Jump to content

defbg

Honorary Members
  • Posts

    38
  • Joined

  • Last visited

Everything posted by defbg

  1. Thank you for you help. The laptop is running smoothly now.
  2. I uninstalled Mozilla when we first started fixing the laptop. I didnt install it again because I was suspicious about the browser and the way it affected the system. I would like to install it again and use it as main browser
  3. The scan didn't find anything. The laptop runs smooth lately. I noticed from the log that the restriction for Mozilla is removed. Is it completely safe to install it again now? And are the other errors fixed?
  4. Hello. Do you mind to explain to me what this script is going to fix ? I am extra cautios and would like to know what I am doing
  5. mbst-grab-results.zipscan.txt sorry for the delay.
  6. Hi again. I am still digging into it I found a suspicious Mozilla folder which I deleted. Ill send a link to explain it better. https://www.trendmicro.com/vinfo/ph/threat-encyclopedia/malware/Trojan.Win32.DLOADR.AUSUUF/ Also something that I noticed in Malwarebytes... I have turned On scans for Rootkits but after every scan the report says it is Disabled. Sorry again if its too much.
  7. Sorry for my questions. And sorry for being back here but the laptop is not working as good as it used to. There are processes in The Task Manager that use too much % disk or memory. Trying to play a game online for example is impossible because of lag or high % usage. After a restart the windows runs very bad and slow. Sorry again if it is too much information or questions. Would understand if you cant assist anyone.
  8. scan.txt The laptop runs and feels good. It is working smooth. I thought that I still didnt do the Cleanmgr scan and clean up. Is it still worth doing or ? How can I make sure that the old Mozilla data is completely cleaned ?
  9. I switched to beta and updated to latest versions. Now it's running a normal scan and so far nothing found.
  10. Can you please explain me more about the problem and what you found from the logs? If it is possible, before I do that
  11. info.txt logfile of random's system information tool 1.10 2020-05-27 17:17:13 ======MBR====== 0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A547ECB5000008020210007DD1E3F0008000000A00F0000DD1F3F07FEFFFF00A80F0000605A1800FEFFFF07FEFFFF00086A180000632E00FEFFFF07FEFFFF0008CD460058A32D55AA ======Uninstall list====== -->"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Uninstaller.exe" --uninstall=1 --sapCode=CCXP --productVersion=3.3.0 --productPlatform=win32 --productAdobeCode={CCXP-3.3.0-32-ADBEADBEADBEADBEADBEAD} --productName="CCX Process" --mode=1 -->"C:\Program Files\NXT\jre\bin\javaw.exe" -jar "C:\Program Files\NXT\uninstaller\uninstaller.jar" -->C:\PROGRA~2\SMARTW~1\swsetup.exe -uninstall 7-Zip 19.00 (x64)-->C:\Program Files\7-Zip\Uninstall.exe Active Directory Authentication Library for SQL Server-->MsiExec.exe /I{52D1FCFD-1052-4D75-B3FB-9906901AFD98} Adobe Acrobat Reader DC-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AC0F074E4100} Adobe Flash Player 28 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_Plugin.exe -maintain plugin Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824369436} AIDA64 5.92.4300 Final-->C:\Program Files (x86)\AIDA64\Удалить AIDA64.exe Backup and Sync from Google-->MsiExec.exe /X{FE296942-D2D3-4149-8895-60655FE4CFDE} Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enGB --uid=battle.net --displayname="Battle.net" Battlerite-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/504370 Binance version 1.0.0-->"C:\Binance\unins000.exe" Brave-->"C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\80.1.7.92\Installer\setup.exe" --uninstall --system-level Call of Duty Modern Warfare-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=odin --displayname="Call of Duty Modern Warfare" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" ClickOnce Bootstrapper Package for Microsoft .NET Framework-->MsiExec.exe /X{D1844DC3-B378-47CC-AB40-7FC16C79A2CD} Conceal Wallet-->C:\Program Files (x86)\Conceal Wallet\uninstall.exe Core Temp 1.15.1-->"C:\Program Files\Core Temp\unins000.exe" Daedalus-->"C:\Program Files\Daedalus\uninstall.exe" DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe Definition Update for Microsoft Office 2016 (KB3115407) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{3DBF9257-2612-4385-BCE3-E9D4C41CC8CB}" "1033" "0" DiagnosticsHub_CollectionService-->MsiExec.exe /I{0CB7B447-4937-4945-B8C0-807A77B830D5} Documentation Manager-->MsiExec.exe /X{885E5716-698F-47E6-9ABD-87260B6C80F7} Dolby Audio X2 Windows API SDK-->MsiExec.exe /X{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8} Dolby Audio X2 Windows APP-->MsiExec.exe /X{D0D32569-4680-490A-905C-5117CEAAB3EF} Driver Easy 5.6.0-->"C:\Program Files\Easeware\DriverEasy\unins000.exe" eFootball PES 2020-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/996470 Entity Framework 6.2.0 Tools for Visual Studio 2017-->MsiExec.exe /X{D58F95D9-65E0-4057-9008-1226B3516B76} Epic Games Launcher Prerequisites (x64)-->MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} Epic Games Launcher-->MsiExec.exe /X{57350A74-1CA4-48F2-861F-EDCB971D260C} Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\setup.exe" --uninstall --system-level --verbose-logging Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Herramientas de corrección de Microsoft Office 2016: español-->MsiExec.exe /X{90160000-001F-0C0A-1000-0000000FF1CE} Hextech Repair Tool-->MsiExec.exe /I{7F9A97E6-E666-11E5-B582-B88687E82322} HitmanPro 3.8-->"C:\Program Files\HitmanPro\HitmanPro.exe" /uninstall Hunt: Showdown-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/594650 icecap_collection_neutral-->MsiExec.exe /I{12C1EC05-F936-4A80-821E-7AAC64C4E6FF} icecap_collection_x64-->MsiExec.exe /I{C8E22DF4-5498-4B61-93CF-3081BE95A1BA} icecap_collectionresources-->MsiExec.exe /I{079302B9-1EF0-46D0-83FA-382C01ADF6E6} icecap_collectionresourcesx64-->MsiExec.exe /I{500E3263-4930-456B-AD78-E6D0ACC7ABB1} IIS 10.0 Express-->MsiExec.exe /X{4E0AF984-1437-42DC-A8E4-A6EE920DDFAF} IIS Express Application Compatibility Database for x64-->%windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\CustomSDB\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb" IIS Express Application Compatibility Database for x86-->%windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\CustomSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb" Immunet-->"C:\Program Files\Immunet\7.0.2\uninstall.exe" Intel Driver && Support Assistant-->MsiExec.exe /X{06626F51-076E-4195-B040-1EAB58735E21} Intel(R) Chipset Device Software-->"C:\ProgramData\Package Cache\{226be6c3-8e08-4d52-bd3a-d361008448c5}\SetupChipset.exe" /uninstall Intel(R) Chipset Device Software-->MsiExec.exe /I{3AAD3A73-0D6A-4EFE-93FC-7719DC6C89E4} Intel(R) Computing Improvement Program-->MsiExec.exe /X{D98C2DF9-C731-4322-A5F0-D897300216EE} Intel(R) Management Engine Components-->"C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall Intel(R) Management Engine Components-->MsiExec.exe /I{36AF43ED-2226-42EB-BA12-5C04646A20D6} Intel(R) Processor Graphics-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall Intel(R) Rapid Storage Technology-->"C:\Program Files (x86)\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall Intel(R) Rapid Storage Technology-->MsiExec.exe /I{4797FCC2-6215-4A3B-891F-3BB495F341B4} Intel(R) Serial IO-->"C:\ProgramData\Intel\Package Cache\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}\Setup.exe" -uninstall Intel(R) Serial IO-->MsiExec.exe /I{EC883E72-01ED-4DED-AA46-9162C34A7D4F} Intel(R) Wireless Bluetooth(R)-->MsiExec.exe /I{00000080-0210-1033-84C8-B8D95FA3C8C3} Intel® Driver & Support Assistant-->"C:\ProgramData\Package Cache\{51daa996-b36e-4097-9cc0-dda4869e52c6}\Intel-Driver-and-Support-Assistant-Installer.exe" /uninstall Intel® PROSet/Wireless Software-->"C:\ProgramData\Package Cache\{25779f5d-6b0a-4e11-89e8-441b93c6ce2b}\Setup.exe" /uninstall Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{11BD5062-5227-4A48-91AF-904B1802EEA8} Intel® Software Installer-->"C:\ProgramData\Package Cache\{45fc2606-7c3b-4963-966b-b6e0eae08246}\WirelessSetup.exe" /uninstall IntelliTraceProfilerProxy-->MsiExec.exe /I{5F42C347-0A33-4BCE-B9D7-CCD1082C3187} IntelliTraceProfilerProxy-->MsiExec.exe /I{ACBAA378-519A-441D-9349-C0AAD8DEAD04} Kits Configuration Installer-->MsiExec.exe /I{6F502640-B753-C101-FFA5-B38C3FA5B29A} KMPlayer-->C:\KMPlayer\uninstall.exe Launcher Prerequisites (x64)-->"C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall League of Legends-->"C:\Riot Games\League of Legends\Uninstall League of Legends.exe" Ledger Live 2.2.4-->"C:\Program Files\Ledger Live\Uninstall Ledger Live.exe" /allusers Ledger Wallet Ripple version 1.0.3-->"C:\Program Files (x86)\Ledger Wallet Ripple\unins000.exe" Malwarebytes version 4.1.0.56-->"C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe" /Uninstall /uselocalisvc MB Microsoft .NET Core Host - 2.0.7 (x64)-->MsiExec.exe /X{44A0581F-4D12-4547-9D73-6239C4E24B07} Microsoft .NET Core Host FX Resolver - 2.0.7 (x64)-->MsiExec.exe /X{2BB77856-A486-4C37-B9F3-3FA12838880C} Microsoft .NET Core Runtime - 2.0.7 (x64)-->MsiExec.exe /X{59F7377C-012A-4D30-A658-3C3B97EBEBE5} Microsoft .NET Core SDK - 2.1.200 (x64)-->"C:\ProgramData\Package Cache\{5c091db2-4e5d-471d-8feb-c3a6e52d6661}\dotnet-sdk-2.1.200-win-x64.exe" /uninstall Microsoft .NET Core SDK - 2.1.200 (x64)-->MsiExec.exe /I{EDAEAACC-348D-4480-80E7-8007DF2452DC} Microsoft .NET CoreRuntime For CoreCon-->MsiExec.exe /X{48A8F171-52F2-372B-8414-EA50617708BE} Microsoft .NET CoreRuntime SDK-->MsiExec.exe /I{3E1C90EB-DAB6-39C8-82EC-3B8C1EE5BA66} Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} Microsoft .NET Framework 4.5 Multi-Targeting Pack-->MsiExec.exe /X{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493} Microsoft .NET Framework 4.5.1 Multi-Targeting Pack-->MsiExec.exe /X{6A0C6700-EA93-372C-8871-DCCF13D160A4} Microsoft .NET Framework 4.5.2 Multi-Targeting Pack-->MsiExec.exe /X{19E8AE59-4D4A-3534-B567-6CC08FA4102E} Microsoft .NET Framework 4.6 Targeting Pack-->MsiExec.exe /X{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65} Microsoft .NET Framework 4.6.1 SDK-->MsiExec.exe /X{2F0ECC80-B9E4-4485-8083-CD32F22ABD92} Microsoft .NET Framework 4.6.1 Targeting Pack-->MsiExec.exe /X{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9} Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (ENU)-->MsiExec.exe /X{276CB8F7-CA1E-41FE-8307-A55D95D33D99} Microsoft .NET Native SDK-->MsiExec.exe /I{13F79D3A-88C2-3A1C-9035-6A99EE478DF2} Microsoft Access MUI (English) 2016-->MsiExec.exe /X{90160000-0015-0409-1000-0000000FF1CE} Microsoft Access Setup Metadata MUI (English) 2016-->MsiExec.exe /X{90160000-0117-0409-1000-0000000FF1CE} Microsoft ASP.NET Core 2.0.8 Runtime Package Store (x64)-->MsiExec.exe /X{93571190-2F86-30D7-A78E-359FA888E54B} Microsoft ASP.NET Core Module for IIS Express-->MsiExec.exe /X{DE63E5C6-CACF-47E9-9646-F420A5FE38BC} Microsoft ASP.NET Diagnostic Pack for Visual Studio-->MsiExec.exe /X{ECA9819A-2BBC-331E-BB26-3EC33C313EE6} Microsoft ASP.NET Web Tools Packages 15.0 - ENU-->MsiExec.exe /X{90D7B673-309C-36DE-B05E-F1A4F2F7D9D8} Microsoft Azure Authoring Tools - v2.9.5.3-->MsiExec.exe /I{086C537B-DE1A-4A11-8441-6AAF076174B8} Microsoft Azure Compute Emulator - v2.9.5.3-->msiexec /x{bb44c8f9-c555-45cf-b6da-80131b139165} Microsoft Azure Compute Emulator - v2.9.5.3-->MsiExec.exe /I{BB44C8F9-C555-45CF-B6DA-80131B139165} Microsoft Azure Libraries for .NET – v2.9-->MsiExec.exe /I{C5C91AA6-3E83-430E-8B7A-6B790083F28D} Microsoft Azure Storage Emulator - v5.4-->msiexec /x{f22a95a5-6882-4c6e-9a05-a1cc77daf0a5} Microsoft Azure Storage Emulator - v5.4-->MsiExec.exe /X{F22A95A5-6882-4C6E-9A05-A1CC77DAF0A5} Microsoft DCF MUI (English) 2016-->MsiExec.exe /X{90160000-0090-0409-1000-0000000FF1CE} Microsoft Excel MUI (English) 2016-->MsiExec.exe /X{90160000-0016-0409-1000-0000000FF1CE} Microsoft Groove MUI (English) 2016-->MsiExec.exe /X{90160000-00BA-0409-1000-0000000FF1CE} Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{B0169E83-757B-EF66-E2F0-391944D785BC} Microsoft InfoPath MUI (English) 2016-->MsiExec.exe /X{90160000-0044-0409-1000-0000000FF1CE} Microsoft NetStandard SDK-->MsiExec.exe /I{737FDDA7-B944-4CB5-92D9-3D56373BD301} Microsoft Office 32-bit Components 2016-->MsiExec.exe /X{90160000-00C1-0000-1000-0000000FF1CE} Microsoft Office OSM MUI (English) 2016-->MsiExec.exe /X{90160000-00E1-0409-1000-0000000FF1CE} Microsoft Office OSM UX MUI (English) 2016-->MsiExec.exe /X{90160000-00E2-0409-1000-0000000FF1CE} Microsoft Office Professional Plus 2016-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2016-->MsiExec.exe /X{90160000-0011-0000-1000-0000000FF1CE} Microsoft Office Proofing (English) 2016-->MsiExec.exe /X{90160000-002C-0409-1000-0000000FF1CE} Microsoft Office Proofing Tools 2016 - English-->MsiExec.exe /X{90160000-001F-0409-1000-0000000FF1CE} Microsoft Office Shared 32-bit MUI (English) 2016-->MsiExec.exe /X{90160000-00C1-0409-1000-0000000FF1CE} Microsoft Office Shared MUI (English) 2016-->MsiExec.exe /X{90160000-006E-0409-1000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2016-->MsiExec.exe /X{90160000-0115-0409-1000-0000000FF1CE} Microsoft OneNote MUI (English) 2016-->MsiExec.exe /X{90160000-00A1-0409-1000-0000000FF1CE} Microsoft Outlook MUI (English) 2016-->MsiExec.exe /X{90160000-001A-0409-1000-0000000FF1CE} Microsoft Portable Library Multi-Targeting Pack Language Pack - enu-->MsiExec.exe /X{BA3309CA-7099-3F6B-B386-EB7CC895C410} Microsoft Portable Library Multi-Targeting Pack-->MsiExec.exe /X{812F31DC-FAA6-3979-B3D6-5D6BAAF2945D} Microsoft PowerPoint MUI (English) 2016-->MsiExec.exe /X{90160000-0018-0409-1000-0000000FF1CE} Microsoft Publisher MUI (English) 2016-->MsiExec.exe /X{90160000-0019-0409-1000-0000000FF1CE} Microsoft Skype for Business MUI (English) 2016-->MsiExec.exe /X{90160000-012B-0409-1000-0000000FF1CE} Microsoft SQL Server 2012 Command Line Utilities -->MsiExec.exe /I{9198AD57-6396-4DF8-8D0C-20EA764F7986} Microsoft SQL Server 2012 Native Client -->MsiExec.exe /I{1385D3DB-8E80-427B-91D2-B7535862B8E4} Microsoft SQL Server 2016 LocalDB -->MsiExec.exe /I{9097BF1A-13A0-4A4A-A1F8-473E2A669863} Microsoft System CLR Types for SQL Server 2017-->MsiExec.exe /I{EE99006A-F227-41BA-884C-C3AF9642D95A} Microsoft System CLR Types for SQL Server 2017-->MsiExec.exe /I{FBD0D997-4E36-4B10-8471-BD7CF42ECE7F} Microsoft TestPlatform SDK Local Feed-->MsiExec.exe /I{74883C13-66E7-4F61-B250-834304500449} Microsoft UniversalWindowsPlatform SDK-->MsiExec.exe /I{922E20A7-BFB3-4DE7-BB53-648CDDA58CDD} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f} Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610-->"C:\ProgramData\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C} Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00} Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589} Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607} Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9} Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36} Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660-->"C:\ProgramData\Package Cache\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}\vcredist_x64.exe" /uninstall Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660-->"C:\ProgramData\Package Cache\{61087a79-ac85-455c-934d-1fa22cc64f36}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660-->MsiExec.exe /X{5740BD44-B58D-321A-AFC0-6D3D4556DD6C} Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660-->MsiExec.exe /X{CB0836EC-B072-368D-82B2-D3470BF95707} Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660-->MsiExec.exe /X{7DAD0258-515C-3DD4-8964-BD714199E0F7} Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660-->MsiExec.exe /X{E30D8B21-D82D-3211-82CC-0F0A5D1495E8} Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127-->"C:\ProgramData\Package Cache\{282975d8-55fe-4991-bbbb-06a72581ce58}\VC_redist.x64.exe" /uninstall Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127-->"C:\ProgramData\Package Cache\{e31cb1a4-76b5-46a5-a084-3fa419e82201}\VC_redist.x86.exe" /uninstall Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127-->MsiExec.exe /I{8678BA04-D161-45BE-ACA4-CC5D13073F35} Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127-->MsiExec.exe /I{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19} Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127-->MsiExec.exe /I{EAC73207-74BD-4B13-AACF-8C0E751FA4E8} Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127-->MsiExec.exe /I{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D} Microsoft Visual Studio Installer-->"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" /uninstall Microsoft Visual Studio Setup Configuration-->MsiExec.exe /I{97875B86-E454-4E90-ABD0-863C53288739} Microsoft Visual Studio Team Foundation Server 2017 RC Office Integration (x64)-->MsiExec.exe /I{B6201C70-E610-30A2-9D6F-BF8E359FAAF2} Microsoft Visual Studio Team Foundation Server 2017 RC Office Integration Language Pack (x64) - ENU-->MsiExec.exe /I{5C93997E-33A5-3CDC-9B99-98FEFA70B490} Microsoft Web Deploy 4.0-->MsiExec.exe /I{8CB59F32-D77D-4846-8D11-73B19CC371A0} Microsoft Windows Communication Foundation Diagnostic Pack for x86-->MsiExec.exe /I{B4A4856F-7A4F-3BC4-A469-690D3CA52894} Microsoft Word MUI (English) 2016-->MsiExec.exe /X{90160000-001B-0409-1000-0000000FF1CE} Mount & Blade II: Bannerlord-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/261550 Mount and Blade II Bannerlord-->"E:\Games\Mount and Blade II Bannerlord\Uninstall\unins000.exe" NVIDIA CUDA Samples 9.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage samples_9.0 NVIDIA CUDA Visual Studio Integration 9.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage visual_studio_integration_9.0 NVIDIA GeForce Experience 3.20.3.63-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience NVIDIA Graphics Driver 445.87-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver NVIDIA Nsight Visual Studio Edition 5.4.0.17229-->MsiExec.exe /X{3C2B7A30-1441-4418-8222-2A647ECF1C07} NVIDIA PhysX System Software 9.19.0218-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA Tools Extension SDK (NVTX) - 64 bit-->MsiExec.exe /X{B56D2F88-8865-40FD-B7AC-F074EE4D201D} NXT 1.11.10-->"C:\Program Files\NXT\jre\bin\javaw.exe" -jar "C:\Program Files\NXT\uninstaller\uninstaller.jar" Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe Outils de vérification linguistique 2016 de Microsoft Office - Français-->MsiExec.exe /X{90160000-001F-040C-1000-0000000FF1CE} OWallet 0.8.8-->"C:\Program Files\OWallet\Uninstall OWallet.exe" /allusers qBittorrent 4.2.5-->"C:\Program Files\qBittorrent\uninst.exe" Qualcomm Atheros 11ac Wireless LAN Installer-->"C:\Program Files (x86)\InstallShield Installation Information\{20CA507E-24AA-4741-87CF-CC1B250790B7}\setup.exe" -runfromtemp -l0x0409 -removeonly Razer Chroma SDK-->C:\Program Files (x86)\Razer Chroma SDK\Razer_Chroma_SDK_Uninstaller.exe Razer Synapse-->"C:\WINDOWS\Installer\Razer\Installer\App\RazerInstaller.exe" /uninstall Realtek Card Reader-->C:\WINDOWS\RtCRU64.exe /u Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly Red Dead Redemption 2-->"E:\Prog\Launcher\Launcher.exe" -enableFullMode -uninstall=rdr2 Revo Uninstaller 2.1.0-->"C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe" Riot Vanguard-->"C:\Program Files\Riot Vanguard\uninstall.exe" Rockstar Games Launcher-->"E:\Prog\Launcher\uninstall.exe" Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1033" "0" Security Update for Microsoft Office 2016 (KB3085538) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{5A84393A-E440-48A1-BB99-AD1244AC0C35}" "1033" "0" Security Update for Microsoft Office 2016 (KB3114375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{F5AB64DC-399F-4A07-B02C-EEC8B45D2D9B}" "1033" "0" Security Update for Microsoft Office 2016 (KB3114375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0409-1000-0000000FF1CE}" "{F5AB64DC-399F-4A07-B02C-EEC8B45D2D9B}" "1033" "0" Security Update for Microsoft Office 2016 (KB3115135) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{02E071E3-BA0C-48C5-8D1E-6701065D1A3E}" "1033" "0" Security Update for Microsoft Office 2016 (KB3178703) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{94A11AFA-20ED-434B-B9E9-C41C4B0EA97B}" "1033" "0" Security Update for Microsoft Office 2016 (KB3178703) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0409-1000-0000000FF1CE}" "{94A11AFA-20ED-434B-B9E9-C41C4B0EA97B}" "1033" "0" Security Update for Microsoft Office 2016 (KB3178703) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{94A11AFA-20ED-434B-B9E9-C41C4B0EA97B}" "1033" "0" Security Update for Microsoft Office 2016 (KB3178703) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0409-1000-0000000FF1CE}" "{94A11AFA-20ED-434B-B9E9-C41C4B0EA97B}" "1033" "0" Security Update for Microsoft Office 2016 (KB3191863) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{04F86984-7A40-488A-9AED-0C18B6CCF0C0}" "1033" "0" Security Update for Microsoft Office 2016 (KB3191863) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{04F86984-7A40-488A-9AED-0C18B6CCF0C0}" "1033" "0" Security Update for Microsoft Word 2016 (KB3191865) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{1ABA25EF-ACF5-4602-B9CB-9C19077622A6}" "1033" "0" Security Update for Microsoft Word 2016 (KB3191865) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0409-1000-0000000FF1CE}" "{1ABA25EF-ACF5-4602-B9CB-9C19077622A6}" "1033" "0" Security Update for Microsoft Word 2016 (KB3191865) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0409-1000-0000000FF1CE}" "{1ABA25EF-ACF5-4602-B9CB-9C19077622A6}" "1033" "0" Security Update for Microsoft Word 2016 (KB3191865) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{1ABA25EF-ACF5-4602-B9CB-9C19077622A6}" "1033" "0" Security Update for Microsoft Word 2016 (KB3191865) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0409-1000-0000000FF1CE}" "{1ABA25EF-ACF5-4602-B9CB-9C19077622A6}" "1033" "0" Security Update for Skype for Business 2016 (KB3191858) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7E6E632A-5B4F-4F06-A791-21262DA16927}" "1033" "0" Security Update for Skype for Business 2016 (KB3191858) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-012B-0409-1000-0000000FF1CE}" "{7E6E632A-5B4F-4F06-A791-21262DA16927}" "1033" "0" SmartWhois-->"C:\Program Files (x86)\SmartWhois\swsetup.exe" -uninstall SopCast 4.2.0-->C:\Program Files (x86)\SopCast\uninst.exe Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe" Steam-->C:\Program Files (x86)\Steam\uninstall.exe Toolkit Documentation-->MsiExec.exe /I{4CB72D51-B41D-CB91-4FC9-FF14D691DAC1} TypeScript SDK-->MsiExec.exe /X{67DEF182-B4C8-4BB9-BA51-8EA574C28521} Update for (KB2504637)-->C:\WINDOWS\SysWOW64\msiexec.exe /package {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE} /uninstall {815F0BC1-7E54-300C-9ACA-C9460FDF6F78} /qb+ REBOOTPROMPT=&quot;&quot; Update for Microsoft Access 2016 (KB3178700) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4CE3DDDC-3916-45AB-BD43-33708375886E}" "1033" "0" Update for Microsoft Access 2016 (KB3178700) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{4CE3DDDC-3916-45AB-BD43-33708375886E}" "1033" "0" Update for Microsoft Excel 2016 (KB3191861) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{809E25E5-68E7-4E93-ACB7-527E03C25C64}" "1033" "0" Update for Microsoft Excel 2016 (KB3191861) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0409-1000-0000000FF1CE}" "{809E25E5-68E7-4E93-ACB7-527E03C25C64}" "1033" "0" Update for Microsoft Excel 2016 (KB3191861) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0409-1000-0000000FF1CE}" "{809E25E5-68E7-4E93-ACB7-527E03C25C64}" "1033" "0" Update for Microsoft Excel 2016 (KB3191861) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001B-0409-1000-0000000FF1CE}" "{809E25E5-68E7-4E93-ACB7-527E03C25C64}" "1033" "0" Update for Microsoft Excel 2016 (KB3191861) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{809E25E5-68E7-4E93-ACB7-527E03C25C64}" "1033" "0" Update for Microsoft Office 2016 (KB2910954) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{89B85BAE-5618-49A4-9C18-153202BDFC73}" "1033" "0" Update for Microsoft Office 2016 (KB2910970) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AAAF9852-CB71-4975-A7B4-0253B201E729}" "1033" "0" Update for Microsoft Office 2016 (KB2910970) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{AAAF9852-CB71-4975-A7B4-0253B201E729}" "1033" "0" Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1033" "0" Update for Microsoft Office 2016 (KB2920678) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{D6AE0D54-13A7-4B0D-A862-8AEF7D4796A6}" "1033" "0" Update for Microsoft Office 2016 (KB2920684) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4D4432EE-ECE1-42CA-8B93-0916170C8252}" "1033" "0" Update for Microsoft Office 2016 (KB2920712) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{A73D1FF5-0819-44C7-9294-FBDD4BA2F43B}" "1033" "0" Update for Microsoft Office 2016 (KB2920720) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{8683D594-A08C-451F-82C3-51D6FB730A6C}" "1033" "0" Update for Microsoft Office 2016 (KB2920724) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{AA7A282E-E962-4C45-9A74-16C49FD88FF1}" "1033" "0" Update for Microsoft Office 2016 (KB3085407) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{3717752D-9085-4F09-8851-75566CBD6A9D}" "1033" "0" Update for Microsoft Office 2016 (KB3085407) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0409-1000-0000000FF1CE}" "{3717752D-9085-4F09-8851-75566CBD6A9D}" "1033" "0" Update for Microsoft Office 2016 (KB3085407) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{3717752D-9085-4F09-8851-75566CBD6A9D}" "1033" "0" Update for Microsoft Office 2016 (KB3085407) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0409-1000-0000000FF1CE}" "{3717752D-9085-4F09-8851-75566CBD6A9D}" "1033" "0" Update for Microsoft Office 2016 (KB3114709) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B0D12818-1641-422F-9EB4-AC05243A4DD8}" "1033" "0" Update for Microsoft Office 2016 (KB3114903) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{92281B72-2A8C-40A4-BD15-58CCDF7DEDB1}" "1033" "0" Update for Microsoft Office 2016 (KB3115081) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{78D7B4DE-619F-4312-9707-DF354A48D110}" "1033" "0" Update for Microsoft Office 2016 (KB3115100) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{5EA702B7-1613-4DCB-85E6-A9BD9327CE00}" "1033" "0" Update for Microsoft Office 2016 (KB3115276) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{45610767-EC8C-44CD-9001-6845F626FCD5}" "1033" "0" Update for Microsoft Office 2016 (KB3115501) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{BCC33365-9E0D-4DEA-827E-4A3BCA054BCE}" "1033" "0" Update for Microsoft Office 2016 (KB3118262) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{7D634991-F4C0-4761-9F90-54F69A8199EB}" "1033" "0" Update for Microsoft Office 2016 (KB3118263) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{94848838-9497-4F39-8294-CFB65614776A}" "1033" "0" Update for Microsoft Office 2016 (KB3118264) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B2437330-4140-4B97-8041-3D337D716DC9}" "1033" "0" Update for Microsoft Office 2016 (KB3127991) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{962B28E8-8153-49C9-BFAB-23ABB4D8A5F5}" "1033" "0" Update for Microsoft Office 2016 (KB3127991) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{962B28E8-8153-49C9-BFAB-23ABB4D8A5F5}" "1033" "0" Update for Microsoft Office 2016 (KB3128050) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4B752F8C-1271-4F0F-81DC-493E7B96F6AC}" "1033" "0" Update for Microsoft Office 2016 (KB3128050) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0016-0409-1000-0000000FF1CE}" "{4B752F8C-1271-4F0F-81DC-493E7B96F6AC}" "1033" "0" Update for Microsoft Office 2016 (KB3141454) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{6719A3DC-57FD-4C68-9012-3A8EF38D98A7}" "1033" "0" Update for Microsoft Office 2016 (KB3141506) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{847C18F4-D7FD-4833-BCB3-7036953BC967}" "1033" "0" Update for Microsoft Office 2016 (KB3141509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B375D409-982C-440A-B928-36DF1DAD6441}" "1033" "0" Update for Microsoft Office 2016 (KB3141509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0409-1000-0000000FF1CE}" "{B375D409-982C-440A-B928-36DF1DAD6441}" "1033" "0" Update for Microsoft Office 2016 (KB3141509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-040C-1000-0000000FF1CE}" "{B375D409-982C-440A-B928-36DF1DAD6441}" "1033" "0" Update for Microsoft Office 2016 (KB3141509) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001F-0C0A-1000-0000000FF1CE}" "{B375D409-982C-440A-B928-36DF1DAD6441}" "1033" "0" Update for Microsoft Office 2016 (KB3178658) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{C33E89D6-245C-4CA6-A062-E8F9AF64DBB4}" "1033" "0" Update for Microsoft Office 2016 (KB3178658) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-006E-0409-1000-0000000FF1CE}" "{C33E89D6-245C-4CA6-A062-E8F9AF64DBB4}" "1033" "0" Update for Microsoft Office 2016 (KB3178658) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{C33E89D6-245C-4CA6-A062-E8F9AF64DBB4}" "1033" "0" Update for Microsoft Office 2016 (KB3178666) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{F3859B93-03A6-4D24-9C59-FAF8A930DBBB}" "1033" "0" Update for Microsoft Office 2016 (KB3178692) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{4B3BA6E7-210D-4290-9CB5-D3DD16808C7C}" "1033" "0" Update for Microsoft Office 2016 (KB3178706) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{F0B8A25B-7B7F-4D09-99A6-F14CC9EF5619}" "1033" "0" Update for Microsoft Office 2016 (KB3178706) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{F0B8A25B-7B7F-4D09-99A6-F14CC9EF5619}" "1033" "0" Update for Microsoft Office 2016 (KB3191857) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E643C7EF-6509-4AC3-AE4B-36245AC21180}" "1033" "0" Update for Microsoft Office 2016 (KB3191862) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{CA324E35-17D3-4EEF-B4DF-0EC3BEC19521}" "1033" "0" Update for Microsoft Office 2016 (KB3191862) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{CA324E35-17D3-4EEF-B4DF-0EC3BEC19521}" "1033" "0" Update for Microsoft Office 2016 (KB3191867) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{D2764B10-633B-450F-8CF7-915D15C9EF7A}" "1033" "0" Update for Microsoft OneDrive for Business (KB3141458) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{3279FB4C-2FEC-4D7F-AD75-9EAE06B11248}" "1033" "0" Update for Microsoft OneDrive for Business (KB3141458) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00BA-0409-1000-0000000FF1CE}" "{3279FB4C-2FEC-4D7F-AD75-9EAE06B11248}" "1033" "0" Update for Microsoft OneDrive for Business (KB3141458) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{3279FB4C-2FEC-4D7F-AD75-9EAE06B11248}" "1033" "0" Update for Microsoft OneDrive for Business (KB3141458) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0409-1000-0000000FF1CE}" "{3279FB4C-2FEC-4D7F-AD75-9EAE06B11248}" "1033" "0" Update for Microsoft OneNote 2016 (KB3141512) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{93042877-467F-44B1-BBDC-21A15FEBD3EA}" "1033" "0" Update for Microsoft OneNote 2016 (KB3141512) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00A1-0409-1000-0000000FF1CE}" "{93042877-467F-44B1-BBDC-21A15FEBD3EA}" "1033" "0" Update for Microsoft OneNote 2016 (KB3141512) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{93042877-467F-44B1-BBDC-21A15FEBD3EA}" "1033" "0" Update for Microsoft Outlook 2016 (KB3191883) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{B37E09DB-3672-475D-AB72-AB9926D24941}" "1033" "0" Update for Microsoft Outlook 2016 (KB3191883) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-001A-0409-1000-0000000FF1CE}" "{B37E09DB-3672-475D-AB72-AB9926D24941}" "1033" "0" Update for Microsoft PowerPoint 2016 (KB3191860) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{BB80C025-005A-44E1-B84C-EA2DADC0C4CB}" "1033" "0" Update for Microsoft PowerPoint 2016 (KB3191860) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0018-0409-1000-0000000FF1CE}" "{BB80C025-005A-44E1-B84C-EA2DADC0C4CB}" "1033" "0" Update for Microsoft PowerPoint 2016 (KB3191860) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{BB80C025-005A-44E1-B84C-EA2DADC0C4CB}" "1033" "0" Update for Microsoft Project 2016 (KB3191870) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E15121DA-33C2-4FE2-9DEE-E8FCB62CC036}" "1033" "0" Update for Microsoft Project 2016 (KB3191870) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{E15121DA-33C2-4FE2-9DEE-E8FCB62CC036}" "1033" "0" Update for Microsoft Publisher 2016 (KB3128047) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{E880B055-7807-4911-9FEF-614F7B668F6C}" "1033" "0" Update for Microsoft Publisher 2016 (KB3128047) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0019-0409-1000-0000000FF1CE}" "{E880B055-7807-4911-9FEF-614F7B668F6C}" "1033" "0" Update for Microsoft Publisher 2016 (KB3128047) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{E880B055-7807-4911-9FEF-614F7B668F6C}" "1033" "0" Update for Microsoft Visio 2016 (KB3191856) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-0011-0000-1000-0000000FF1CE}" "{FEBA31C9-3558-4F78-BD15-B481D745619F}" "1033" "0" Update for Microsoft Visio 2016 (KB3191856) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Oarpmany.exe" /removereleaseinpatch "{90160000-00C1-0000-1000-0000000FF1CE}" "{FEBA31C9-3558-4F78-BD15-B481D745619F}" "1033" "0" Update for Windows 10 for x64-based Systems (KB4023057)-->MsiExec.exe /X{1FD817A6-63E1-4519-BFD4-228DABB7AB6B} Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe vcpp_crt.redist.clickonce-->MsiExec.exe /I{163FD3E7-A4F2-472F-A127-9082A5F32150} Visual C++ Library CRT Appx Package-->MsiExec.exe /I{62B1C8D5-AF64-37F5-B5E7-89606742FA77} Visual C++ Library CRT Appx Package-->MsiExec.exe /I{7E997C43-7D38-3CB2-8B9C-2F476E690E95} Visual C++ Library CRT Appx Resource Package-->MsiExec.exe /I{E88AC46A-B6DC-3A45-A3FC-AA817326A819} Visual C++ Library CRT Desktop Appx Package-->MsiExec.exe /I{0882AFC2-F3F4-396A-A311-F9B6D5358864} Visual C++ Library CRT Desktop Appx Package-->MsiExec.exe /I{8EDA2071-116E-3E2D-B9E6-D8E64E4815FF} Visual C++ Library CRT Desktop Appx Package-->MsiExec.exe /I{EE9E3804-76EF-3CB3-AF72-8C8CD777873C} Visual F# 10.1 SDK-->MsiExec.exe /I{476EBD8A-14B8-401F-B36D-6808E039E5EB} Visual Studio Community 2017-->"C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" uninstall --installPath "F:\ProgramData\Microsoft Visual Studio\2017\Community" VS Immersive Activate Helper-->MsiExec.exe /I{10948144-16FC-42B6-8DEA-5AC2428278DF} VS JIT Debugger-->MsiExec.exe /I{4D42BCAC-81DD-4450-8BDC-7FCC4C975D2F} VS Script Debugging Common-->MsiExec.exe /I{48C2D1FA-9F23-40E1-9F16-6A3CA6A78915} VS WCF Debugging-->MsiExec.exe /I{5F39E60E-759E-4DA5-AFD7-679FC10659E0} vs_BlendMsi-->MsiExec.exe /I{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9} vs_clickoncebootstrappermsi-->MsiExec.exe /I{A68D7884-F036-4A0D-AE1A-410E0311E135} vs_clickoncebootstrappermsires-->MsiExec.exe /I{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27} vs_clickoncesigntoolmsi-->MsiExec.exe /I{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45} vs_communitymsi-->MsiExec.exe /I{5DFEB1ED-29B8-44F0-8615-DE758242B0E2} vs_communitymsires-->MsiExec.exe /I{40040E64-50EB-4FCF-B209-DA0B20821759} vs_devenvmsi-->MsiExec.exe /I{BFFA2FFB-1095-4ADD-A352-368806D2412B} vs_filehandler_amd64-->MsiExec.exe /I{B6600254-A9D1-4265-826B-28B0E28C1F37} vs_filehandler_x86-->MsiExec.exe /I{EF15DAFE-8E43-48E6-AE94-CBA196675318} vs_FileTracker_Singleton-->MsiExec.exe /I{8EB2C670-04C2-482D-BACD-B4095E27FD39} vs_minshellinteropmsi-->MsiExec.exe /I{9B1DD088-CF09-46A1-8B42-18D231B19E39} vs_minshellmsi-->MsiExec.exe /I{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1} vs_minshellmsires-->MsiExec.exe /I{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5} vs_SQLClickOnceBootstrappermsi-->MsiExec.exe /I{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2} vs_tipsmsi-->MsiExec.exe /I{1AC6CC3D-7724-4D84-9270-798A2191AB1C} Vulkan Run Time Libraries 1.0.42.0-->C:\Program Files (x86)\VulkanRT\1.0.42.0\Instance_2\UninstallVulkanRT.exe Vulkan Run Time Libraries 1.0.42.0-->C:\Program Files (x86)\VulkanRT\1.0.42.0\Instance_3\UninstallVulkanRT.exe Vulkan Run Time Libraries 1.0.42.0-->C:\Program Files (x86)\VulkanRT\1.0.42.0\Instance_4\UninstallVulkanRT.exe Vulkan Run Time Libraries 1.0.42.0-->C:\Program Files (x86)\VulkanRT\1.0.42.0\Instance_5\UninstallVulkanRT.exe Vulkan Run Time Libraries 1.0.42.0-->C:\Program Files (x86)\VulkanRT\1.0.42.0\UninstallVulkanRT.exe Windows Assessment and Deployment Kit - Windows 10-->"C:\ProgramData\Package Cache\{cef137de-cdb9-48e2-babe-301cb8448d7b}\adksetup.exe" /uninstall Windows Mobile Connectivity Tools 10.0.15254.0 - Desktop x86-->MsiExec.exe /I{833F02C5-2C39-49F6-BD64-91D351081274} Windows Phone SDK 8.0 Assemblies for Visual Studio 2017-->MsiExec.exe /X{BA078BB9-9D83-3EFE-B581-64BB8BBB8029} Windows SDK AddOn-->MsiExec.exe /I{E77C2F78-6089-48F8-89DF-DDF2850DFFD9} Windows Setup Remediations (x64) (KB4023057)-->%windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\CustomSDB\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb" Windows Simulator - ENU-->MsiExec.exe /I{9CC35CDA-E79F-470B-9685-CF6971624444} Windows Simulator-->MsiExec.exe /I{53249A16-77EB-4149-B0B6-0F6A04C97CE2} windows_toolscorepkg-->MsiExec.exe /I{A4B6CC52-17E3-4511-8980-A4BCB283E8BB} Windscribe-->"C:\Program Files (x86)\Windscribe\unins000.exe" Wondershare Data Recovery(Build 6.0.1.9)-->"C:\Program Files (x86)\Wondershare\Data Recovery\unins000.exe" Wondershare Helper Compact 2.5.2-->"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\unins000.exe" World of Warcraft Classic-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=wow_classic --displayname="World of Warcraft Classic" WPT Redistributables-->MsiExec.exe /I{0432AB38-DDDD-CABF-F9E4-53B746BD6EFE} WPTx64-->MsiExec.exe /I{78418409-E850-B0E6-5C05-789D0610AEE4} x42 Core 0.1.17-->"C:\Program Files\x42 Core\Uninstall x42 Core.exe" /allusers ======System event log====== Computer Name: DESKTOP-V1HEL1I Event Code: 37 Message: The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report. Record Number: 50 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20191113074450.518852-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: DESKTOP-V1HEL1I Event Code: 37 Message: The speed of processor 4 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report. Record Number: 49 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20191113074450.518846-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: DESKTOP-V1HEL1I Event Code: 37 Message: The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report. Record Number: 48 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20191113074450.518837-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: DESKTOP-V1HEL1I Event Code: 37 Message: The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report. Record Number: 47 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20191113074450.518830-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: DESKTOP-V1HEL1I Event Code: 15 Message: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer. Record Number: 24 Source Name: TPM Time Written: 20191113074339.384960-000 Event Type: Error User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: DESKTOP-V1HEL1I Event Code: 455 Message: svchost (2316,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Record Number: 36269 Source Name: ESENT Time Written: 20200204193433.169365-000 Event Type: Error User: Computer Name: DESKTOP-V1HEL1I Event Code: 455 Message: svchost (3272,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Record Number: 36259 Source Name: ESENT Time Written: 20200204191654.304280-000 Event Type: Error User: Computer Name: DESKTOP-V1HEL1I Event Code: 8229 Message: The rules engine failed to perform one or more scheduled actions. Error Code:0x80070002 Path:<none> Arguments:<none> Record Number: 36258 Source Name: Microsoft-Windows-Security-SPP Time Written: 20200204191629.423903-000 Event Type: Error User: Computer Name: DESKTOP-V1HEL1I Event Code: 8229 Message: The rules engine failed to perform one or more scheduled actions. Error Code:0x80070002 Path:C:\WINDOWS\System32\SLUI.exe Arguments:"C:\WINDOWS\System32\SLUI.exe" RuleId=379cccfb-d4e0-48fe-b0f2-0136097be147;Action=CleanupState;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;Trigger=TimerEvent Record Number: 36257 Source Name: Microsoft-Windows-Security-SPP Time Written: 20200204191629.423903-000 Event Type: Warning User: Computer Name: DESKTOP-V1HEL1I Event Code: 8233 Message: The rules engine reported a failed VL activation attempt. Reason:0x80070002 AppId = 0ff1ce15-a989-479d-af46-f275c6370663, SkuId = d450596f-894d-49e0-966a-fd39ed4c4c64 Trigger=NetworkQuarantineRetry Record Number: 36256 Source Name: Microsoft-Windows-Security-SPP Time Written: 20200204191628.923787-000 Event Type: Warning User: =====Security event log===== Computer Name: DESKTOP-V1HEL1I Event Code: 5379 Message: Credential Manager credentials were read. Subject: Security ID: S-1-5-21-4186667663-2016276588-3485180206-1001 Account Name: Acer Account Domain: DESKTOP-V1HEL1I Logon ID: 0x5145F Read Operation: Enumerate Credentials This event occurs when a user performs a read operation on stored credentials in Credential Manager. Record Number: 307030 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20200512103220.838237-000 Event Type: Audit Success User: Computer Name: DESKTOP-V1HEL1I Event Code: 5379 Message: Credential Manager credentials were read. Subject: Security ID: S-1-5-21-4186667663-2016276588-3485180206-1001 Account Name: Acer Account Domain: DESKTOP-V1HEL1I Logon ID: 0x5145F Read Operation: Enumerate Credentials This event occurs when a user performs a read operation on stored credentials in Credential Manager. Record Number: 307029 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20200512103220.836677-000 Event Type: Audit Success User: Computer Name: DESKTOP-V1HEL1I Event Code: 5379 Message: Credential Manager credentials were read. Subject: Security ID: S-1-5-21-4186667663-2016276588-3485180206-1001 Account Name: Acer Account Domain: DESKTOP-V1HEL1I Logon ID: 0x5145F Read Operation: Enumerate Credentials This event occurs when a user performs a read operation on stored credentials in Credential Manager. Record Number: 307028 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20200512103220.836557-000 Event Type: Audit Success User: Computer Name: DESKTOP-V1HEL1I Event Code: 5379 Message: Credential Manager credentials were read. Subject: Security ID: S-1-5-21-4186667663-2016276588-3485180206-1001 Account Name: Acer Account Domain: DESKTOP-V1HEL1I Logon ID: 0x5145F Read Operation: Enumerate Credentials This event occurs when a user performs a read operation on stored credentials in Credential Manager. Record Number: 307027 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20200512103220.834699-000 Event Type: Audit Success User: Computer Name: DESKTOP-V1HEL1I Event Code: 5379 Message: Credential Manager credentials were read. Subject: Security ID: S-1-5-21-4186667663-2016276588-3485180206-1001 Account Name: Acer Account Domain: DESKTOP-V1HEL1I Logon ID: 0x5145F Read Operation: Enumerate Credentials This event occurs when a user performs a read operation on stored credentials in Credential Manager. Record Number: 307026 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20200512103137.168364-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "DriverData"=C:\Windows\System32\Drivers\DriverData "OS"=Windows_NT "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "Path"=C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ "NVTOOLSEXT_PATH"=C:\Program Files\NVIDIA Corporation\NvToolsExt\ "NVCUDASAMPLES_ROOT"=C:\ProgramData\NVIDIA Corporation\CUDA Samples\v9.0 "NVCUDASAMPLES9_0_ROOT"=C:\ProgramData\NVIDIA Corporation\CUDA Samples\v9.0 "FSHARPINSTALLDIR"=C:\Program Files (x86)\Microsoft SDKs\F#\10.1\Framework\v4.0\ "NUMBER_OF_PROCESSORS"=8 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 158 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=9e09 -----------------EOF----------------- Logfile of random's system information tool 1.10 (written by random/random) Run by Acer at 2020-05-27 17:15:39 Microsoft Windows 10 Pro System drive 😄 has 21 GB (11%) free of 199 GB Total RAM: 16252 MB (63% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:17:11, on 27.5.2020 г. Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.18362.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Users\Acer\AppData\Roaming\Dashlane\Dashlane.exe C:\Program Files (x86)\Windscribe\Windscribe.exe C:\Program Files (x86)\Windscribe\wsappcontrol.exe C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe C:\Users\Acer\AppData\Roaming\Dashlane\DashlanePlugin.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files\trend micro\Acer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\Acer\AppData\Roaming\Dashlane\ie\Dashlanei.dll O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL O3 - Toolbar: Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Acer\AppData\Roaming\Dashlane\ie\KWIEBar.dll O4 - HKLM\..\Run: [Intel Driver & Support Assistant] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe O4 - HKLM\..\Run: [Immunet Protect] "C:\Program Files\Immunet\7.0.2\iptray.exe" O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [TIDAL] C:\Users\Acer\AppData\Local\TIDAL\update.exe --processStart TIDAL.exe --process-start-args "-autostart" O4 - HKCU\..\Run: [Discord] C:\Users\Acer\AppData\Local\Discord\app-0.0.306\Discord.exe O4 - HKCU\..\Run: [Dashlane] "C:\Users\Acer\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup O4 - HKCU\..\Run: [DashlanePlugin] "C:\Users\Acer\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Windscribe] "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe O23 - Service: Услуга на Brave Актуализация (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe O23 - Service: Услуга на Brave Актуализация (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_52df6 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: Dolby DAX2 API Service (DAX2API) - Unknown owner - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe O23 - Service: Intel(R) Driver & Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe O23 - Service: Intel(R) Driver & Support Assistant Updater (DSAUpdateService) - Intel - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @oem74.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing) O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\WINDOWS\system32\ICEsoundService64.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\igfxCUIService.exe O23 - Service: Immunet 7.0.2 (ImmunetProtect_7.0.2) - Cisco Systems, Inc. - C:\Program Files\Immunet\7.0.2\sfc.exe O23 - Service: Immunet Security Connector Monitoring Service 7.0.2 (ImmunetSCMS_7.0.2) - Unknown owner - C:\Program Files\Immunet\7.0.2\cscm.exe O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe O23 - Service: Intel SST Parameter Service (IntelSSTSvc) - Unknown owner - C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\Display.NvContainer\NVDisplay.Container.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe O23 - Service: Razer Synapse Service - Razer Inc. - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - E:\Prog\Launcher\RockstarService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Razer Central Service (RzActionSvc) - Razer Inc. - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot Security Center Integration Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: WindscribeService - Windscribe Limited - C:\Program Files (x86)\Windscribe\WindscribeService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 15649 bytes ======Listing Processes====== winlogon.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p "fontdrvhost.exe" "fontdrvhost.exe" C:\WINDOWS\system32\svchost.exe -k RPCSS -p C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM "dwm.exe" C:\WINDOWS\System32\svchost.exe -k NetworkService -s TermService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\igfxCUIService.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s UmRdpService C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s SessionEnv C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache "C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p "C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe" C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection C:\WINDOWS\System32\spoolsv.exe "C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\IntelCpHDCPSvc.exe C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe" "C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe" "C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe" "C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe" "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc C:\WINDOWS\System32\svchost.exe -k utcsvc -p "C:\Program Files (x86)\Windscribe\WindscribeService.exe" "C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe" C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService C:\WINDOWS\system32\ibtsiva "C:\WINDOWS\system32\ICEsoundService64.exe" C:\WINDOWS\system32\WLANExt.exe 1218433476064 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\IntelCpHeciSvc.exe dashost.exe {3f748a7d-242b-4a38-8e665bbeb610a336} C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost "C:\Program Files\Immunet\7.0.2\sfc.exe" C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding C:\WINDOWS\System32\svchost.exe -k netsvcs sihost.exe C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E} "C:\Program Files\Core Temp\Core Temp.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService "ctfmon.exe" C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub C:\WINDOWS\Explorer.EXE "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe" C:\WINDOWS\system32\SettingSyncHost.exe -Embedding "C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\igfxEM.exe" "C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe" "C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\Windows\System32\RuntimeBroker.exe -Embedding C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe" "C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js "C:\Windows\System32\SecurityHealthSystray.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca "C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe" "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4 C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Users\Acer\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart "C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca "C:\Windows\System32\Taskmgr.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\Windscribe\wsappcontrol.exe" \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.91.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca "C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Users\Acer\AppData\Roaming\Dashlane\DashlanePlugin.exe " ws C:\Windows\System32\SystemSettingsBroker.exe -Embedding C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc "C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe" \??\C:\WINDOWS\system32\conhost.exe 0x4 C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F} C:\WINDOWS\System32\svchost.exe -k netsvcs -p C:\WINDOWS\system32\svchost.exe -k SDRSVC "C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe" C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc "C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost "C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca C:\Windows\System32\RuntimeBroker.exe -Embedding C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv taskhostw.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc C:\WINDOWS\system32\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9} "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/879160 "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Acer\AppData\Local\Steam\htmlcache" "-steampid=13428" "-buildid=1589513816" "-steamid=0" "-steamuniverse=Public" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Acer\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1589513816 --initial-client-data=0x30c,0x310,0x314,0x308,0x318,0x7ff94285bed0,0x7ff94285bee0,0x7ff94285bef0 "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1540,1297034842473157987,17534159178575619101,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=bg-BG --buildid=1589513816 --steamid=0 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=9118784852236285008 --mojo-platform-channel-handle=1568 --ignored=" --type=renderer " /prefetch:2 "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --field-trial-handle=1540,1297034842473157987,17534159178575619101,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --lang=bg --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=bg-BG --buildid=1589513816 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --service-request-channel-token=5008693184343553711 --mojo-platform-channel-handle=1384 /prefetch:8 "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1540,1297034842473157987,17534159178575619101,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=bg --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1589513816 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5254806088645904154 --renderer-client-id=5 --mojo-platform-channel-handle=2652 /prefetch:1 "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1540,1297034842473157987,17534159178575619101,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=bg --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1589513816 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6167362568975152022 --renderer-client-id=6 --mojo-platform-channel-handle=2616 /prefetch:1 "C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1540,1297034842473157987,17534159178575619101,131072 --disable-features=CalculateNativeWinOcclusion,MimeHandlerViewInCrossProcessFrame --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=bg --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1589513816 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6758672322988851832 --renderer-client-id=7 --mojo-platform-channel-handle=2768 /prefetch:1 "C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca C:\Windows\System32\smartscreen.exe -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Acer\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Acer\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.138 --initial-client-data=0xd4,0xd8,0xdc,0xac,0xe0,0x7ff9579bbd28,0x7ff9579bbd38,0x7ff9579bbd48 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9132 --on-initialized-event-handle=664 --parent-handle=668 /prefetch:6 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1208 --ignored=" --type=renderer " /prefetch:2 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=2036 /prefetch:8 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3616 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=3068 --ignored=" --type=renderer " /prefetch:8 C:\WINDOWS\system32\AUDIODG.EXE 0x49c "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7784 /prefetch:1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1592,14635485938552553587,7390015789055076172,131072 --lang=bg --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1 "C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\Acer\Downloads\FRST.txt C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager "C:\Users\Acer\Downloads\RSITx64.exe" C:\WINDOWS\System32\svchost.exe -k WerSvcGroup ======Scheduled tasks folder====== C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK C:\WINDOWS\tasks\Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}] Dashlane BHO - C:\Users\Acer\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2020-04-27 935424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~1\Office16\GROOVEEX.DLL [2017-02-22 1524528] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {669695BC-A811-4A9D-8CDF-BA8C795F261C} - Dashlane Toolbar - C:\Users\Acer\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2020-04-27 193024] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-01 84992] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-10-14 16709128] "RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-14 1467400] "Riot Vanguard"=C:\Program Files\Riot Vanguard\vgtray.exe [2020-05-18 353776] "IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2019-03-07 89544] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"=C:\Users\Acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-05-13 1582952] "DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-17 4836032] "Steam"=C:\Program Files (x86)\Steam\steam.exe [2020-05-15 3372832] "TIDAL"=C:\Users\Acer\AppData\Local\TIDAL\update.exe [2018-02-08 1934560] "Discord"=C:\Users\Acer\AppData\Local\Discord\app-0.0.306\Discord.exe [] "Dashlane"=C:\Users\Acer\AppData\Roaming\Dashlane\Dashlane.exe [2020-04-27 321536] "DashlanePlugin"=C:\Users\Acer\AppData\Roaming\Dashlane\DashlanePlugin.exe [2020-04-27 342528] "Synapse3"= [] "CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-05-01 27775672] "Windscribe"=C:\Program Files (x86)\Windscribe\Windscribe.exe [2019-01-19 10106544] "CCXProcess"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Intel Driver & Support Assistant"=C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [2020-05-13 238952] "Immunet Protect"=C:\Program Files\Immunet\7.0.2\iptray.exe [2020-05-24 851424] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2019-03-19 6787856] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DSCAutomationHostEnabled"=2 "EnableFullTrustStartupTasks"=2 "EnableUwpStartupTasks"=2 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe] "Debugger="SppExtComObjPatcher.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "aux"=wdmaud.drv "midi"=wdmaud.drv "midimapper"=midimap.dll "mixer"=wdmaud.drv "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "vidc.i420"=iyuv_32.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wave"=wdmaud.drv "wavemapper"=msacm32.drv "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2020-05-27 17:15:48 ----D---- C:\Program Files\trend micro 2020-05-27 17:15:39 ----D---- C:\rsit 2020-05-26 18:44:05 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2020-05-26 18:43:21 ----A---- C:\WINDOWS\system32\drivers\farflt.sys 2020-05-26 17:53:09 ----A---- C:\WINDOWS\system32\drivers\Spybot3ELAM.sys 2020-05-26 17:52:26 ----A---- C:\WINDOWS\system32\sdnclean64.exe 2020-05-26 16:41:53 ----A---- C:\WINDOWS\system32\drivers\mwac.sys 2020-05-24 09:55:59 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2020-05-24 09:41:13 ----A---- C:\WINDOWS\system32\drivers\CiscoAMPELAMDriver.sys 2020-05-24 09:40:55 ----A---- C:\WINDOWS\system32\drivers\ImmunetUtilDriver.sys 2020-05-24 09:40:44 ----A---- C:\WINDOWS\system32\drivers\immunetselfprotect.sys 2020-05-24 09:40:43 ----A---- C:\WINDOWS\system32\drivers\ImmunetNetworkMonitor.sys 2020-05-24 09:40:42 ----A---- C:\WINDOWS\system32\drivers\immunetprotect.sys 2020-05-24 09:40:42 ----A---- C:\WINDOWS\system32\drivers\CiscoAMPHeurDriver.sys 2020-05-24 09:40:42 ----A---- C:\WINDOWS\system32\drivers\CiscoAMPCEFWDriver.sys 2020-05-24 09:40:41 ----A---- C:\WINDOWS\system32\drivers\bddci.sys 2020-05-24 09:40:36 ----A---- C:\WINDOWS\system32\drivers\trufos.sys 2020-05-24 08:33:46 ----D---- C:\Users\Acer\AppData\Roaming\AVG 2020-05-24 08:27:44 ----D---- C:\ProgramData\AVG 2020-05-23 21:23:58 ----D---- C:\AdwCleaner 2020-05-23 20:13:55 ----D---- C:\FRST 2020-05-23 15:49:51 ----D---- C:\Safer-Networking Ltd 2020-05-22 19:46:53 ----D---- C:\ProgramData\Dolby 2020-05-22 19:46:53 ----D---- C:\Program Files\Dolby 2020-05-22 19:46:49 ----SHD---- C:\Config.Msi 2020-05-22 19:46:21 ----D---- C:\WINDOWS\system32\IntelSSTAPO 2020-05-22 19:44:56 ----D---- C:\WINDOWS\LastGood 2020-05-22 19:41:49 ----HD---- C:\Program Files (x86)\Temp 2020-05-22 19:41:48 ----A---- C:\WINDOWS\RtlExUpd.dll 2020-05-22 15:13:09 ----D---- C:\WINDOWS\LastGood.Tmp 2020-05-18 18:51:37 ----D---- C:\Program Files\HitmanPro 2020-05-18 18:50:51 ----D---- C:\ProgramData\HitmanPro 2020-05-18 18:37:48 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys 2020-05-16 10:26:15 ----A---- C:\WINDOWS\wininit.ini 2020-05-13 02:07:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll 2020-05-13 02:07:32 ----A---- C:\WINDOWS\SYSWOW64\ConsoleLogon.dll 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\wbengine.exe 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\wbadmin.exe 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\TSSessionUX.dll 2020-05-13 02:07:32 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll 2020-05-13 02:07:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll 2020-05-13 02:07:30 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll 2020-05-13 02:07:30 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll 2020-05-13 02:07:30 ----A---- C:\WINDOWS\system32\AccountsRt.dll 2020-05-13 02:07:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll 2020-05-13 02:07:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll 2020-05-13 02:07:29 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll 2020-05-13 02:07:29 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll 2020-05-13 02:07:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll 2020-05-13 02:07:28 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll 2020-05-13 02:07:28 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll 2020-05-13 02:07:28 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll 2020-05-13 02:07:28 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll 2020-05-13 02:07:28 ----A---- C:\WINDOWS\system32\HologramCompositor.dll 2020-05-13 02:07:26 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll 2020-05-13 02:07:26 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll 2020-05-13 02:07:26 ----A---- C:\WINDOWS\system32\Hydrogen.dll 2020-05-13 02:07:26 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll 2020-05-13 02:07:26 ----A---- C:\WINDOWS\system32\DMRServer.dll 2020-05-13 02:07:25 ----A---- C:\WINDOWS\system32\Windows.Media.dll 2020-05-13 02:07:25 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll 2020-05-13 02:07:18 ----A---- C:\WINDOWS\system32\MSPhotography.dll 2020-05-13 02:07:18 ----A---- C:\WINDOWS\system32\mfplat.dll 2020-05-13 02:07:18 ----A---- C:\WINDOWS\system32\mfds.dll 2020-05-13 02:07:18 ----A---- C:\WINDOWS\system32\mfcore.dll 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\tspubwmi.dll 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\RDVGHelper.exe 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\rdpsign.exe 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\rdpshell.exe 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\rdpinit.exe 2020-05-13 02:07:17 ----A---- C:\WINDOWS\system32\AssignedAccessManager.dll 2020-05-13 02:07:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll 2020-05-13 02:07:16 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\wkspbrokerAx.dll 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\RdpSaProxy.exe 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\RdpSa.exe 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\rdpendp.dll 2020-05-13 02:07:15 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll 2020-05-13 02:07:14 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll 2020-05-13 02:07:14 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll 2020-05-13 02:07:14 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll 2020-05-13 02:07:14 ----A---- C:\WINDOWS\SYSWOW64\msi.dll 2020-05-13 02:07:14 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll 2020-05-13 02:07:13 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2020-05-13 02:07:13 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll 2020-05-13 02:07:13 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll 2020-05-13 02:07:12 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll 2020-05-13 02:07:12 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll 2020-05-13 02:07:11 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll 2020-05-13 02:07:11 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2020-05-13 02:07:11 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll 2020-05-13 02:07:10 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\werui.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\fdWSD.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE 2020-05-13 02:07:09 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\wkspbrokerAx.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\SIHClient.exe 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\DiagSvc.dll 2020-05-13 02:07:08 ----A---- C:\WINDOWS\system32\CXHProvisioningServer.dll 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\wkspbroker.exe 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\umrdp.dll 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\TSWbPrxy.exe 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\tsmf.dll 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\tsgqec.dll 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\termsrv.dll 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\RdpSaProxy.exe 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\RdpSa.exe 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\rdpinput.exe 2020-05-13 02:07:07 ----A---- C:\WINDOWS\system32\rdpendp.dll 2020-05-13 02:07:06 ----A---- C:\WINDOWS\system32\rdpcorets.dll 2020-05-13 02:07:06 ----A---- C:\WINDOWS\system32\rdpcore.dll 2020-05-13 02:07:06 ----A---- C:\WINDOWS\system32\rdpclip.exe 2020-05-13 02:07:06 ----A---- C:\WINDOWS\system32\msimsg.dll 2020-05-13 02:07:06 ----A---- C:\WINDOWS\system32\msi.dll 2020-05-13 02:07:05 ----A---- C:\WINDOWS\system32\iemigplugin.dll 2020-05-13 02:07:04 ----A---- C:\WINDOWS\system32\ieframe.dll 2020-05-13 02:07:04 ----A---- C:\WINDOWS\system32\Chakrathunk.dll 2020-05-13 02:07:04 ----A---- C:\WINDOWS\system32\Chakradiag.dll 2020-05-13 02:07:03 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll 2020-05-13 02:07:03 ----A---- C:\WINDOWS\system32\Chakra.dll 2020-05-13 02:07:01 ----A---- C:\WINDOWS\system32\mshtml.dll 2020-05-13 02:07:01 ----A---- C:\WINDOWS\system32\EdgeManager.dll 2020-05-13 02:07:00 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll 2020-05-13 02:06:59 ----A---- C:\WINDOWS\system32\jscript.dll 2020-05-13 02:06:59 ----A---- C:\WINDOWS\system32\edgehtml.dll 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\werui.dll 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\wercplsupport.dll 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\werconcpl.dll 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\easwrt.dll 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\DWWIN.EXE 2020-05-13 02:06:58 ----A---- C:\WINDOWS\system32\DataExchangeHost.exe 2020-05-13 02:06:57 ----A---- C:\WINDOWS\system32\PlayToManager.dll 2020-05-13 02:06:57 ----A---- C:\WINDOWS\system32\fdWSD.dll 2020-05-13 02:06:57 ----A---- C:\WINDOWS\system32\dialclient.dll 2020-05-13 02:06:57 ----A---- C:\WINDOWS\system32\ConsentUxClient.dll 2020-05-13 02:06:57 ----A---- C:\WINDOWS\system32\CBDHSvc.dll 2020-05-13 02:06:55 ----A---- C:\WINDOWS\system32\tcbloader.dll 2020-05-13 02:06:55 ----A---- C:\WINDOWS\system32\tcblaunch.exe 2020-05-13 02:06:55 ----A---- C:\WINDOWS\system32\sdengin2.dll 2020-05-13 02:06:54 ----A---- C:\WINDOWS\system32\hvix64.exe 2020-05-13 02:06:54 ----A---- C:\WINDOWS\system32\hvax64.exe 2020-05-13 02:06:54 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll 2020-05-13 02:06:49 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\printui.exe 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\findnetprinters.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\ConfigureExpandedStorage.dll 2020-05-13 02:06:48 ----A---- C:\WINDOWS\SYSWOW64\compstui.dll 2020-05-13 02:06:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Display.BrightnessOverride.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\MrmIndexer.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll 2020-05-13 02:06:46 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.CredDialogController.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe 2020-05-13 02:06:45 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\wer.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll 2020-05-13 02:06:44 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll 2020-05-13 02:06:43 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll 2020-05-13 02:06:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll 2020-05-13 02:06:43 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll 2020-05-13 02:06:43 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll 2020-05-13 02:06:43 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll 2020-05-13 02:06:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll 2020-05-13 02:06:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll 2020-05-13 02:06:42 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll 2020-05-13 02:06:42 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Profile.RetailInfo.dll 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll 2020-05-13 02:06:41 ----A---- C:\WINDOWS\SYSWOW64\PickerPlatform.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Diagnostics.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\user32.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll 2020-05-13 02:06:40 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\wups.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Compression.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Management.Workplace.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Devices.Sensors.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.AI.MachineLearning.Preview.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll 2020-05-13 02:06:39 ----A---- C:\WINDOWS\SYSWOW64\CapabilityAccessManagerClient.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Energy.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll 2020-05-13 02:06:38 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll 2020-05-13 02:06:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll 2020-05-13 02:06:37 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll 2020-05-13 02:06:37 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll 2020-05-13 02:06:37 ----A---- C:\WINDOWS\SYSWOW64\DiagnosticInvoker.dll 2020-05-13 02:06:30 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll 2020-05-13 02:06:29 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\TaskApis.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll 2020-05-13 02:06:28 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\socialapis.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\PeopleAPIs.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll 2020-05-13 02:06:27 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.ESim.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\rdpsharercom.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\PhoneOm.dll 2020-05-13 02:06:26 ----A---- C:\WINDOWS\SYSWOW64\mbussdapi.dll 2020-05-13 02:06:25 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll 2020-05-13 02:06:25 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll 2020-05-13 02:06:25 ----A---- C:\WINDOWS\SYSWOW64\MapGeocoder.dll 2020-05-13 02:06:25 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll 2020-05-13 02:06:25 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Preview.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\icm32.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll 2020-05-13 02:06:24 ----A---- C:\WINDOWS\SYSWOW64\coloradapterclient.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.Phone.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\windows.applicationmodel.datatransfer.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\useractivitybroker.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll 2020-05-13 02:06:23 ----A---- C:\WINDOWS\SYSWOW64\CameraCaptureUI.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\ffbroker.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll 2020-05-13 02:06:22 ----A---- C:\WINDOWS\SYSWOW64\AppExtension.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Printers.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Haptics.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\gamingtcui.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\DataExchange.dll 2020-05-13 02:06:21 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRClient.dll 2020-05-13 02:06:20 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRBroker.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll 2020-05-13 02:06:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll 2020-05-13 02:06:18 ----A---- C:\WINDOWS\SYSWOW64\winsta.dll 2020-05-13 02:06:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll 2020-05-13 02:06:18 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll 2020-05-13 02:06:18 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll 2020-05-13 02:06:18 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll 2020-05-13 02:06:18 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\SystemSettings.DataModel.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll 2020-05-13 02:06:17 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\SYSWOW64\VoipRT.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\SYSWOW64\BTAGService.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\system32\TSpkg.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\system32\efswrt.dll 2020-05-13 02:06:16 ----A---- C:\WINDOWS\system32\credssp.dll 2020-05-13 02:06:15 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll 2020-05-13 02:06:15 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2020-05-13 02:06:15 ----A---- C:\WINDOWS\system32\vbscript.dll 2020-05-13 02:06:15 ----A---- C:\WINDOWS\system32\ConfigureExpandedStorage.dll 2020-05-13 02:06:07 ----A---- C:\WINDOWS\system32\scrrun.dll 2020-05-13 02:06:07 ----A---- C:\WINDOWS\system32\rasdlg.dll 2020-05-13 02:06:07 ----A---- C:\WINDOWS\system32\puiobj.dll 2020-05-13 02:06:07 ----A---- C:\WINDOWS\system32\printui.exe 2020-05-13 02:06:07 ----A---- C:\WINDOWS\system32\findnetprinters.dll 2020-05-13 02:06:07 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\usbmon.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\tcpmon.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\puiapi.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\localui.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\Family.Client.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\compstui.dll 2020-05-13 02:06:06 ----A---- C:\WINDOWS\system32\APMon.dll 2020-05-13 02:06:05 ----A---- C:\WINDOWS\system32\MrmIndexer.dll 2020-05-13 02:06:05 ----A---- C:\WINDOWS\system32\Family.Authentication.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\GdiPlus.dll 2020-05-13 02:06:04 ----A---- C:\WINDOWS\system32\edgeIso.dll 2020-05-13 02:06:03 ----A---- C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2020-05-13 02:06:03 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-05-13 02:06:03 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll 2020-05-13 02:06:03 ----A---- C:\WINDOWS\system32\t2embed.dll 2020-05-13 02:06:03 ----A---- C:\WINDOWS\system32\LogonController.dll 2020-05-13 02:06:03 ----A---- C:\WINDOWS\system32\gdi32full.dll 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\winsrvext.dll 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\usermgr.dll 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\msimg32.dll 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\mf3216.dll 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\drivers\clfs.sys 2020-05-13 02:06:02 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll 2020-05-13 02:06:01 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll 2020-05-13 02:06:01 ----A---- C:\WINDOWS\system32\lpk.dll 2020-05-13 02:06:01 ----A---- C:\WINDOWS\system32\fontsub.dll 2020-05-13 02:06:01 ----A---- C:\WINDOWS\system32\fontdrvhost.exe 2020-05-13 02:06:01 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys 2020-05-13 02:06:01 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS 2020-05-13 02:06:01 ----A---- C:\WINDOWS\system32\dciman32.dll 2020-05-13 02:06:00 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2020-05-13 02:06:00 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\wersvc.dll 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\wermgr.exe 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\WerFault.exe 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\weretw.dll 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\wer.dll 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\utcutil.dll 2020-05-13 02:05:59 ----A---- C:\WINDOWS\system32\Faultrep.dll 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\WinTypes.dll 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\tzres.dll 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\oleaut32.dll 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\drivers\cng.sys 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\diagtrack.dll 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\CoreShell.dll 2020-05-13 02:05:58 ----A---- C:\WINDOWS\system32\ComposerFramework.dll 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\wksprt.exe 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\winsta.dll 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\twinui.dll 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\twinapi.dll 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\TSWorkspace.dll 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\schedsvc.dll 2020-05-13 02:05:57 ----A---- C:\WINDOWS\system32\RADCUI.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\dcomp.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\CredDialogBroker.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\CoreMessaging.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll 2020-05-13 02:05:56 ----A---- C:\WINDOWS\system32\CaptureService.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\SwitcherDataModel.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\SettingsHandlers_Cortana.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\MtcModel.dll 2020-05-13 02:05:55 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll 2020-05-13 02:05:46 ----A---- C:\WINDOWS\system32\DevicePairingExperienceMEM.dll 2020-05-13 02:05:45 ----A---- C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll 2020-05-13 02:05:45 ----A---- C:\WINDOWS\system32\Windows.Data.Activities.dll 2020-05-13 02:05:45 ----A---- C:\WINDOWS\system32\PasswordEnrollmentManager.dll 2020-05-13 02:05:45 ----A---- C:\WINDOWS\system32\NotificationController.dll 2020-05-13 02:05:44 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll 2020-05-13 02:05:44 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2020-05-13 02:05:44 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe 2020-05-13 02:05:44 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll 2020-05-13 02:05:44 ----A---- C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2020-05-13 02:05:43 ----A---- C:\WINDOWS\system32\usosvc.dll 2020-05-13 02:05:43 ----A---- C:\WINDOWS\system32\usocoreworker.exe 2020-05-13 02:05:43 ----A---- C:\WINDOWS\system32\usoapi.dll 2020-05-13 02:05:43 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll 2020-05-13 02:05:43 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe 2020-05-13 02:05:43 ----A---- C:\WINDOWS\system32\MusNotification.exe 2020-05-13 02:05:42 ----A---- C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2020-05-13 02:05:42 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll 2020-05-13 02:05:42 ----A---- C:\WINDOWS\system32\SHCore.dll 2020-05-13 02:05:42 ----A---- C:\WINDOWS\system32\PickerPlatform.dll 2020-05-13 02:05:41 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll 2020-05-13 02:05:41 ----A---- C:\WINDOWS\system32\win32u.dll 2020-05-13 02:05:41 ----A---- C:\WINDOWS\system32\win32kfull.sys 2020-05-13 02:05:41 ----A---- C:\WINDOWS\system32\win32k.sys 2020-05-13 02:05:41 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2020-05-13 02:05:41 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\wpnapps.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\user32.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\rdpbase.dll 2020-05-13 02:05:40 ----A---- C:\WINDOWS\system32\psmsrv.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll 2020-05-13 02:05:39 ----A---- C:\WINDOWS\system32\Geolocation.dll 2020-05-13 02:05:38 ----A---- C:\WINDOWS\system32\windows.storage.dll 2020-05-13 02:05:38 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2020-05-13 02:05:38 ----A---- C:\WINDOWS\system32\WindowManagement.dll 2020-05-13 02:05:38 ----A---- C:\WINDOWS\system32\MrmCoreR.dll 2020-05-13 02:05:38 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\UserDataService.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\TaskApis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\socialapis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\PeopleAPIs.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\EmailApis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\ContactApis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\ChatApis.dll 2020-05-13 02:05:37 ----A---- C:\WINDOWS\system32\AppointmentApis.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\TileDataRepository.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\rdpsharercom.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\PhoneOm.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll 2020-05-13 02:05:36 ----A---- C:\WINDOWS\system32\InstallService.dll 2020-05-13 02:05:35 ----A---- C:\WINDOWS\system32\Windows.Payments.dll 2020-05-13 02:05:35 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll 2020-05-13 02:05:35 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2020-05-13 02:05:35 ----A---- C:\WINDOWS\system32\mbussdapi.dll 2020-05-13 02:05:35 ----A---- C:\WINDOWS\system32\mbsmsapi.dll 2020-05-13 02:05:35 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll 2020-05-13 02:05:34 ----A---- C:\WINDOWS\system32\MapGeocoder.dll 2020-05-13 02:05:34 ----A---- C:\WINDOWS\system32\JpMapControl.dll 2020-05-13 02:05:34 ----A---- C:\WINDOWS\system32\ISM.dll 2020-05-13 02:05:34 ----A---- C:\WINDOWS\system32\InputHost.dll 2020-05-13 02:05:34 ----A---- C:\WINDOWS\system32\BingMaps.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\Windows.Gaming.Preview.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\mscms.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\icm32.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\FntCache.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\DWrite.dll 2020-05-13 02:05:33 ----A---- C:\WINDOWS\system32\coloradapterclient.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\Windows.System.Diagnostics.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\vaultsvc.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\vaultcli.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll 2020-05-13 02:05:32 ----A---- C:\WINDOWS\system32\msxml6.dll 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\wups2.dll 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\wups.dll 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\wuaueng.dll 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\wuauclt.exe 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\wuapi.dll 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll 2020-05-13 02:05:31 ----A---- C:\WINDOWS\system32\win32kbase.sys 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\Windows.Management.Workplace.dll 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\cdd.dll 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2020-05-13 02:05:30 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\Windows.Storage.Compression.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll 2020-05-13 02:05:29 ----A---- C:\WINDOWS\system32\deviceaccess.dll 2020-05-13 02:05:28 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2020-05-13 02:05:28 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2020-05-13 02:05:28 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll 2020-05-13 02:05:28 ----A---- C:\WINDOWS\system32\Windows.Energy.dll 2020-05-13 02:05:23 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2020-05-13 02:05:23 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll 2020-05-13 02:05:23 ----A---- C:\WINDOWS\system32\ErrorDetails.dll 2020-05-13 02:05:23 ----A---- C:\WINDOWS\system32\DiagnosticInvoker.dll 2020-05-13 02:05:23 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\useractivitybroker.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2020-05-13 02:05:22 ----A---- C:\WINDOWS\system32\CameraCaptureUI.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\wlidprov.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\TokenBroker.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\smartscreen.exe 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\ffbroker.dll 2020-05-13 02:05:21 ----A---- C:\WINDOWS\system32\AuthBroker.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\twinui.appcore.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\MicrosoftAccountExtension.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\gamingtcui.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\AppExtension.dll 2020-05-13 02:05:20 ----A---- C:\WINDOWS\system32\AppContracts.dll 2020-05-13 02:05:19 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll 2020-05-13 02:05:19 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll 2020-05-13 02:05:19 ----A---- C:\WINDOWS\system32\Windows.Devices.Haptics.dll 2020-05-13 02:05:19 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll 2020-05-13 02:05:19 ----A---- C:\WINDOWS\system32\ExecModelClient.dll 2020-05-13 02:05:19 ----A---- C:\WINDOWS\system32\DataExchange.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\ShareHost.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\cdprt.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\BcastDVRClient.dll 2020-05-13 02:05:18 ----A---- C:\WINDOWS\system32\BcastDVRBroker.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\WwaApi.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\Windows.Web.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2020-05-13 02:05:17 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-05-13 02:05:16 ----A---- C:\WINDOWS\system32\Windows.UI.dll 2020-05-13 02:05:16 ----A---- C:\WINDOWS\system32\Windows.Networking.dll 2020-05-13 02:05:16 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2020-05-13 02:05:16 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2020-05-13 02:05:16 ----A---- C:\WINDOWS\system32\StartTileData.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\Windows.UI.Storage.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\SyncSettings.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll 2020-05-13 02:05:15 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManager.exe 2020-05-13 02:05:14 ----A---- C:\WINDOWS\system32\Wpc.dll 2020-05-13 02:05:14 ----A---- C:\WINDOWS\system32\localspl.dll 2020-05-13 02:05:14 ----A---- C:\WINDOWS\system32\FlightSettings.dll 2020-05-13 02:05:14 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\VoipRT.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\PhoneService.dll 2020-05-13 02:05:13 ----A---- C:\WINDOWS\system32\audiodg.exe 2020-05-13 02:05:12 ----A---- C:\WINDOWS\system32\XblGameSaveTask.exe 2020-05-13 02:05:12 ----A---- C:\WINDOWS\system32\XblGameSave.dll 2020-05-13 02:05:12 ----A---- C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll 2020-05-13 02:05:12 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll 2020-05-13 02:05:12 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2020-05-13 02:05:12 ----A---- C:\WINDOWS\system32\BTAGService.dll 2020-05-13 02:05:11 ----A---- C:\WINDOWS\system32\tellib.dll 2020-05-13 02:05:09 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS 2020-05-13 02:05:08 ----A---- C:\WINDOWS\system32\TsUsbGDCoInstaller.dll 2020-05-13 02:05:08 ----A---- C:\WINDOWS\system32\drivers\TsUsbGD.sys 2020-05-13 02:05:08 ----A---- C:\WINDOWS\system32\drivers\storufs.sys 2020-05-10 13:40:14 ----A---- C:\WINDOWS\vgkbootstatus.dat 2020-05-10 12:55:26 ----AD---- C:\Program Files\Riot Vanguard 2020-05-09 18:08:53 ----A---- C:\WINDOWS\system32\drivers\semav6msr64.sys 2020-05-02 09:55:37 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe 2020-05-02 09:55:37 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe 2020-05-02 09:55:37 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll 2020-05-02 09:55:37 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll 2020-05-02 09:55:37 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll 2020-05-02 09:55:37 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-05-02 09:55:37 ----A---- C:\WINDOWS\system32\vulkaninfo.exe 2020-05-02 09:55:37 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-05-02 09:55:37 ----A---- C:\WINDOWS\system32\vulkan-1.dll 2020-05-02 09:55:37 ----A---- C:\WINDOWS\system32\OpenCL.dll 2020-05-02 09:55:30 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll 2020-05-02 09:55:30 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll 2020-05-02 09:55:22 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll 2020-05-02 09:55:22 ----A---- C:\WINDOWS\system32\nvofapi64.dll 2020-05-02 09:55:22 ----A---- C:\WINDOWS\system32\nvml.dll 2020-05-02 09:55:20 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll 2020-05-02 09:55:20 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll 2020-05-02 09:55:20 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll 2020-05-02 09:55:20 ----A---- C:\WINDOWS\system32\NvIFR64.dll 2020-05-02 09:55:20 ----A---- C:\WINDOWS\system32\nvidia-smi.exe 2020-05-02 09:55:19 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll 2020-05-02 09:55:19 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll 2020-05-02 09:55:19 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll 2020-05-02 09:55:19 ----A---- C:\WINDOWS\system32\NvFBC64.dll 2020-05-02 09:55:19 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll 2020-05-02 09:55:19 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-05-02 09:55:18 ----A---- C:\WINDOWS\system32\nvdebugdump.exe 2020-05-02 09:55:15 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll 2020-05-02 09:55:15 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2020-05-02 09:55:15 ----A---- C:\WINDOWS\system32\nvcuda.dll 2020-05-02 09:55:14 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll 2020-05-02 09:55:11 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll 2020-05-02 09:55:11 ----A---- C:\WINDOWS\system32\MCU.exe 2020-05-01 22:00:20 ----D---- C:\Users\Acer\AppData\Roaming\qBittorrent 2020-05-01 22:00:15 ----D---- C:\Program Files\qBittorrent ======List of files/folders modified in the last 1 month====== 2020-05-27 17:17:06 ----D---- C:\Program Files\Immunet 2020-05-27 17:16:07 ----D---- C:\WINDOWS\Temp 2020-05-27 17:16:03 ----D---- C:\WINDOWS\system32\sru 2020-05-27 17:15:59 ----D---- C:\WINDOWS\Prefetch 2020-05-27 17:15:48 ----RD---- C:\Program Files 2020-05-27 17:12:56 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2020-05-27 16:58:44 ----D---- C:\Program Files (x86)\Steam 2020-05-27 16:58:25 ----D---- C:\Program Files\SteelSeries 2020-05-27 16:58:21 ----D---- C:\WINDOWS\system32\DriverStore 2020-05-27 16:58:21 ----D---- C:\WINDOWS\system32\drivers 2020-05-27 16:58:21 ----D---- C:\WINDOWS\System32 2020-05-27 16:58:21 ----D---- C:\WINDOWS\INF 2020-05-27 16:55:25 ----D---- C:\WINDOWS\system32\SleepStudy 2020-05-27 16:46:02 ----D---- C:\WINDOWS\system32\config 2020-05-27 16:45:50 ----RD---- C:\WINDOWS\Microsoft.NET 2020-05-27 16:29:10 ----D---- C:\Users\Acer\AppData\Roaming\Mozilla 2020-05-27 16:15:29 ----D---- C:\ProgramData\NVIDIA 2020-05-26 21:08:22 ----SHD---- C:\System Volume Information 2020-05-26 18:43:28 ----D---- C:\WINDOWS\system32\catroot2 2020-05-26 18:42:22 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2020-05-26 18:41:41 ----HD---- C:\ProgramData 2020-05-26 18:36:22 ----D---- C:\Windows 2020-05-26 17:53:16 ----SD---- C:\ProgramData\Microsoft 2020-05-26 17:52:04 ----D---- C:\ProgramData\Spybot - Search & Destroy 2020-05-26 17:37:47 ----D---- C:\WINDOWS\system32\drivers\etc 2020-05-26 17:36:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2020-05-26 17:36:01 ----D---- C:\WINDOWS\system32\Tasks 2020-05-26 07:24:39 ----D---- C:\WINDOWS\AppReadiness 2020-05-25 14:38:08 ----D---- C:\Users\Acer\AppData\Roaming\Adobe 2020-05-24 10:21:00 ----D---- C:\temp 2020-05-24 10:20:48 ----D---- C:\Program Files\Common Files\Adobe 2020-05-24 10:20:47 ----D---- C:\ProgramData\Adobe 2020-05-24 09:41:13 ----HD---- C:\WINDOWS\ELAMBKUP 2020-05-24 09:33:50 ----D---- C:\WINDOWS\system32\CatRoot 2020-05-24 09:28:48 ----SHD---- C:\Recovery 2020-05-24 09:28:39 ----D---- C:\Program Files\Common Files 2020-05-24 08:50:52 ----RD---- C:\Program Files (x86) 2020-05-24 08:50:50 ----RSD---- C:\WINDOWS\Fonts 2020-05-24 08:50:21 ----D---- C:\Program Files (x86)\VideoLAN 2020-05-24 08:40:39 ----D---- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite 2020-05-24 08:36:37 ----D---- C:\WINDOWS\Minidump 2020-05-24 08:36:37 ----D---- C:\WINDOWS\Logs 2020-05-24 08:36:37 ----D---- C:\WINDOWS\LiveKernelReports 2020-05-24 08:36:37 ----D---- C:\WINDOWS\debug 2020-05-24 08:30:18 ----D---- C:\WINDOWS\WinSxS 2020-05-23 21:15:49 ----D---- C:\ProgramData\Origin 2020-05-23 21:15:47 ----AD---- C:\Program Files (x86)\Origin 2020-05-23 17:56:16 ----D---- C:\WINDOWS\Tasks 2020-05-22 19:47:00 ----SHDC---- C:\WINDOWS\Installer 2020-05-22 19:46:51 ----D---- C:\WINDOWS\system32\DAX2 2020-05-22 19:46:21 ----D---- C:\ProgramData\rtkSSTSetting 2020-05-22 19:45:40 ----D---- C:\WINDOWS\SysWOW64 2020-05-22 19:45:06 ----D---- C:\WINDOWS\SYSWOW64\RTCOM 2020-05-22 19:42:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2020-05-22 17:27:28 ----D---- C:\WINDOWS\system32\LogFiles 2020-05-22 16:23:24 ----D---- C:\Program Files (x86)\Battle.net 2020-05-21 23:18:05 ----HD---- C:\Program Files\WindowsApps 2020-05-18 16:46:33 ----D---- C:\WINDOWS\system32\NDF 2020-05-17 18:52:02 ----D---- C:\WINDOWS\apppatch 2020-05-16 11:47:48 ----D---- C:\WINDOWS\system32\drivers\wd 2020-05-16 11:37:32 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2020-05-16 10:57:08 ----D---- C:\Program Files\Common Files\Intel 2020-05-16 10:57:08 ----AD---- C:\Program Files\Intel 2020-05-16 10:02:10 ----D---- C:\ProgramData\Package Cache 2020-05-16 10:02:06 ----AD---- C:\Program Files (x86)\Intel 2020-05-15 17:15:14 ----RD---- C:\WINDOWS\assembly 2020-05-14 16:43:35 ----D---- C:\WINDOWS\SYSWOW64\migration 2020-05-14 16:43:35 ----D---- C:\WINDOWS\SYSWOW64\en-US 2020-05-14 16:43:35 ----D---- C:\WINDOWS\SYSWOW64\bg-BG 2020-05-14 16:43:20 ----D---- C:\WINDOWS\SystemResources 2020-05-14 16:43:19 ----D---- C:\WINDOWS\system32\oobe 2020-05-14 16:43:19 ----D---- C:\WINDOWS\system32\migration 2020-05-14 16:43:19 ----D---- C:\WINDOWS\system32\en-US 2020-05-14 16:43:19 ----D---- C:\WINDOWS\system32\drivers\UMDF 2020-05-14 16:43:19 ----D---- C:\WINDOWS\system32\bg-BG 2020-05-14 16:42:54 ----D---- C:\WINDOWS\ShellExperiences 2020-05-14 16:42:54 ----D---- C:\WINDOWS\bcastdvr 2020-05-13 02:25:04 ----D---- C:\WINDOWS\CbsTemp 2020-05-13 02:23:57 ----D---- C:\WINDOWS\system32\MRT 2020-05-13 02:15:31 ----AC---- C:\WINDOWS\system32\MRT.exe 2020-05-13 02:05:10 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll 2020-05-10 12:55:26 ----SH---- C:\Program Files\desktop.ini 2020-05-07 18:23:01 ----D---- C:\Users\Acer\AppData\Roaming\Dashlane 2020-05-05 23:07:56 ----D---- C:\Users\Acer\AppData\Roaming\discord 2020-05-03 19:14:13 ----D---- C:\Users\Acer\AppData\Roaming\Telegram Desktop 2020-05-03 18:20:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2020-05-02 11:22:23 ----D---- C:\ProgramData\Mount and Blade II Bannerlord 2020-05-02 10:01:27 ----D---- C:\ProgramData\NVIDIA Corporation 2020-05-02 10:00:36 ----D---- C:\Program Files\NVIDIA Corporation 2020-05-02 10:00:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStorAC;@oem3.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorAC.sys [2019-03-07 1094000] R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632] R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-03-11 254776] R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-11 40960] R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456] R1 CiscoAMPCEFWDriver;CiscoAMPCEFWDriver; \??\C:\WINDOWS\System32\Drivers\CiscoAMPCEFWDriver.sys [2020-05-24 59272] R1 CiscoAMPHeurDriver;CiscoAMPHeurDriver; \??\C:\WINDOWS\System32\Drivers\CiscoAMPHeurDriver.sys [2020-05-24 85168] R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2020-04-21 153312] R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392] R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704] R1 ImmunetProtectDriver;ImmunetProtectDriver; \??\C:\WINDOWS\System32\Drivers\immunetprotect.sys [2020-05-24 170888] R1 ImmunetSelfProtectDriver;ImmunetSelfProtectDriver; \??\C:\WINDOWS\System32\Drivers\immunetselfprotect.sys [2020-05-24 104832] R2 bddci;URLScannerEngine; \??\C:\WINDOWS\System32\Drivers\bddci.sys [2020-05-24 153224] R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-04-25 457216] R2 ImmunetNetworkMonitorDriver;ImmunetNetworkMonitorDriver; \??\C:\WINDOWS\System32\Drivers\ImmunetNetworkMonitor.sys [2020-05-24 124080] R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2020-05-18 214496] R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760] R3 ALSysIO;ALSysIO; \??\C:\Users\Acer\AppData\Local\Temp\ALSysIO64.sys [2020-05-26 47240] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-11 99328] R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312] R3 dtlitescsibus;@oem55.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-08-31 30264] R3 dtliteusbbus;@oem43.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-08-31 47672] R3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360] R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520] R3 ibtusb;@oem74.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2020-02-19 258552] R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\igdkmd64.sys [2017-06-16 12821952] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-10-14 5361672] R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2020-05-26 195432] R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2020-05-26 73368] R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2020-05-26 248968] R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2020-05-26 125088] R3 MEIx64;@oem18.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992] R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2020-03-10 8673040] R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\nvlddmkm.sys [2020-04-11 23446760] R3 nvvad_WaveExtensible;@oem36.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-04-17 69840] R3 nvvhci;@oem69.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456] S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808] S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528] S0 CiscoAMPELAMDriver;CiscoAMPELAMDriver; C:\WINDOWS\System32\Drivers\CiscoAMPELAMDriver.sys [2020-05-24 18600] S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048] S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520] S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448] S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528] S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2020-03-27 20936] S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280] S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736] S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896] S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624] S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784] S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992] S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-11 337920] S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432] S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888] S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-13 18432] S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2020-02-01 138040] S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2020-02-01 174392] S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2020-02-01 153912] S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-01 117264] S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2020-03-11 231936] S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-11 114688] S3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-03-19 57856] S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280] S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-11 36864] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-03-19 133120] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-11 1428992] S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008] S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768] S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-11-13 20992] S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560] S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-13 64000] S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-03-29 84280] S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672] S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352] S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136] S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184] S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128] S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256] S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104] S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736] S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664] S3 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-20 795640] S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800] S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592] S3 IntcDAud;@oem24.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-05-12 825344] S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672] S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584] S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864] S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264] S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-13 359424] S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512] S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480] S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616] S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488] S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904] S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520] S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-04-01 30336] S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056] S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800] S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408] S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600] S3 qcusbser;@oem33.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2017-03-15 254520] S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-11 986936] S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648] R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [2018-01-31 390504] R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R2 CDPUserSvc_52df6;CDPUserSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\IntelCpHDCPSvc.exe [2017-06-16 611776] R2 DAX2API;Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [2016-07-18 154816] R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R2 DSAService;Intel(R) Driver & Support Assistant; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [2020-05-13 40296] R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-08-04 640928] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2019-03-07 16840] R2 ibtsiva;@oem74.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva [] R2 ICEsoundService;ICEsound Service; C:\WINDOWS\system32\ICEsoundService64.exe [2018-12-10 814760] R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\igfxCUIService.exe [2017-06-16 415160] R2 ImmunetProtect_7.0.2;Immunet 7.0.2; C:\Program Files\Immunet\7.0.2\sfc.exe [2020-05-24 1850336] R2 ImmunetSCMS_7.0.2;Immunet Security Connector Monitoring Service 7.0.2; C:\Program Files\Immunet\7.0.2\cscm.exe [2020-05-24 143504] R2 IntelSSTSvc;Intel SST Parameter Service; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [2016-09-19 26576] R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2020-03-27 6933272] R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-03-18 850928] R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_900ad8f80f7df3d9\Display.NvContainer\NVDisplay.Container.exe [2020-04-11 883088] R2 OneSyncSvc_52df6;OneSyncSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R2 Razer Chroma SDK Server;Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2018-08-29 449664] R2 Razer Chroma SDK Service;Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2018-09-12 942720] R2 Razer Game Manager Service;Razer Game Manager; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [2019-07-03 253776] R2 Razer Synapse Service;Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [2019-10-22 287472] R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R3 cbdhsvc_52df6;cbdhsvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1d9a63fa126c4a34\IntelCpHeciSvc.exe [2017-06-16 397240] R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-17 2291392] R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] R3 DSAUpdateService;Intel(R) Driver & Support Assistant Updater; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [2020-05-13 156008] R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-13 43704] R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] R3 PimIndexMaintenanceSvc_52df6;PimIndexMaintenanceSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S2 brave;Услуга на Brave Актуализация (brave); C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2019-02-27 154056] S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-31 153168] S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-05-06 3449656] S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 AarSvc_52df6;AarSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-19 54912] S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 BcastDVRUserService_52df6;BcastDVRUserService_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2020-04-15 8567960] S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 BluetoothUserService_52df6;BluetoothUserService_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 bravem;Услуга на Brave Актуализация (bravem); C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2019-02-27 154056] S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 CaptureService_52df6;CaptureService_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 ConsentUxUserSvc_52df6;ConsentUxUserSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-13 380632] S3 CredentialEnrollmentManagerUserSvc_52df6;CredentialEnrollmentManagerUserSvc_52df6; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-05-13 380632] S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DeviceAssociationBrokerSvc_52df6;DeviceAssociationBrokerSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DevicePickerUserSvc_52df6;DevicePickerUserSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DevicesFlowUserSvc_52df6;DevicesFlowUserSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-11 97792] S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-08-27 774272] S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [2020-05-01 1095664] S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-31 153168] S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2020-03-10 3087184] S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 MessagingService_52df6;MessagingService_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-08-04 268704] S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-05-06 2496816] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 242864] S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424] S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 PrintWorkflowUserSvc_52df6;PrintWorkflowUserSvc_52df6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744] S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744] S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-02-01 828216] -----------------EOF----------------- Sorry for the delay.
  12. Farbar is still running and scanning Firefox. I noticed that there is FRST.txt but not the second one. I also found that old topic and the guys have similar problem with mozilla. How should I hard clean up it?
  13. I uninstalled Mozilla and deleted the cache I found. I ran Spybot which found around 15 items. Many coming from the browsers. I use mostly Mozilla and tbh I haven't cleaned history or old bookmarks for very very long time. So I did it. Uninstalled the browser completely or at least what I thought. I restarted the laptop, it was running horrible. Right now I am running f r s t scan and it's been more than 30 mins. For the last ~15 it's scanning only mozilla... I went through AppData folder and in Roaming I fought a copy of my old mozilla profile with bookmaks and backups. Should I delete it manually?
  14. I am getting a bit nervous about all this. Hour ago I finally stopped the scan - almost 60 hours of non stop scanning and millions of files. Its unreal. I only chose to scan drive C... And no way there are that many files on it. I tried to run the FRST scan as you asked me - it froze during scanning of my main browser - mozilla. I cleaned the cache a few times.. I didnt even use it that much for the past days because I let the laptop scan for most of the time. So now I uninstalled mozilla completely and will try to run frst scan again.
  15. Hello. To give update - Malwarebytes is still scanning. It's been running for 28 hours. I really hope it's normal and not a reason to be worried about.
  16. Sorry for my messed replies. Right now I am running a custom malwarebytes scan on C drive and all other options. Its been running for 11 hours. Before that I ran Immunet flash scan, nothing found. I ran HitmanPro scan and found several Chrome threads that got cleaned. I will run the frst tool when the current scan is done.
  17. Is it normal a custom scan on 😄 to be 7+ hours?
  18. For a while a Ccxprocess file in the task manager made me wonder what it is for. I looked up a bit more about it and found ot it's either a legit Adobe Cloud (which I never used or needed in first place). The only Adobe products I have is the flash player and reader. Earlier on I uninstalled Photoshop. The file also could be crypto miner malware but it doesn't use any network according to the task manager. Lately I have problems connecting/updating properly to games that require Internet. All this might be connected. I deleted the Adobe Creative Cloud folder with shift and delete but files appear again.
  19. I ran cleanmgr on C:\ drive. There is 7.35gb of Windows Update Cleanup and) ; 250mb Windows update log files and 12.8gb of Download. These sections were not marked automatically after the scan. I dont know if I should mark and clean them up or leave them.
  20. Something suspicious - out of nothing I had AVG antivirus installed on the laptop now. Desktop shortcut appeared. I uninstalled it straight away.
  21. I ran adwcleaner scan again and there are 7 new items found. Looks like they are coming back
  22. I used CCleaner to clean a lot of junk and unneeded files. It feels like the laptop is running much better than yesterday.
  23. I cleaned Mozillas catche. It was almost 1gb. Now after a while new files are quickly created in \cache2 folder of the browser.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.