1807.1991.0_x64__8wekyb3d8bbwe\OneConnect.dll - ok
16:46:41.0716 8652  [ 133C6BCC72A1D991614CE75FEE2152E2 ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\mrt100_app.dll
16:46:41.0716 8652  C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\mrt100_app.dll - ok
16:46:41.0716 8652  [ 7DA9FABE359EBD3F84459795CCBC56A2 ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
16:46:41.0716 8652  C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\SharedLibrary.dll - ok
16:46:41.0716 8652  [ E1F51A60689002C614CD4BEA49534D4D ] C:\Windows\System32\mrt100.dll
16:46:41.0716 8652  C:\Windows\System32\mrt100.dll - ok
16:46:41.0716 8652  [ F14C5774F22AE901234B5358CA91BD20 ] C:\Windows\System32\MbaeApiPublic.dll
16:46:41.0716 8652  C:\Windows\System32\MbaeApiPublic.dll - ok
16:46:41.0716 8652  ============================================================
16:46:41.0716 8652  Scan finished
16:46:41.0716 8652  ============================================================
16:46:41.0732 8644  Detected object count: 1
16:46:41.0732 8644  Actual detected object count: 1
16:47:15.0350 8644  91874529 ( HiddenService.Multi.Generic ) - User select action: Skip
 



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 23 August 2018 - 09:11 AM

Hi,

Why did you skip these?
Do you know what it it?

16:46:33.0225 8652 Suspicious service (Hidden): 91874529
16:46:33.0225 8652 91874529 ( HiddenService.Multi.Generic ) - warning
16:46:33.0225 8652 91874529 - detected HiddenService.Multi.Generic (1)

I'm not sure what it is but does not look good.

Lets see what we can find in the Registry.

Farbar Recovery Scan Tool (FRST) - Registry Search
Follow the instructions below to download and execute a Registry search on your system with FRST, and provide the log in your next reply.
  • Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • In the Search text area, copy and paste the following:
91874529
  • Once done, click on the Search Registry button and wait for FRST to finish the search;
  • On completion, a log will open in Notepad. Copy and paste its content in your next reply;


#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 29 August 2018 - 07:19 AM

Are you still with me?

#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:44 PM

Posted 04 September 2018 - 08:00 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users