Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

StartupCheckLibrary.dll message showing up on pc start!

Started by lakicoece , Jan 08 2020 10:21 AM

  • Please log in to reply

#1
lakicoece
Posted 08 January 2020 - 10:21 AM

lakicoece

    New Member

  • Member
  • Pip
  • 1 posts

Hi all :yes:

 

I noticed one day that my pc cannot update itself so i did it myself and I have found trojan virus in Windows files which I menaged to clear and remove from my pc but now when my pc boots up and enters window screen i get RUNDLL error which says that  StartupCheckLibrary.dll is is missing from my pc.

 

I attached my Addition.txt and FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by LakiCoece (administrator) on DESKTOP-T5BHN95 (08-01-2020 17:16:50)
Running from C:\Users\LakiCoece\Downloads
Loaded Profiles: LakiCoece (Available Profiles: LakiCoece)
Platform: Windows 10 Pro Version 1909 18363.535 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\acrotray.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) D:\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) D:\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(ASUSTeK Computer Inc. -> AsusTek) D:\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) D:\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) D:\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(gputemp.com) [File not signed] C:\Program Files (x86)\GPU Temp\GPUTemp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\LakiCoece\Downloads\MSERT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) D:\txgameassistant\appmarket\QMEmulatorService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [BCSSync] => D:\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Run: [Discord] => C:\Users\LakiCoece\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-08] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2414456 2019-12-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-10-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Run: [launchOnStartup] => D:\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020EF037-AFC3-4A65-BF43-B61CE4BA60CD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {189A71E9-8BD1-4F40-940F-408041E70D45} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {19C1DA29-F6B5-4349-83E2-9CEC4D913007} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {1ECD0396-0CE3-47C4-8203-76C1D0B94C6C} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {21C44456-8161-4586-A5E3-E7BA98567460} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {A5A7274D-5579-482C-83F8-4F8F89FA990A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {C1F83236-7E4A-4092-B53D-CB7BCB8B79F6} - System32\Tasks\GPU Temp\Startup => C:\Program Files (x86)\GPU Temp\GPUTemp.exe [1032192 2011-10-01] (gputemp.com) [File not signed]
Task: {C4EA28FF-D2A2-4E39-A29C-AF71E55A76A5} - System32\Tasks\Core Temp Autostart LakiCoece => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-30] (ALCPU -> ALCPU)
Task: {E65C2B85-C269-4C84-8BBD-1E35EB4608E7} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {EF6A53CA-04CC-46EF-92BB-2B863632C6DB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F59A3FBC-514C-483D-BC93-53E434BD0582} - System32\Tasks\ASUS Smart Gesture Launcher => D:\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-01-09] (ASUSTeK Computer Inc. -> AsusTek)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ddd65b88-f346-4d67-a64f-890dc4b5e97d}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1713871318-829081173-426852396-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FireFox:
========
FF DefaultProfile: bzb3lsd8.default
FF ProfilePath: C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\bzb3lsd8.default [2019-10-02]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\bzb3lsd8.default\Extensions\[email protected] [2020-01-07]
FF Extension: (Avast Online Security) - C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\bzb3lsd8.default\Extensions\[email protected] [2019-09-10]
FF ProfilePath: C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\7ue4csaz.default-release [2020-01-08]
FF Homepage: Mozilla\Firefox\Profiles\7ue4csaz.default-release -> hxxps://www.google.com/webhp?hl=hr&sa=X&ved=0ahUKEwjFlPaa-dPfAhVCqYsKHeJSBXsQPAgH
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\7ue4csaz.default-release\Extensions\[email protected] [2020-01-07]
FF Extension: (Avast Online Security) - C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\7ue4csaz.default-release\Extensions\[email protected] [2020-01-07] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (No Name) - C:\Users\LakiCoece\AppData\Roaming\Mozilla\Firefox\Profiles\7ue4csaz.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-23]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8399040 2019-12-13] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-10-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-12-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [1208392 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
S3 Microsoft SharePoint Workspace Audit Service; D:\Microsoft Office\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 QMEmulatorService; D:\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-10-17] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-12-22] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2018-04-06] (Popcorn Time) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\LakiCoece\AppData\Local\Temp\ALSysIO64.sys [47240 2020-01-08] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R2 aow_drv; D:\TxGameAssistant\UI\2.0.12963.123\aow_drv_x64_ev.sys [863616 2019-10-18] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
R3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2017-01-09] (ASUSTeK Computer Inc. -> Windows ® Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [84472 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [120416 2017-03-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [27128 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> ELECOM)
S3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [26104 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> ELECOM)
S3 HtcVCom32; C:\WINDOWS\System32\drivers\HtcVComV64.sys [121800 2010-03-08] (Sqa.com(Test) -> QUALCOMM Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [55904 2017-03-17] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-24] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-12-13] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-02] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Users\LakiCoece\AppData\Local\Temp\tmp4E6E.tmp [14544 2020-01-08] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\WINDOWS\system32\winscomrssrv.dll"
2020-01-08 17:16 - 2020-01-08 17:17 - 000024388 _____ C:\Users\LakiCoece\Downloads\FRST.txt
2020-01-08 16:54 - 2020-01-08 17:17 - 000000000 ____D C:\FRST
2020-01-08 16:53 - 2020-01-08 16:53 - 002573312 _____ (Farbar) C:\Users\LakiCoece\Downloads\FRST64.exe
2020-01-08 05:41 - 2020-01-07 20:48 - 000000000 ____D C:\Windows.old
2020-01-08 05:23 - 2020-01-08 05:41 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-01-08 05:22 - 2020-01-08 05:23 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-01-08 05:22 - 2020-01-08 05:22 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-01-08 05:20 - 2020-01-08 05:20 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002369552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-08 05:20 - 2020-01-08 05:20 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001718584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001616696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001387024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-01-08 05:20 - 2020-01-08 05:20 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000960040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000816952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000666640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-01-08 05:20 - 2020-01-08 05:20 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000259384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-01-08 05:20 - 2020-01-08 05:20 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-01-08 05:20 - 2020-01-08 05:20 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-01-08 05:20 - 2020-01-08 05:20 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-01-08 05:20 - 2020-01-08 05:20 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-01-08 05:20 - 2020-01-08 05:20 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-01-08 05:20 - 2020-01-08 05:20 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
2020-01-08 05:20 - 2020-01-08 05:20 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-01-08 05:20 - 2020-01-08 05:20 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-01-08 05:20 - 2020-01-08 05:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-01-08 05:20 - 2020-01-08 05:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 003968512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-01-08 05:19 - 2020-01-08 05:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-01-08 05:19 - 2020-01-08 05:19 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-01-08 05:19 - 2020-01-08 05:19 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-01-08 05:19 - 2020-01-08 05:19 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-01-08 05:19 - 2020-01-08 05:19 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2020-01-08 05:17 - 2020-01-08 05:17 - 000000000 ____D C:\WINDOWS\system32\hr
2020-01-08 05:15 - 2020-01-08 05:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-08 05:15 - 2020-01-08 05:15 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-08 05:15 - 2020-01-08 05:15 - 000000000 ____D C:\Program Files\MSBuild
2020-01-08 05:15 - 2019-03-19 04:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2020-01-08 05:15 - 2019-03-19 04:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-01-08 05:15 - 2019-03-19 04:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2020-01-08 05:15 - 2019-03-19 03:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2020-01-08 05:15 - 2019-03-19 03:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2020-01-08 05:15 - 2019-03-02 02:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-01-08 05:15 - 2019-02-06 03:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-01-08 05:15 - 2019-02-06 03:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-08 05:15 - 2019-02-06 03:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-01-08 05:15 - 2018-08-09 23:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-01-08 05:14 - 2019-03-19 00:19 - 006015488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons001a.dll
2020-01-08 05:14 - 2019-03-19 00:16 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData001a.dll
2020-01-08 05:14 - 2019-03-19 00:08 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData001a.dll
2020-01-08 05:14 - 2019-03-19 00:05 - 001915392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll
2020-01-08 05:14 - 2019-03-19 00:00 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll
2020-01-08 05:14 - 2019-03-02 02:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-01-08 05:14 - 2019-03-02 02:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-08 05:14 - 2019-03-02 02:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-01-08 05:13 - 2020-01-08 05:13 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-08 05:13 - 2020-01-08 05:13 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-07 21:17 - 2020-01-08 16:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-07 21:16 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-07 21:16 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-07 21:16 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-07 21:16 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-07 21:16 - 2019-10-04 16:54 - 011059640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 009492896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-07 21:16 - 2019-10-04 16:54 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 002041784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 001721816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443200.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 001543424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 001472200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 001468504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443200.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 001164160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 001135816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000914336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000822232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000810456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000656344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000633728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000544160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000523520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-07 21:16 - 2019-10-04 16:53 - 000055448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-01-07 21:16 - 2019-10-04 16:52 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-07 21:16 - 2019-10-04 16:52 - 035269832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-07 21:16 - 2019-10-04 16:52 - 020194712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-07 21:16 - 2019-10-04 16:52 - 017471576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-07 21:16 - 2019-10-04 16:52 - 005425808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-07 21:16 - 2019-10-04 16:52 - 004768160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-07 21:16 - 2019-10-04 16:51 - 004342528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-07 20:51 - 2020-01-08 17:05 - 000853684 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-07 20:50 - 2020-01-07 20:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-01-07 20:48 - 2020-01-08 16:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-07 20:48 - 2020-01-07 20:48 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-01-07 20:48 - 2020-01-07 20:48 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-01-07 20:48 - 2020-01-07 20:48 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-07 20:48 - 2020-01-07 20:48 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-07 20:48 - 2020-01-07 20:48 - 000003042 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-07 20:48 - 2020-01-07 20:48 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1713871318-829081173-426852396-1001
2020-01-07 20:48 - 2020-01-07 20:48 - 000002826 _____ C:\WINDOWS\system32\Tasks\ASUS Smart Gesture Launcher
2020-01-07 20:48 - 2020-01-07 20:48 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-01-07 20:48 - 2020-01-07 20:48 - 000002234 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-07 20:48 - 2020-01-07 20:48 - 000002218 _____ C:\WINDOWS\system32\Tasks\Core Temp Autostart LakiCoece
2020-01-07 20:48 - 2020-01-07 20:48 - 000000020 ___SH C:\Users\LakiCoece\ntuser.ini
2020-01-07 20:48 - 2020-01-07 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-01-07 20:48 - 2020-01-07 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\GPU Temp
2020-01-07 20:48 - 2020-01-07 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-07 20:44 - 2020-01-07 20:48 - 000000000 ____D C:\Users\LakiCoece
2020-01-07 20:44 - 2019-10-07 03:56 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-01-07 20:44 - 2019-03-19 05:46 - 000001105 _____ C:\Users\LakiCoece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-07 20:42 - 2020-01-07 20:45 - 000452392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-07 20:42 - 2020-01-07 20:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-07 18:20 - 2020-01-07 18:20 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2020-01-07 15:47 - 2020-01-07 20:48 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-07 15:43 - 2020-01-07 15:47 - 000000036 _____ C:\WINDOWS\progress.ini
2020-01-07 15:32 - 2020-01-07 15:43 - 000000000 ___HD C:\$GetCurrent
2020-01-07 15:32 - 2020-01-07 15:42 - 000000000 ____D C:\Windows10Upgrade
2020-01-07 15:32 - 2020-01-07 15:32 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-01-07 14:56 - 2020-01-07 15:00 - 138886064 _____ (Microsoft Corporation) C:\Users\LakiCoece\Downloads\MSERT.exe
2020-01-07 14:56 - 2020-01-07 14:56 - 000000000 ____D C:\261b7a8bcc0b1e0eb4edf6789f092c
2020-01-07 14:48 - 2020-01-07 14:48 - 000000000 ____D C:\66226262efb8bad4191af16cfa7852
2020-01-07 14:42 - 2020-01-07 14:42 - 000000000 ____D C:\52f6f67785beeb993a3929
2020-01-07 14:17 - 2020-01-07 14:17 - 000000000 ___HD C:\$AV_ASW
2020-01-07 14:17 - 2020-01-07 14:15 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-01-07 14:15 - 2020-01-07 14:18 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-01-07 14:15 - 2020-01-07 14:18 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-01-07 14:15 - 2020-01-07 14:18 - 000002076 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-01-07 14:09 - 2020-01-07 14:09 - 000230080 _____ (AVAST Software) C:\Users\LakiCoece\Downloads\avast_free_antivirus_setup_online.exe
2020-01-07 14:03 - 2020-01-07 14:03 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\ElevatedDiagnostics
2020-01-03 11:35 - 2020-01-03 11:43 - 3339960789 _____ C:\Users\LakiCoece\Downloads\4.0v7.rar
2020-01-03 02:56 - 2020-01-03 02:56 - 000000000 ____D C:\Users\Public\Documents\uPlay
2020-01-03 02:56 - 2020-01-03 02:56 - 000000000 ____D C:\ProgramData\Documents\uPlay
2019-12-29 17:34 - 2019-12-29 17:34 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\EasyAntiCheat
2019-12-29 17:34 - 2019-12-29 17:34 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\Insurgency
2019-12-29 17:34 - 2019-12-29 17:34 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-12-28 18:21 - 2019-12-28 18:21 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-12-28 18:21 - 2019-12-28 18:21 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2019-12-28 18:21 - 2019-12-28 18:21 - 000001028 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2019-12-21 13:16 - 2019-12-21 13:16 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\HOODLUM
2019-12-20 23:41 - 2019-12-20 23:41 - 095043726 _____ C:\Users\LakiCoece\Downloads\UA Patch - Version 1.88.72.zip
2019-12-20 23:28 - 2020-01-08 05:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Tyranid Mod for Soulstorm
2019-12-20 23:28 - 2020-01-08 05:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyranid Mod for Soulstorm
2019-12-20 23:16 - 2019-12-20 23:23 - 000000000 ____D C:\Users\LakiCoece\Downloads\UA mod
2019-12-19 02:29 - 2019-12-27 13:42 - 000001653 _____ C:\Users\LakiCoece\Desktop\DoW Mod Manager v1.52 - Shortcut.lnk
2019-12-19 00:41 - 2019-12-19 02:28 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\DoW_Mod_Manager
2019-12-19 00:13 - 2019-12-19 00:13 - 000000000 ____D C:\Users\LakiCoece\Downloads\W40k Soulstorm
2019-12-12 21:29 - 2019-12-12 22:42 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\Arma 3
2019-12-12 21:29 - 2019-12-12 22:39 - 000000000 ____D C:\Users\LakiCoece\Documents\Arma 3
2019-12-12 21:29 - 2019-12-12 21:29 - 000000000 ____D C:\ProgramData\Bohemia Interactive
2019-12-12 17:54 - 2020-01-08 05:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-12-12 17:54 - 2019-12-12 17:54 - 000000614 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2019-12-12 17:54 - 2019-12-12 17:54 - 000000614 _____ C:\ProgramData\Desktop\GOG Galaxy.lnk
2019-12-12 17:54 - 2019-12-12 17:54 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\GOG.com

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-08 17:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-08 17:05 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-08 17:01 - 2019-09-10 21:55 - 000000000 ____D C:\Users\LakiCoece\AppData\LocalLow\Mozilla
2020-01-08 16:59 - 2019-10-06 12:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-08 16:59 - 2019-09-15 15:08 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2020-01-08 16:59 - 2019-09-15 15:07 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2020-01-08 16:59 - 2019-09-11 03:44 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-08 16:59 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-08 16:58 - 2019-09-25 23:14 - 000000000 ____D C:\Program Files (x86)\Popcorn Time
2020-01-08 16:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2020-01-08 05:41 - 2019-11-28 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-01-08 05:41 - 2019-11-28 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-01-08 05:41 - 2019-11-28 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
2020-01-08 05:41 - 2019-11-22 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars Jedi Fallen Order
2020-01-08 05:41 - 2019-11-17 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks 3 Experience
2020-01-08 05:41 - 2019-11-11 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands 3
2020-01-08 05:41 - 2019-10-29 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold Crusader 2 [GOG.com]
2020-01-08 05:41 - 2019-10-16 13:29 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2020-01-08 05:41 - 2019-10-07 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2020-01-08 05:41 - 2019-10-05 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Age of the Ring
2020-01-08 05:41 - 2019-10-05 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2020-01-08 05:41 - 2019-10-05 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edain Mod
2020-01-08 05:41 - 2019-10-05 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2020-01-08 05:41 - 2019-10-03 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2020-01-08 05:41 - 2019-10-01 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2020-01-08 05:41 - 2019-09-19 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2020-01-08 05:41 - 2019-09-19 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2020-01-08 05:41 - 2019-09-19 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-01-08 05:41 - 2019-09-19 14:59 - 000000000 ____D C:\WINDOWS\SHELLNEW
2020-01-08 05:41 - 2019-09-17 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War WARHAMMER II Curse of the Vampire Coast
2020-01-08 05:41 - 2019-09-15 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2020-01-08 05:41 - 2019-09-15 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-01-08 05:41 - 2019-09-12 18:00 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2020-01-08 05:41 - 2019-09-11 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2020-01-08 05:41 - 2019-09-11 11:54 - 000000000 ____D C:\Program Files\UNP
2020-01-08 05:41 - 2019-09-11 03:44 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-08 05:41 - 2019-09-11 01:30 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-01-08 05:41 - 2019-09-11 01:30 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-01-08 05:41 - 2019-09-10 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2020-01-08 05:41 - 2019-09-10 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-08 05:41 - 2019-09-10 22:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender
2020-01-08 05:41 - 2019-09-10 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-08 05:41 - 2019-09-10 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\catroot2.old
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2020-01-08 05:41 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-08 05:41 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-01-08 05:23 - 2019-10-28 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FireFly Studios
2020-01-08 05:23 - 2019-10-24 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2020-01-08 05:23 - 2019-10-05 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2020-01-08 05:23 - 2019-09-11 03:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-01-08 05:23 - 2019-09-11 03:43 - 000000000 ____D C:\Program Files\Realtek
2020-01-08 05:23 - 2019-03-19 07:22 - 000000000 ____D C:\WINDOWS\OCR
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-01-08 05:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-08 05:17 - 2019-03-19 07:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-01-08 05:17 - 2019-03-19 07:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-01-08 05:17 - 2019-03-19 07:23 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-01-08 05:17 - 2019-03-19 07:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-01-08 05:17 - 2019-03-19 07:20 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-01-08 05:17 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-01-08 05:17 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-01-08 05:15 - 2019-03-19 06:00 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-01-08 05:15 - 2019-03-19 06:00 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-01-08 05:15 - 2019-03-19 06:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2020-01-08 05:15 - 2019-03-19 06:00 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2020-01-08 05:15 - 2019-03-19 05:57 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-01-08 05:15 - 2019-03-19 05:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-01-08 05:15 - 2019-03-19 05:57 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-01-08 05:15 - 2019-03-19 05:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-01-08 05:15 - 2019-03-19 05:57 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-01-08 05:15 - 2019-03-19 05:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2020-01-08 05:15 - 2019-03-19 05:57 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-01-08 05:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-01-08 05:14 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2020-01-07 21:18 - 2019-11-16 01:05 - 000000420 __RSH C:\ProgramData\ntuser.pol
2020-01-07 21:17 - 2019-09-11 03:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-07 21:16 - 2019-09-10 22:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-07 21:16 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-07 21:14 - 2019-09-10 22:11 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-07 21:09 - 2019-09-10 19:00 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-07 21:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-07 21:04 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-01-07 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-01-07 20:48 - 2019-09-10 18:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-07 20:48 - 2019-09-10 18:50 - 000000000 ___RD C:\Users\LakiCoece\3D Objects
2020-01-07 20:48 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-07 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-07 20:48 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-07 20:45 - 2019-03-19 05:52 - 000000000 __RSD C:\WINDOWS\Media
2020-01-07 20:44 - 2019-09-17 20:42 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-01-07 20:44 - 2019-09-11 15:38 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2020-01-07 20:44 - 2019-09-11 12:00 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-01-07 20:44 - 2019-09-10 22:03 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-01-07 20:44 - 2019-09-10 18:50 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\Packages
2020-01-07 20:43 - 2019-09-11 03:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-01-07 20:43 - 2019-09-11 03:43 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-01-07 14:15 - 2019-10-02 17:57 - 000161544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-01-07 14:15 - 2019-09-10 22:12 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-01-07 14:15 - 2019-09-10 22:12 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-01-07 14:01 - 2019-09-10 18:47 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2020-01-07 13:33 - 2019-09-25 21:20 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\BitTorrent
2020-01-07 13:15 - 2019-10-04 23:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-07 13:15 - 2019-10-04 23:39 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-01-06 22:37 - 2019-09-10 22:03 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\Discord
2020-01-05 01:37 - 2019-09-10 22:02 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-05 00:47 - 2019-12-05 19:56 - 000000000 ____D C:\Users\LakiCoece\Games
2020-01-04 12:26 - 2019-09-10 23:14 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\Battle.net
2020-01-03 02:56 - 2019-09-11 12:02 - 000000000 ____D C:\Users\LakiCoece\Documents\My Games
2020-01-02 15:46 - 2019-10-06 12:23 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\TeamViewer
2020-01-02 15:40 - 2019-09-17 20:42 - 000001294 _____ C:\Users\LakiCoece\Desktop\Rockstar Games Launcher.lnk
2020-01-02 13:27 - 2019-09-11 12:00 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\Ubisoft Game Launcher
2019-12-31 01:41 - 2019-09-10 18:52 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\PlaceholderTileLogoFolder
2019-12-29 17:34 - 2019-09-20 09:17 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\UnrealEngine
2019-12-29 17:34 - 2019-09-11 12:00 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-28 23:17 - 2019-09-17 20:42 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\Rockstar Games
2019-12-28 23:16 - 2019-09-17 20:42 - 000000000 ____D C:\Users\LakiCoece\Documents\Rockstar Games
2019-12-22 17:30 - 2019-09-17 20:46 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-12-22 17:30 - 2019-09-17 20:41 - 000000000 ____D C:\Program Files\Rockstar Games
2019-12-20 22:10 - 2019-09-10 22:19 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\D3DSCache
2019-12-19 19:00 - 2019-09-18 10:23 - 000000000 ____D C:\Users\LakiCoece\AppData\Roaming\The Creative Assembly
2019-12-19 18:57 - 2019-09-13 16:14 - 000000000 ____D C:\Users\LakiCoece\AppData\Local\CrashDumps
2019-12-18 10:54 - 2019-09-10 23:11 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-13 00:21 - 2019-10-24 14:26 - 000555064 _____ (TENCENT) C:\WINDOWS\system32\TesSafe.sys
2019-12-12 17:54 - 2019-09-30 17:49 - 000000000 ____D C:\ProgramData\GOG.com

==================== Files in the root of some directories ========

2019-11-19 21:29 - 2019-11-19 21:30 - 003673088 _____ (SoundMixer) C:\Users\LakiCoece\AppData\Roaming\Launcher_091.exe
2019-09-17 23:54 - 2019-09-17 23:54 - 000000097 _____ () C:\Users\LakiCoece\AppData\Local\fusioncache.dat
2019-09-12 14:28 - 2019-09-12 14:28 - 000000410 _____ () C:\Users\LakiCoece\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by LakiCoece (08-01-2020 17:17:37)
Running from C:\Users\LakiCoece\Downloads
Windows 10 Pro Version 1909 18363.535 (X64) (2020-01-07 19:48:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1713871318-829081173-426852396-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1713871318-829081173-426852396-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-1713871318-829081173-426852396-503 - Limited - Disabled)
Guest (S-1-5-21-1713871318-829081173-426852396-501 - Limited - Disabled)
LakiCoece (S-1-5-21-1713871318-829081173-426852396-1001 - Administrator - Enabled) => C:\Users\LakiCoece
WDAGUtilityAccount (S-1-5-21-1713871318-829081173-426852396-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Illustrator CC 2019 (HKLM-x32\...\ILST_23_0_1) (Version: 23.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2019 (HKLM-x32\...\IDSN_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Age of Empires II Definitive Ed. Build 34055 (HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Age of Empires II Definitive Ed. Build 34055) (Version:  - HOODLUM)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.7.17 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.4.3.1557 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BFME2 PatchSwitcher Setup version 1.0 (HKLM-x32\...\{C206A02A-CD20-4AC2-9A17-B5D2653881F2}_is1) (Version: 1.0 - Paramartha Saha)
BitTorrent (HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\BitTorrent) (Version: 7.10.5.45416 - BitTorrent Inc.)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Borderlands 3 (HKLM-x32\...\Borderlands 3_is1) (Version:  - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
Cossacks 3 Experience (HKLM-x32\...\Cossacks 3 Experience_is1) (Version:  - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0948 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Edain Mod (HKLM-x32\...\{64EC673E-0B9F-4D2E-9B98-0027ABBA0B27}_is1) (Version: 4.3 - Edain Mod Team)
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1868.0 - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}) (Version: 1.2.0238 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Graphics Driver 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Rise of the Witch-King 2.02 (HKLM-x32\...\GameReplaysRotWK) (Version:  - RotWK 2.02 Team)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 - Delivering Justice (HKLM-x32\...\Stronghold Crusader 2: Delivering Justice_is1) (Version: 2.2.0.7 - GOG.com)
Stronghold Crusader 2 - The Emperor and The Hermit (HKLM-x32\...\Stronghold Crusader 2: The Emperor and The Hermit_is1) (Version: 2.0.0.5 - GOG.com)
Stronghold Crusader 2 - The Jackall and The Khan (HKLM-x32\...\Stronghold Crusader 2: The Jackall and The Khan_is1) (Version: 2.0.0.5 - GOG.com)
Stronghold Crusader 2 - The Princess and The Pig (HKLM-x32\...\Stronghold Crusader 2: The Princess and The Pig_is1) (Version: 2.0.0.5 - GOG.com)
Stronghold Crusader 2 - The Templar and The Duke (HKLM-x32\...\Stronghold Crusader 2: The Templar and The Duke_is1) (Version: 2.0.0.5 - GOG.com)
Stronghold Crusader 2 (HKLM-x32\...\1433852499_is1) (Version: 2.2.0.7 - GOG.com)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer)
The Age of the Ring Mod for The Rise of the Witch-king version 4.0 (HKLM-x32\...\AOTR4.0_is1) (Version: 4.0 - AotR staff)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
Total War WARHAMMER II Curse of the Vampire Coast (HKLM-x32\...\Total War WARHAMMER II Curse of the Vampire Coast_is1) (Version:  - )
Tyranid Mod 0.5b2 for Soulstorm (HKLM-x32\...\Tyranid Mod 0.5b2 for Soulstorm) (Version:  - )
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\Wargaming.net Game Center) (Version: 19.8.0.7920 - Wargaming.net)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
World of Tanks EU (HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3566.0_x64__rz1tebttyb220 [2019-10-02] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.9262.0_x64__8wekyb3d8bbwe [2019-10-02] (Microsoft Studios) [MS Ad]
MSN Vrijeme -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Photo Editor | Polarr -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.9.5.0_x64__jb41c8remg0x2 [2019-09-25] (Polarr)
Pošta i kalendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Sketchable -> C:\Program Files\WindowsApps\SiliconBendersLLC.Sketchable_4.9.12.0_x64__r2kxzpx527qgj [2019-09-10] (Silicon Benders LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1713871318-829081173-426852396-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => D:\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => D:\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-10-05] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Adobe Acrobat IX\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-01-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => D:\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-10 22:02 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-02-12 01:28 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [File not signed] D:\WinCDEmu\x64\WinCDEmuContextMenu.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-09-11 01:30 - 2019-09-11 01:29 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1713871318-829081173-426852396-1001\Control Panel\Desktop\\Wallpaper -> E:\Posao\Dizajn_Radovi\SomethingOfMine\Castles and Fortresses\Neuschwanstein Castle\Neuschwanstein Castle-3.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1713871318-829081173-426852396-1001\...\StartupApproved\Run: => "launchOnStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B4ADE2A8-47AA-4953-B5D3-22993D28066E}] => (Allow) D:\SteamLibrary\steamapps\common\Rise of Legions\RiseOfLegions.exe () [File not signed]
FirewallRules: [{FC560624-8A39-4B30-A40D-645219799761}] => (Allow) D:\SteamLibrary\steamapps\common\Rise of Legions\RiseOfLegions.exe () [File not signed]
FirewallRules: [UDP Query User{6D46EBC2-5CDA-4645-B502-6FC66DB25550}D:\download\tom clancy's ghost recon wildlands\grw.exe] => (Block) D:\download\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [TCP Query User{EF7CB065-BE56-47EC-9372-3DF982E4AD71}D:\download\tom clancy's ghost recon wildlands\grw.exe] => (Block) D:\download\tom clancy's ghost recon wildlands\grw.exe (Blue Byte GmbH -> )
FirewallRules: [UDP Query User{23C7C4C5-928C-4827-AAF7-EBE40B6058D6}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive)
FirewallRules: [TCP Query User{8E1B6F46-BFEE-40AF-9D63-D7D0A5A225B3}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive)
FirewallRules: [{3E8AA312-AF7E-46DA-98B3-A05F21EE4AFD}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{622D4A9C-4D59-4B8A-8E72-390BCCE4B03D}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{199729EB-769F-409A-9F60-6C5520F9072C}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{2C0AA7A6-4C83-4333-A1AC-F83E8C6A35F4}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [UDP Query User{5CF73FC7-DDAE-426F-A6DC-7250DA172B0A}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{33BB67FC-B340-4892-85BD-C717F80E989D}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{FE356AB0-2C2C-412E-8A41-54B75081CF0E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FCDD22C3-AD8A-4CA5-A3CD-56EC71000206}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F4E9484E-0B68-4608-B840-A4ACDE23F70F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{565A6698-54D9-4358-8EF6-D6CA32AA5316}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BCEB14A7-A9A8-42A0-93EC-C9F275167A36}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{E25910BB-5A9A-4B93-8808-136DA9A59A8A}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{4E02ACF6-169D-41D6-ACDC-1F901CD6E6C2}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation) [File not signed]
FirewallRules: [{CA5DBF99-4753-4A02-9FE6-FEA9587FF318}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation) [File not signed]
FirewallRules: [{210FC256-7815-49C4-BF5C-48CDAACB660B}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Gold\W40kWA.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{9A8B59CD-B62F-47E9-8E0B-9AD1027F6820}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Gold\W40kWA.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{0E6FBEDB-8CCE-4E77-9A0D-D612C83B74D7}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Dark Crusade\darkcrusade.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{DAF6E4D6-023F-459B-AC99-670268BD0C84}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Dark Crusade\darkcrusade.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{0811E850-4167-432E-ADC1-7E484E4463F1}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Gold\W40k.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{0D5E8EE6-E288-4129-A41A-3B8B3C69D7E8}] => (Allow) D:\SteamLibrary\steamapps\common\Dawn of War Gold\W40k.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{F859A66A-4C88-4AC6-A859-163371130802}] => (Allow) D:\Games\Age of Empires II\age2_x1\age2_x1.0c.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{6308F138-C545-4364-A7F7-242F36AF85CA}] => (Allow) D:\Games\Age of Empires II\age2_x1\age2_x1.0c.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{0760266E-068C-4EB7-9A07-D99012E198D6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{7EDE9C3D-BA31-41FE-AC4C-EAD3A99DC0D9}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{96A56A19-2143-4D41-9E02-A1D6D4B85DFE}] => (Allow) D:\Games\Age of Empires II\age2_x1\age2_x1.5.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{36538CCA-54D1-423B-A2A6-F378184379D3}] => (Allow) D:\Games\Age of Empires II\age2_x1\age2_x1.5.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{60313E32-A9DE-43CE-8D8C-9784F6591322}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [TCP Query User{49467532-3AD8-490D-9D7A-206CAD4ABC74}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [UDP Query User{E37DFEE6-045A-4505-8C80-BC373D162668}D:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{A82EB321-49FD-4518-B850-0EB02301693A}D:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C2B20E15-9D38-418F-B51F-BFEB51D83388}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{1C4F1B53-200B-4571-9306-217A18FD94B5}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9768D256-CF50-45BF-B32F-6EBA76B987A1}D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Block) D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software) [File not signed]
FirewallRules: [TCP Query User{7C91E3AC-C867-4F47-AA88-DFBF8D4BC043}D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe] => (Block) D:\games\borderlands 3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software) [File not signed]
FirewallRules: [{E6564CCE-6DDC-4F44-B141-CE2F4FD4F0F4}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{F39D6B55-A710-404C-9AB2-B7DA8C1B716C}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{F57BE923-0097-404E-BDE2-7FB53074D523}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{B110581D-256B-4F62-B607-D23E1AA61D64}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [UDP Query User{9D283F53-AB0A-49A1-8710-2C943FFF0D22}D:\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe] => (Block) D:\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe (Firefly Studios Limited -> )
FirewallRules: [TCP Query User{EFE6145A-F4C0-4E2F-A75C-29D123601EA0}D:\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe] => (Block) D:\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe (Firefly Studios Limited -> )
FirewallRules: [{64D91496-A62B-4379-A36A-D5F3F6430CE1}] => (Allow) d:\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{E7393EFF-9D9C-4648-BDF1-1761ECB746D4}] => (Allow) d:\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{171492B7-64C7-433F-A8D0-777B82606372}] => (Allow) d:\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2C86C07B-E3B8-4331-959B-245136CF646B}] => (Allow) d:\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{CC65E9D2-BDCE-4A64-B29A-7F078598DFF5}] => (Allow) d:\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C777848E-269B-455F-B68B-166160CCCEEA}] => (Allow) C:\Users\LakiCoece\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{3E3F5738-051D-47F2-ACDE-6678C2F352EA}] => (Allow) C:\Users\LakiCoece\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EF3EE2AC-CAC9-4836-987A-3CD9D8E8A6D6}] => (Allow) C:\Users\LakiCoece\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{AAF076E7-7BA5-402B-A9FE-E585B96F20CD}] => (Allow) C:\Users\LakiCoece\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BB3399B3-B9DC-44F8-9C01-5030A34AE319}] => (Allow) d:\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{5BE60F77-D5EA-4690-B831-BD9B19C83369}] => (Allow) d:\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{C7E585FF-D902-4713-99B7-67CD742D6EA3}] => (Allow) d:\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{CD19362F-B92F-44D5-B98E-22F844C3E45F}] => (Allow) d:\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{0F532392-33F3-4401-86BD-A20847DA6CAB}] => (Allow) d:\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{CEFC3D97-159A-48C3-ABC1-E6C17FC3B923}] => (Allow) d:\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{01B583A0-5FB0-449C-A048-FAF9A3E6643F}D:\games\rotwk\game.dat] => (Allow) D:\games\rotwk\game.dat (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{F5B3CE04-A006-45A7-9083-7F584D610AD7}D:\games\rotwk\game.dat] => (Allow) D:\games\rotwk\game.dat (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{CC4AC16F-AC59-4F19-911D-DD593207A24D}C:\users\lakicoece\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\lakicoece\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{8F235DD4-DC8F-4089-8FC3-82451C2DC41C}C:\users\lakicoece\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\lakicoece\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [{1508B22F-4296-4E00-972C-F7B4D7A201C9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6D955F4A-54F2-41AB-92D4-EC20780038CA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B3BB98FE-CBFF-47E0-A4ED-5393C6FFC9B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C343E8F6-4A12-4366-9090-D83C8148CCB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{60DB5E6C-3C11-470D-907F-2C6131A0BCE0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFA1772B-87E9-4FEB-A7B0-387F86196428}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{448D386C-90E6-45B3-BCCE-1B571839462F}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DC872B05-6A20-4A1B-A0F0-2028F97B3663}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{7A6525FF-3D66-46B2-83B6-3718CC387687}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{227DF5D7-5ADA-471A-AEEA-492A78C6274C}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{F2D37153-7DA0-4241-91C3-793588808EC4}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{B10D35F3-23D1-4861-9821-F945864555D3}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [TCP Query User{F691332E-EDD2-44AE-B22E-0C140981DED5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B693FFBF-FD56-4325-AB1D-C6CD672126DB}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{7AC1ABB1-1C17-4684-841E-B55E2DB99169}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6E35E11E-986F-4A11-9403-37C63E761DE3}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{00A78AED-0356-4CAF-8600-F510B2FDA496}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{559AF54A-9D20-4F23-887B-EC8C3F420421}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2288596F-CAE7-48BB-8976-2A037051BE7E}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{7BE971AB-8E9D-4285-8D43-29C0DCBDF2A4}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{C1D09E98-4542-4CAD-85AF-AB198C3BE65E}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{552CE56F-72C8-4818-915D-2FF708ACDE0A}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{6A2E4755-A8E2-40E7-9ADE-454FC7692AD7}D:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E14A7045-EEAC-480A-BD65-29404BABECC4}D:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{1DB1E86F-E034-492E-AF40-CB8DB33FAD60}D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{DA5BC0C4-0B72-45CC-A665-3549B4532BC0}D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [TCP Query User{AA6F226C-9AA1-4E15-ACC7-36076FFEBD64}D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe] => (Block) D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe (Valve -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{457D3CD9-1B88-4456-AA8F-A1D59B28BD6E}D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe] => (Block) D:\games\total war warhammer ii curse of the vampire coast\warhammer2.exe (Valve -> The Creative Assembly Ltd) [File not signed]
FirewallRules: [{EADEF043-D4D9-4FDB-B083-4FAE2C9A85C3}] => (Allow) D:\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4328CF00-DBA6-448E-924B-360EDB74CAB8}] => (Allow) D:\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BA5EC37-C65B-4158-80C3-5B0698BE3EC5}] => (Allow) D:\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86FACD85-7C11-47F3-8742-B7E97B8BE9AB}] => (Allow) D:\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F5FEF56-0B57-4A18-842A-D94967D1E44A}] => (Allow) D:\Microsoft Office\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{28DBF252-7AF9-4D90-B518-474F4AC0DF09}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{0DCCBFAB-FA56-4532-A7B6-5DA29EC33ECB}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{16CA2FC9-A1DD-41E6-A138-B980E7BBD185}D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{0E04DA1E-5E0B-4E04-8C36-338758C5E7E0}D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) D:\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{C9B210EA-551D-4E1D-B87F-B419457FD4E0}] => (Allow) C:\Users\LakiCoece\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F6AFFB63-3053-47A3-8C8D-DA1E1D1E6E9B}] => (Allow) C:\Users\LakiCoece\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B7FDCADA-C1BD-4238-BF27-34B78E6BC067}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]
FirewallRules: [{062B9205-999C-4B4C-850D-DB3FF5DD325E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed]

==================== Restore Points =========================

07-01-2020 21:13:58 Windows Update

==================== Faulty Device Manager Devices ============

Name: Wireless Gamepad F710
Description: Wireless Gamepad F710
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/07/2020 09:16:05 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "Outlook" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.

Error: (01/07/2020 09:16:05 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1021) (User: NT AUTHORITY)
Description: Windows cannot open the 32-bit extensible counter DLL "D:\Microsoft Office\Office14\OLMAPI32.DLL" in a 64-bit environment (Win32 error code 193). Contact the file vendor to obtain a 64-bit version. Alternatively, you can open the 32-bit extensible counter DLL by using the 32-bit version of Performance Monitor. To use this tool, open the Windows folder, open the Syswow64 folder, and then start Perfmon.exe.

Error: (01/07/2020 09:16:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "ASP.NET_1.1.4322" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.

Error: (01/07/2020 09:16:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1021) (User: NT AUTHORITY)
Description: Windows cannot open the 32-bit extensible counter DLL "C:\Windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll" in a 64-bit environment (Win32 error code 193). Contact the file vendor to obtain a 64-bit version. Alternatively, you can open the 32-bit extensible counter DLL by using the 32-bit version of Performance Monitor. To use this tool, open the Windows folder, open the Syswow64 folder, and then start Perfmon.exe.

Error: (01/07/2020 08:43:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: The Cryptographic Services service failed to initialise the Catalogue Database. The error was: -2147418113 (0x8000ffff) : Catastrophic failure
.

Error: (01/07/2020 08:42:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: The Cryptographic Services service failed to initialise the Catalogue Database. The error was: -2147418113 (0x8000ffff) : Catastrophic failure
.

Error: (01/07/2020 08:42:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: The Cryptographic Services service failed to initialise the Catalogue Database. The error was: -2147418113 (0x8000ffff) : Catastrophic failure
.

Error: (01/07/2020 08:42:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: The Cryptographic Services service failed to initialise the Catalogue Database. The error was: -2147418113 (0x8000ffff) : Catastrophic failure
.


System errors:
=============
Error: (01/08/2020 04:44:14 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: The BITS service failed to start.  Error 2147500053.

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (01/07/2020 09:21:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}


Windows Defender:
===================================
Date: 2020-01-07 21:18:47.323
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...37&enterprise=0
Name: Trojan:Win32/Bluteal!rfn
ID: 2147724737
Severity: Ozbiljno
Category: Trojanski softver
Path: file:_C:\Windows\System32\winscomrssrv.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\rundll32.exe
Security intelligence Version: AV: 1.307.1911.0, AS: 1.307.1911.0, NIS: 1.307.1911.0
Engine Version: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-07 20:49:14.146
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...05&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\StartupCheckLibrary.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Security intelligence Version: AV: 1.303.701.0, AS: 1.303.701.0, NIS: 1.303.701.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2020-01-07 20:49:13.952
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...05&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\StartupCheckLibrary.dll; process:_pid:2156,ProcessStart:132229001195472372
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.303.701.0, AS: 1.303.701.0, NIS: 1.303.701.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2020-01-07 20:48:56.733
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...05&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\StartupCheckLibrary.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Security intelligence Version: AV: 1.303.701.0, AS: 1.303.701.0, NIS: 1.303.701.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2

Date: 2020-01-07 20:48:44.856
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...05&enterprise=0
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\StartupCheckLibrary.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.303.701.0, AS: 1.303.701.0, NIS: 1.303.701.0
Engine Version: AM: 1.1.16400.2, NIS: 1.1.16400.2

CodeIntegrity:
===================================

Date: 2020-01-08 17:00:54.544
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.532
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.506
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.491
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.478
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.465
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-08 17:00:54.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1802 05/20/2016
Motherboard: ASUSTeK COMPUTER INC. H110M-K
Processor: Intel® Core™ i5-6600 CPU @ 3.30GHz
Percentage of memory in use: 49%
Total physical RAM: 8128.67 MB
Available physical RAM: 4140.04 MB
Total Virtual: 14784.67 MB
Available Virtual: 9632.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.09 GB) (Free:147.28 GB) NTFS
Drive d: (Buksa) (Fixed) (Total:931.39 GB) (Free:206.12 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:201.58 GB) NTFS

\\?\Volume{3bedaa92-2c8c-4a8a-845a-f57ae7b5ceed}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{b8254eb5-3dc3-4ce5-91ad-01b7c8cc4e6c}\ () (Fixed) (Total:0.83 GB) (Free:0.36 GB) NTFS
\\?\Volume{16ef4ea7-ecc1-4248-82e3-e8fad9bf6d11}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: C4713AD4)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Attached Files


  • 0

Advertisements

#2
RKinner
Posted 08 January 2020 - 06:10 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

False positive by Windows Defender removed some files used by tasks  that should have been removed during the upgrade.

 

Easily fixed but you have other problems.  See if you can get DISM and SFC to run.

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::


notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

To fix your problem:

 

 

 
Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   878bytes   150 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP