Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Samsung (administrator) on DESKTOP-KJOTLCI (SAMSUNG ELECTRONICS CO., LTD. 300E4C/300E5C/300E7C) (20-01-2020 19:04:21)
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available Profiles: Samsung)
Platform: Windows 10 Home Version 1909 18363.592 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.26.14003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18111.17311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316336 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-03-18] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2020-01-14]
ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1294A8B8-18A7-4ECC-A501-302450F44524} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {193E2DF8-E3D1-4448-87C5-2BAC2D5CEE75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BF6CA4B-FFCD-48D6-9B3E-F90800159D25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-08] (Google Inc -> Google Inc.)
Task: {3E3BE35E-E9EB-4F5F-839E-17991162C219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-08] (Google Inc -> Google Inc.)
Task: {6521EC1B-2AD8-4C1B-9632-4D0356329B5F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1905072 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {8B2E440F-0292-4863-A430-C450D5DCDAD2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {93AD4E58-0C83-46DE-B81D-F429A961A312} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E09B057B-A8CE-4D95-BE4A-7BBB30BEF5FE} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3981232 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {E4C5EF46-8C55-470F-B65B-D1A186EAAB83} - System32\Tasks\AVG TuneUp Update => C:\Program Files (x86)\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2020-01-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {FD94B483-7D78-4727-A4A2-B7EDEE337D83} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{709160f6-0bf3-4104-9f17-9165e7b63aa6}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{82467e37-7202-42d9-96b8-1cdb114ef9b0}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{91e6740a-53fa-4e81-9bc8-5e7124b31d06}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed
SearchScopes: HKU\S-1-5-21-3983255944-2224574574-1335531537-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\9KKv7aeX.default [2019-10-09]
FF Extension: (Avira Password Manager) - C:\Users\Samsung\AppData\Roaming\Mozilla\Firefox\Profiles\9KKv7aeX.default\Extensions\
[email protected] [2019-10-09]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2020-01-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsrc=HP_ss&mntrId=AC28001FD056D9BA
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?affID=119776&tt=190313_wo2&babsrc=HP_ss&mntrId=AC28001FD056D9BA","hxxp://websearch.pu-results.info/?pid=726&r=2013/03/09&hid=1471995205&lg=EN&cc=LV","","hxxp://google.lv/"
CHR Notifications: Default -> hxxps://e.olweb.tv; hxxps://en.softonic.com; hxxps://rutube.ru; hxxps://sport-tv.me; hxxps://tinder.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://ytmp3.cc
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default [2020-01-20]
CHR DownloadDir: C:\Users\Samsung\Desktop
CHR Extension: (Prezentācijas) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-08]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2018-01-08]
CHR Extension: (Dokumenti) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-08]
CHR Extension: (Google disks) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-08]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-08]
CHR Extension: (Izklājlapas) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-08]
CHR Extension: (Google dokumenti bezsaistē) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Chrome interneta veikala maksājumu sistēma) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-09]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-07]
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-07]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6307248 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110560 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CleanupPSvc; C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel® pGFX -> Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Samsung Electronics CO., LTD. -> Windows ® Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-20 18:42 - 2020-01-20 16:52 - 000000000 ___DC C:\Windows.old
2020-01-20 18:38 - 2020-01-20 18:38 - 000061440 ____C ( ) C:\Users\Samsung\Desktop\VEW.exe
2020-01-20 18:32 - 2020-01-20 18:42 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-01-20 18:31 - 2020-01-20 18:32 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-01-20 18:31 - 2020-01-20 18:31 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-01-20 18:27 - 2020-01-20 18:27 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-20 18:27 - 2020-01-20 18:27 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-01-20 18:27 - 2020-01-20 18:27 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-01-20 18:27 - 2020-01-20 18:27 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-01-20 18:27 - 2020-01-20 18:27 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-01-20 18:27 - 2020-01-20 18:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-01-20 18:27 - 2020-01-20 18:27 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-01-20 18:27 - 2020-01-20 18:27 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-01-20 18:27 - 2020-01-20 18:27 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-01-20 18:27 - 2020-01-20 18:27 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-01-20 18:27 - 2020-01-20 18:27 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-01-20 18:27 - 2020-01-20 18:27 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-01-20 18:27 - 2020-01-20 18:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-01-20 18:26 - 2020-01-20 18:26 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-01-20 18:26 - 2020-01-20 18:26 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-01-20 18:26 - 2020-01-20 18:26 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-01-20 18:26 - 2020-01-20 18:26 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-01-20 18:26 - 2020-01-20 18:26 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2020-01-20 18:22 - 2020-01-20 18:22 - 000000000 ____D C:\WINDOWS\system32\lv
2020-01-20 18:20 - 2020-01-20 18:20 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-20 18:20 - 2020-01-20 18:20 - 000000000 ____D C:\Program Files\MSBuild
2020-01-20 18:20 - 2020-01-20 18:20 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-20 18:20 - 2019-03-01 19:31 - 001166488 ____C (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-01-20 18:20 - 2019-03-01 19:31 - 000124568 ____C (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-20 18:20 - 2019-03-01 19:31 - 000035592 ____C (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-01-20 18:20 - 2019-02-05 20:41 - 000778912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-01-20 18:20 - 2019-02-05 20:41 - 000103072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-20 18:20 - 2019-02-05 20:41 - 000035592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-01-20 18:19 - 2019-03-18 21:21 - 000099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2020-01-20 18:19 - 2019-03-18 21:20 - 004470272 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-01-20 18:19 - 2019-03-18 21:16 - 000903168 ____C (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2020-01-20 18:19 - 2019-03-18 20:15 - 000081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2020-01-20 18:19 - 2019-03-18 20:09 - 000568320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2020-01-20 18:19 - 2019-03-18 17:19 - 005791744 ____C (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0026.dll
2020-01-20 18:19 - 2019-03-18 17:16 - 000180736 ____C (Microsoft Corporation) C:\WINDOWS\system32\NlsData0026.dll
2020-01-20 18:19 - 2019-03-18 17:08 - 000134656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0026.dll
2020-01-20 18:19 - 2019-03-18 17:05 - 001915392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2020-01-20 18:19 - 2019-03-18 17:00 - 001875968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll
2020-01-20 18:19 - 2019-03-01 19:33 - 000076060 ____C C:\WINDOWS\system32\xpsrchvw.xml
2020-01-20 18:19 - 2018-08-09 16:53 - 000076060 ____C C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-01-20 18:16 - 2020-01-20 18:16 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-20 18:16 - 2020-01-20 18:16 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-20 17:04 - 2020-01-20 17:05 - 000002467 ____C C:\Users\Samsung\Desktop\Fixlog.txt
2020-01-20 16:54 - 2020-01-20 16:54 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-01-20 16:53 - 2020-01-20 18:36 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 16:52 - 2020-01-20 18:29 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2020-01-20 16:52 - 2020-01-20 17:25 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-01-20 16:52 - 2020-01-20 16:52 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-20 16:52 - 2020-01-20 16:52 - 000003396 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-20 16:52 - 2020-01-20 16:52 - 000003172 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-20 16:52 - 2020-01-20 16:52 - 000003024 _____ C:\WINDOWS\system32\Tasks\AVG TuneUp Update
2020-01-20 16:52 - 2020-01-20 16:52 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3983255944-2224574574-1335531537-1001
2020-01-20 16:52 - 2020-01-20 16:52 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-01-20 16:52 - 2020-01-20 16:52 - 000000020 ___SH C:\Users\Samsung\ntuser.ini
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 SHDCL C:\Documents and Settings
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2020-01-20 16:52 - 2020-01-20 16:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-20 16:51 - 2020-01-20 16:52 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-01-20 16:51 - 2020-01-20 16:52 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-01-20 16:47 - 2020-01-20 16:52 - 000000000 ____D C:\Users\Samsung
2020-01-20 16:47 - 2019-03-19 06:46 - 000001105 _____ C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 16:45 - 2019-10-07 04:57 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-01-20 16:43 - 2016-05-03 23:30 - 000081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2020-01-20 16:43 - 2016-05-03 23:30 - 000077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2020-01-20 16:42 - 2020-01-20 17:06 - 000443128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-20 16:42 - 2020-01-20 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-20 15:39 - 2020-01-20 16:52 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-20 15:07 - 2020-01-20 16:52 - 000000000 __HDC C:\$GetCurrent
2020-01-20 15:07 - 2020-01-20 16:52 - 000000000 ___DC C:\Windows10Upgrade
2020-01-20 15:07 - 2020-01-20 15:07 - 000000731 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-01-20 13:20 - 2020-01-20 13:21 - 000035550 ____C C:\Users\Samsung\Desktop\Addition.txt
2020-01-20 13:19 - 2020-01-20 19:05 - 000019392 ____C C:\Users\Samsung\Desktop\FRST.txt
2020-01-20 13:17 - 2020-01-20 19:04 - 000000000 ___DC C:\FRST
2020-01-20 13:14 - 2020-01-20 13:14 - 002572800 ____C (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2020-01-15 17:45 - 2020-01-15 17:45 - 000090478 ____C C:\Users\Samsung\Downloads\CV-Europass-20200115-Bērziņš-LV.pdf
2020-01-14 20:41 - 2020-01-14 20:41 - 000103978 ____C C:\Users\Samsung\Downloads\CV-Europass-20200114-Bērziņš-EN.pdf
2020-01-14 20:24 - 2020-01-20 18:42 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Technologies
2020-01-14 20:24 - 2020-01-14 20:24 - 000001188 ____C C:\Users\Public\Desktop\AVG TuneUp.lnk
2020-01-14 20:24 - 2020-01-14 20:24 - 000001188 ____C C:\ProgramData\Desktop\AVG TuneUp.lnk
2020-01-14 20:24 - 2020-01-14 20:24 - 000000000 ___DC C:\Program Files (x86)\AVG
2020-01-13 16:27 - 2020-01-13 16:27 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Ubisoft
2020-01-13 16:24 - 2020-01-13 16:24 - 000000000 ___DC C:\ProgramData\Ubisoft
2020-01-13 16:13 - 2020-01-13 16:13 - 000000000 ___DC C:\Program Files (x86)\Ubisoft
2020-01-10 20:35 - 2020-01-20 18:42 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-10 20:35 - 2020-01-10 20:35 - 000114232 ____C (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Sun
2020-01-10 20:35 - 2020-01-10 20:35 - 000000000 ___DC C:\Program Files (x86)\Java
2020-01-10 20:28 - 2020-01-20 16:47 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2020-01-10 20:21 - 2020-01-15 16:45 - 000000000 ___DC C:\Users\Samsung\AppData\LocalLow\uTorrent
2020-01-09 14:52 - 2020-01-09 14:52 - 000000000 ___DC C:\Users\Samsung\Downloads\New folder
2020-01-07 12:41 - 2020-01-14 20:25 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\AVG
2020-01-07 12:41 - 2020-01-07 12:41 - 000002075 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000002063 ____C C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000002063 ____C C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-01-07 12:41 - 2020-01-07 12:41 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Avg
2020-01-07 12:39 - 2020-01-07 12:40 - 000848688 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-01-07 12:39 - 2020-01-07 12:40 - 000461216 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-01-07 12:39 - 2020-01-07 12:40 - 000171640 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000355760 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-01-07 12:39 - 2020-01-07 12:39 - 000317304 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000275232 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000236288 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000210328 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000205600 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000111096 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000084560 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000065376 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000043512 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000037880 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000016520 ____C (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-01-07 12:39 - 2020-01-07 12:39 - 000000000 ___DC C:\Program Files\Common Files\AVG
2020-01-07 12:38 - 2020-01-20 16:07 - 000000000 ___DC C:\ProgramData\AVG
2020-01-07 12:38 - 2020-01-07 12:38 - 000000000 ___DC C:\Program Files\AVG
2020-01-04 19:16 - 2020-01-04 19:16 - 000000000 ___DC C:\Users\Samsung\Documents\My Games
2019-12-23 20:36 - 2019-12-23 20:36 - 000000000 ___DC C:\Users\Public\Security Sessions
2019-12-21 23:24 - 2019-12-21 23:24 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Windscribe
2019-12-21 23:24 - 2018-07-06 17:22 - 000054896 ____C (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-20 19:04 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-20 19:03 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-20 18:46 - 2018-01-08 10:04 - 000000000 _SHDC C:\Users\Samsung\IntelGraphicsProfiles
2020-01-20 18:45 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-01-20 18:45 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-20 18:42 - 2019-10-09 16:03 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-01-20 18:42 - 2019-06-21 20:12 - 000000000 ___DC C:\Program Files\UNP
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2020-01-20 18:42 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-20 18:42 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-01-20 18:42 - 2018-09-15 15:12 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-20 18:42 - 2018-08-29 19:31 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2020-01-20 18:42 - 2018-04-30 19:12 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-01-20 18:42 - 2018-04-12 01:38 - 000000000 ___DC C:\WINDOWS\system32\Tasks_Migrated
2020-01-20 18:42 - 2018-04-12 01:38 - 000000000 ___DC C:\WINDOWS\system32\MsDtc
2020-01-20 18:42 - 2018-01-08 10:21 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-01-20 18:42 - 2018-01-08 10:20 - 000000000 ___DC C:\WINDOWS\SHELLNEW
2020-01-20 18:42 - 2018-01-08 10:17 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-20 18:42 - 2018-01-08 10:16 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-01-20 18:42 - 2018-01-05 19:07 - 000000000 ___DC C:\Program Files (x86)\NVIDIA Corporation
2020-01-20 18:41 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-01-20 18:41 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2020-01-20 18:33 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources
2020-01-20 18:33 - 2018-01-05 19:02 - 000000000 ___DC C:\WINDOWS\system32\SRSLabs
2020-01-20 18:32 - 2018-01-05 19:02 - 000000000 ___DC C:\Program Files\Realtek
2020-01-20 18:32 - 2018-01-05 18:59 - 000000000 ___DC C:\Program Files\Intel
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-01-20 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-20 18:29 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 18:29 - 2018-01-05 19:08 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-01-20 18:22 - 2019-03-19 13:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-01-20 18:22 - 2019-03-19 13:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-01-20 18:22 - 2019-03-19 13:35 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-01-20 18:22 - 2019-03-19 13:35 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-01-20 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-01-20 18:20 - 2019-03-19 07:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-01-20 18:20 - 2019-03-19 07:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-01-20 18:20 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2020-01-20 18:20 - 2019-03-19 07:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-01-20 18:20 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2020-01-20 18:20 - 2019-03-19 06:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2020-01-20 18:19 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-01-20 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-01-20 17:10 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-20 17:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-20 17:10 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-20 17:10 - 2018-08-30 22:19 - 000000000 ___DC C:\ProgramData\Packages
2020-01-20 17:10 - 2018-01-05 20:34 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Packages
2020-01-20 16:54 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-01-20 16:52 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-20 16:52 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-20 16:52 - 2018-01-08 10:04 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2020-01-20 16:52 - 2018-01-08 10:04 - 000000000 __RDC C:\Users\Samsung\3D Objects
2020-01-20 16:52 - 2018-01-05 18:52 - 000000000 _RHDC C:\Users\Public\AccountPictures
2020-01-20 16:52 - 2018-01-05 18:52 - 000000000 ___DC C:\Users\Samsung\AppData\Local\ConnectedDevicesPlatform
2020-01-20 16:50 - 2018-01-08 10:13 - 000002301 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-20 16:50 - 2018-01-08 10:13 - 000002260 ____C C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 16:50 - 2018-01-08 10:13 - 000002260 ____C C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-20 16:47 - 2018-04-30 19:59 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2020-01-20 16:47 - 2018-01-08 10:17 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-20 16:45 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-01-20 16:44 - 2018-01-05 19:02 - 000000000 ___DC C:\WINDOWS\SysWOW64\RTCOM
2020-01-20 16:44 - 2018-01-05 19:00 - 000000000 ___DC C:\Program Files\Elantech
2020-01-20 16:43 - 2018-01-05 19:07 - 000000000 ___DC C:\Program Files\NVIDIA Corporation
2020-01-20 15:38 - 2018-01-05 19:32 - 000000036 ____C C:\WINDOWS\progress.ini
2020-01-20 13:47 - 2018-04-30 19:11 - 000000000 ___DC C:\Program Files\Common Files\Apple
2020-01-20 13:47 - 2018-04-30 19:10 - 000000000 ___DC C:\ProgramData\Apple
2020-01-20 12:52 - 2018-05-31 18:35 - 000002373 ____C C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (1).lnk
2020-01-20 12:52 - 2018-01-05 18:54 - 000000000 __RDC C:\Users\Samsung\OneDrive
2020-01-16 00:22 - 2018-01-31 20:09 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\uTorrent
2020-01-14 22:20 - 2018-08-30 21:11 - 000000000 ___DC C:\Users\Samsung\AppData\Local\D3DSCache
2020-01-14 20:27 - 2018-09-15 15:12 - 000000000 ___DC C:\Program Files (x86)\Steam
2020-01-13 16:13 - 2019-09-18 19:58 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2020-01-10 20:36 - 2019-08-01 17:09 - 000000000 ___DC C:\Users\Samsung\AppData\Roaming\.minecraft
2020-01-10 19:28 - 2018-10-18 12:00 - 000000000 ___DC C:\Users\Samsung\AppData\Local\ElevatedDiagnostics
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\ProgramData\Avira
2020-01-08 14:14 - 2019-10-09 16:03 - 000000000 ___DC C:\Program Files (x86)\Avira
2020-01-07 00:21 - 2018-04-01 23:22 - 000000000 ___DC C:\ProgramData\Package Cache
2020-01-07 00:05 - 2019-08-13 22:14 - 000007601 ____C C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
2019-12-23 20:36 - 2019-10-11 15:55 - 000000000 ___DC C:\Users\Samsung\AppData\Local\Avira
==================== Files in the root of some directories ========
2019-08-13 22:14 - 2020-01-07 00:05 - 000007601 ____C () C:\Users\Samsung\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Samsung (20-01-2020 19:05:45)
Running from C:\Users\Samsung\Desktop
Windows 10 Home Version 1909 18363.592 (X64) (2020-01-20 14:52:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3983255944-2224574574-1335531537-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3983255944-2224574574-1335531537-503 - Limited - Disabled)
Guest (S-1-5-21-3983255944-2224574574-1335531537-501 - Limited - Disabled)
Samsung (S-1-5-21-3983255944-2224574574-1335531537-1001 - Administrator - Enabled) => C:\Users\Samsung
WDAGUtilityAccount (S-1-5-21-3983255944-2224574574-1335531537-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\uTorrent) (Version: 3.5.5.45505 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVG TuneUp (HKLM-x32\...\{949BE04F-D7E8-4C19-9F89-8B304AB4308A}_is1) (Version: 19.1.1209 - AVG Technologies)
ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office Proofing Tools 2013 - latviešu (HKLM-x32\...\{90150000-001F-0426-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_1.8.2.0_x64__tf1gferkr813w [2018-11-14] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.3.301.0_x64__rz1tebttyb220 [2018-11-27] (Dolby Laboratories)
Dolby Atmos for Headphones -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforHeadphones_2.3.303.0_x64__rz1tebttyb220 [2018-11-27] (Dolby Laboratories)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x86__8wekyb3d8bbwe [2018-11-19] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe [2018-09-28] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0 [2018-11-28] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3983255944-2224574574-1335531537-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-01-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-06-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2020-01-14 20:24 - 2016-09-12 15:53 - 048936448 ____C () [File not signed] C:\Program Files (x86)\AVG\AVG TuneUp\libcef.dll
2018-01-08 10:16 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [232]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3983255944-2224574574-1335531537-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F5A4D5BC-7C8B-4905-A7A6-0DCA813AED36}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2416896A-1E31-48E9-B9AA-0F99D62690A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{7C8120A3-DA99-4F92-B1C0-245C3145444C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe (Ubisoft) [File not signed]
FirewallRules: [{017BED67-8CA0-4CA6-9089-2550E1BA9C3F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe (Ubisoft) [File not signed]
FirewallRules: [{7A9115C8-DC24-4471-879F-FF505ED1077C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe (Ubisoft) [File not signed]
FirewallRules: [{A6922EA9-2363-4AC4-8C56-9BBB3BBFCB27}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe (Ubisoft) [File not signed]
FirewallRules: [{44494EFA-341A-49C9-A957-65102DEA89A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8495F65C-70E2-467B-925F-674320F5C2B1}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{A304E60D-9CD8-40B8-BD71-936531CC57E2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [{A3F4DADF-9D25-4A61-85D1-5A5FF9C4D334}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe No File
FirewallRules: [UDP Query User{FB0A938A-C98E-4552-A37D-B7E3A8388CD4}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Block) C:\program files (x86)\age of empires iii - complete collection\age3.exe No File
FirewallRules: [TCP Query User{A6C6B8C6-1717-40E9-985F-B502C88D79DD}C:\program files (x86)\age of empires iii - complete collection\age3.exe] => (Block) C:\program files (x86)\age of empires iii - complete collection\age3.exe No File
FirewallRules: [{510C4E6E-7F92-4AC3-89AA-2ACF7A9B8B7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AA995C5B-2EB1-4084-B2D5-C759CFCA06B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81CD391B-508B-484A-8453-7070B5F39EEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11BEE9AB-9A3F-4B61-9EF7-F60040A00811}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1338ABDA-4655-476C-AC8B-46C5488436FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EB3C10F-951E-42C6-AC63-9481C1AA021E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC9590B3-9220-4EB8-9503-4B083210F045}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BDC153AA-6A33-43F5-B725-60339EB0B505}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8541CDF7-1B8C-4F9F-B267-C7AF49ED19E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{717B6DDF-701A-49C8-BC26-D5A1EB460901}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FC1E589B-9B05-489D-A8EF-5862902923BE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{CFA58FC7-1BA7-47B4-AFAF-4799AA78C999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{60FB9981-7D0A-4AE1-AF14-2F8007DEFBC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{CE7813A6-A78D-4FA2-85C3-37E08E075698}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C20485D1-229E-4CE1-B503-47043E6C9D08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C8610F04-7DC6-4260-BA64-F4184ED406FD}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{ED2196E8-2E0F-4E1C-9B7D-8C4F53647E78}] => (Allow) C:\Users\Samsung\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:110.46 GB) (Free:32.43 GB) (29%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/20/2020 06:36:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 026 language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/20/2020 05:27:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 026 language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (01/20/2020 05:19:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.449 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1c30
Start Time: 01d5cfa4b3121db3
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 5f908dda-96b7-418d-a0c6-51930e9683eb
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (01/20/2020 05:16:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.449 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1440
Start Time: 01d5cfa455f5a9c2
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 4aaae4ba-1bd6-4ce6-8581-9f02c3f85e70
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (01/20/2020 05:11:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 026 language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (01/20/2020 06:50:39 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-KJOTLCI)
Description: The activation of the CLSID Windows.Media.Capture.Internal.AppCaptureShell timed out waiting for the service BcastDVRUserService_4f5ea6 to stop.
Error: (01/20/2020 06:45:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KJOTLCI)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_2de55 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BcastDVRUserService_2de55 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BcastDVRUserService_2de55 service to connect.
Error: (01/20/2020 06:45:54 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KJOTLCI)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_2de55 with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BcastDVRUserService_2de55 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (01/20/2020 06:45:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the BcastDVRUserService_2de55 service to connect.
Error: (01/20/2020 05:05:46 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KJOTLCI)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_252eaa with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
Windows Defender:
===================================
Date: 2020-01-20 17:05:35.765
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7C438278-9A2F-4850-A3D0-BBEE6E395654}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-01-20 19:02:48.589
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:02:48.584
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:02:48.286
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:02:48.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:02:33.901
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:02:33.896
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:01:13.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-20 19:01:12.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Phoenix Technologies Ltd. P04RAP 10/15/2012
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP300E5C-S03EE
Processor: Intel® Core i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 81%
Total physical RAM: 3797.53 MB
Available physical RAM: 703.73 MB
Total Virtual: 4757.53 MB
Available Virtual: 1444.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.46 GB) (Free:32.43 GB) NTFS
\\?\Volume{b82e9ba2-aa72-4903-902d-ba65f553e4c5}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{8a28eb8c-429d-4c17-b440-f671e90de548}\ () (Fixed) (Total:0.77 GB) (Free:0.26 GB) NTFS
\\?\Volume{da1c40c4-0225-4eb7-aed2-1e86bf0a1011}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 30F49E2E)
Partition: GPT.
==================== End of Addition.txt =======================