Jump to content
Seif1993

.tmp popup on every startup

Recommended Posts

Also please let me know if you want me to do specific scans with the popup open vs. it being closed with the tmp files deleted. 

Share this post


Link to post
Share on other sites

Hiya Seif1993,

I see you are watching a similar thread at Bleeping Computers, do not follow any of the helpers advice, especially his last reply. The FRST fix has a mistake listed that may cause major problems for the OP`s system.

For the next scans try with popup open. I want you to run PowerTool again, this time select "Startup" tab, when the field populates right click inside then select "Export" save the zip and attach to your reply.

Next,

With PowerTool still open select "Services" tab, when the field populates right click inside then select "Export" save the zip and attach to your reply.

Attach both zip files, also do you have access to a Windows 10 installation CD or USB. I want to get a scan with FRST from the recovery environment. When you tried before it seems that you were in the RE but command prompt window would not load. Can you try and open a command promt from Normal windows and see if it will load correctly..

Thank you,

Kevin...

Share this post


Link to post
Share on other sites

Yeah i've been following it since before creating this thread, appreciate the heads up even though I haven't done any of what he's written to that OP. I can load into Safe Mode with Command Prompt and can use CMD in normal boot with no issues. I don't currently have an installation disc, i'll see if I can figure out how to fix the blue screen. 

Startup + Services.zip

Share this post


Link to post
Share on other sites

Thanks for those logs, unfortunately no relevant information...  We need to access RE and run scan with FRST. Go to the following link:

https://www.microsoft.com/en-us/software-download/windows10

Expand and use the second option:

Using the tool to create installation media (USB flash drive, DVD, or ISO file) to install Windows 10 on a different PC (click to show more or less information)

You can use USB or DVD to access recovery environment to run FRST via cmd prompt...

Rest of information is in reply #51

 

 

 

Edited by kevinf80

Share this post


Link to post
Share on other sites

So I have to reinstall my windows 10? I have the installation media downloaded and ready on the USB stick but I am confused as to why I should be reinstalling windows and how that will allow me to access recovery cmd?

Share this post


Link to post
Share on other sites

I ran DISM.exe /Online /Cleanup-image /Scanhealth and DISM.exe /Online /Cleanup-image /Restorehealth with the results attached. SFC/Scannow also came back negative. 

DISM Cleanup.txt

Share this post


Link to post
Share on other sites

No I do not want you to reinstall windows, I want you to use the installation media to access the recovery environment. There is an issue doing that action with your system, there should be no issue using installation media....

There is no guarantee that running a scan with FRST via the RE will give the information we need, it is worth trying to find out...

Before we go down that route I want you make a fresh restore point, when that is done i`ve attached a zip file named fix.zip. Download that and unzip to your Desktop, you should have fix.reg

Right click on fix.reg and select "Run as Administrator" agree any merges or alerts. Reboot when complete, does the popup cease...

 

fix.zip

Share this post


Link to post
Share on other sites

I ran fix.zip then restarted and it still popped up. Am I supposed to be cleaning registry entries related to 360 before running this or that wouldn't make a difference? 

Share this post


Link to post
Share on other sites

安全卫士
安全卫士-安装| 

These are the two names the files get tagged with in registry. 安全卫士 = Safety Guard and 安全卫士-安装|  = Security Guard Installation
 

Share this post


Link to post
Share on other sites

No the reg fix was supposed to stop the popup, obviously it did not.... We need to see a log from FRST via the recovery environment...

Those reg names to show, can you post the full reg keys. Also are those returning after removal then a reboot..?

To access Advanced Start up Options and then CMD prompt use option five at the following link..

https://www.tenforums.com/tutorials/2294-boot-advanced-startup-options-windows-10-a.html

 

Share this post


Link to post
Share on other sites

This scan was run from Recovery CMD. 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by SYSTEM on MININT-BODUVIA (13-12-2018 03:13:26)
Running from F:\
Platform: Windows 10 Pro Version 1803 17134.471 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => F:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-06-30] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-09] (Adobe Systems, Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2018-09-07] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-06] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-05] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5608208 2018-10-22] (IObit)
HKLM Group Policy restriction on software: %localappdata%\Temp\ins*.tmp <==== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\Default\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\PC\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7088408 2015-01-22] (Piriform Ltd)
HKU\PC\...\Run: [NetLimiter] => C:\Program Files (x86)\NetLimiter 4\nlclientapp.exe [52656 2015-10-10] (Locktime Software)
HKU\PC\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe [3703568 2018-08-15] (IObit)
HKU\PC\...\RunOnce: [Application Restart #0] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2018-09-07] (Logitech, Inc.)
HKU\PC\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [149504 2018-04-11] (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2015-11-30]
ShortcutTarget: DS4Windows.lnk -> C:\Program Files (x86)\PS4 Controller\DS4Windows.exe ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RegVac.lnk [2018-12-10]
ShortcutTarget: RegVac.lnk -> C:\Program Files (x86)\RegVac Registry Cleaner\regvac.exe ()

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-24] (Adobe Systems Incorporated)
S2 AdvancedSystemCareService11; C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe [1066256 2018-03-28] (IObit)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-09] (Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-09] (Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-06] (Apple Inc.)
S2 ASCAntivirusSrv; C:\Program Files (x86)\Advanced SystemCare Ultimate\ascavsvc.exe [1990928 2018-01-17] (IObit)
S2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-06] (Microsoft Corporation)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-08-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-28] (GOG.com)
S2 HasteUEService; C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe [1516328 2017-05-04] (Thalonet, Inc. (dba Haste))
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2355472 2018-10-19] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc.)
S2 nlsvc; C:\Program Files (x86)\NetLimiter 4\NLSvc.exe [322480 2015-10-10] (Locktime Software)
S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-09] (Razer Inc.)
S2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-16] (Razer Inc.)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-14] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-12-04] (Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 Origin Client Service; "F:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Origin Web Helper Service; "F:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-07-15] (ASRock Incorporation)
S0 AsrRamDisk; C:\Windows\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4321160 2018-07-18] (Qualcomm Atheros Communications, Inc.)
S3 cpuz138; C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2018-12-10] (CPUID) <==== ATTENTION
S3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2018-12-12] (CPUID)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [31816 2018-07-17] (ELAN Microelectronic Corp.)
S2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-10-27] (BitDefender LLC)
S3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
S3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-16] (REALiX(tm))
S1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44032 2018-03-19] (IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-08-13] (IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-19] (IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-19] (IObit.com)
S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-08-12] (IObit.com)
S1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-08-26] (IObit.com)
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
S3 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
S3 iobit_monitor_server; C:\Program Files (x86)\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [24056 2017-07-18] (IObit)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
S3 ladfGSS; C:\Windows\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc.)
S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc.)
S3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
S2 nldrv; C:\Program Files (x86)\NetLimiter 4\nldrv.sys [120720 2015-10-10] (Locktime Software)
S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9db4450b8107f59a\nvlddmkm.sys [20420352 2018-11-30] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-11-29] (NVIDIA Corporation)
S0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-19] (IObit.com)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer Inc)
S2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [43256 2017-07-18] (Razer, Inc.)
S2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137208 2017-07-16] (Razer, Inc.)
S0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
S0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-18] (Scarlet.Crush Productions)
S0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-21] (IObit)
S3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [464808 2018-04-23] (BitDefender S.R.L.)
S3 VBus; C:\Windows\System32\drivers\NkVBus.sys [26400 2007-09-05] (Nikon Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46184 2018-12-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [328696 2018-12-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-12-04] (Microsoft Corporation)
S4 WinDivert1.2; C:\Program Files\Haste\Haste Esports Accelerator\WinDivert64.sys [37672 2016-10-04] (Basil)
S1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-12-09] (Zemana Ltd.)
S3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-12 14:41 - 2018-12-12 15:10 - 000113071 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-12-12 14:41 - 2018-12-12 14:41 - 000003010 _____ C:\Windows\System32\Tasks\AsrSP.exe
2018-12-12 14:37 - 2018-12-12 14:37 - 000000430 _____ C:\Users\PC\Downloads\fix.zip
2018-12-12 14:14 - 2018-12-12 14:14 - 000000761 _____ C:\Users\PC\Desktop\DISM Cleanup.txt
2018-12-12 13:42 - 2018-12-12 13:42 - 000000000 ____D C:\ESD
2018-12-12 13:38 - 2018-12-12 13:38 - 019229160 _____ (Microsoft Corporation) C:\Users\PC\Downloads\MediaCreationTool1809.exe
2018-12-12 13:38 - 2018-12-12 13:38 - 000000000 ___HD C:\$Windows.~WS
2018-12-12 13:38 - 2018-12-12 13:38 - 000000000 ____D C:\$WINDOWS.~BT
2018-12-12 04:07 - 2018-12-12 04:07 - 000015550 _____ C:\Users\PC\Desktop\startup.csv
2018-12-12 04:07 - 2018-12-12 04:07 - 000010300 _____ C:\Users\PC\Desktop\service.csv
2018-12-12 04:05 - 2018-12-07 23:46 - 000407534 __RSH C:\bootmgr
2018-12-12 04:05 - 2018-04-11 15:34 - 000000001 ___SH C:\BOOTNXT
2018-12-12 02:51 - 2018-12-12 02:51 - 000003775 _____ C:\Users\PC\Desktop\notify.csv
2018-12-12 02:48 - 2018-12-12 02:48 - 009440768 _____ C:\Users\PC\Desktop\PowerTool64.exe
2018-12-12 02:48 - 2018-12-12 02:48 - 000177816 _____ (PowerTool) C:\Users\PC\Downloads\kEvP64.sys
2018-12-12 02:48 - 2018-12-08 04:47 - 001786896 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntVirtualization.dll
2018-12-12 02:48 - 2018-12-08 04:42 - 004527800 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2018-12-12 02:48 - 2018-12-08 04:42 - 001616824 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2018-12-12 02:48 - 2018-12-08 04:41 - 002394960 _____ (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL
2018-12-12 02:48 - 2018-12-08 04:29 - 013572608 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2018-12-12 02:48 - 2018-12-08 04:28 - 012710400 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2018-12-12 02:48 - 2018-12-08 04:28 - 006586880 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2018-12-12 02:48 - 2018-12-08 04:28 - 004708864 _____ (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll
2018-12-12 02:48 - 2018-12-08 04:27 - 005657600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-12-12 02:48 - 2018-12-08 04:25 - 012500992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-12-12 02:48 - 2018-12-08 04:25 - 011902976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-12-12 02:48 - 2018-12-08 04:23 - 003649024 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys
2018-12-12 02:48 - 2018-12-08 04:23 - 002892288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-12-12 02:48 - 2018-12-08 00:13 - 001040936 _____ (Microsoft Corporation) C:\Windows\System32\ApplyTrustOffline.exe
2018-12-12 02:48 - 2018-12-08 00:07 - 005625352 _____ (Microsoft Corporation) C:\Windows\System32\StartTileData.dll
2018-12-12 02:48 - 2018-12-08 00:07 - 001221632 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe
2018-12-12 02:48 - 2018-12-08 00:07 - 001030184 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe
2018-12-12 02:48 - 2018-12-08 00:06 - 001017168 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2adec.dll
2018-12-12 02:48 - 2018-12-08 00:05 - 007520096 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2018-12-12 02:48 - 2018-12-08 00:05 - 007436216 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll
2018-12-12 02:48 - 2018-12-08 00:05 - 002822656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2018-12-12 02:48 - 2018-12-08 00:05 - 002463384 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2018-12-12 02:48 - 2018-12-08 00:04 - 009084216 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2018-12-12 02:48 - 2018-12-08 00:04 - 004404720 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2018-12-12 02:48 - 2018-12-08 00:04 - 002371296 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2018-12-12 02:48 - 2018-12-08 00:04 - 001943328 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2018-12-12 02:48 - 2018-12-08 00:04 - 001188512 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2018-12-12 02:48 - 2018-12-08 00:04 - 000416024 _____ (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2018-12-12 02:48 - 2018-12-07 23:49 - 025855488 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll
2018-12-12 02:48 - 2018-12-07 23:47 - 000861744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2018-12-12 02:48 - 2018-12-07 23:46 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-12-12 02:48 - 2018-12-07 23:46 - 001989040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-12-12 02:48 - 2018-12-07 23:46 - 000457056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2018-12-12 02:48 - 2018-12-07 23:45 - 006569040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-12 02:48 - 2018-12-07 23:45 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-12-12 02:48 - 2018-12-07 23:45 - 004789952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-12-12 02:48 - 2018-12-07 23:45 - 002307240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2018-12-12 02:48 - 2018-12-07 23:45 - 001620472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-12-12 02:48 - 2018-12-07 23:45 - 001379816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2018-12-12 02:48 - 2018-12-07 23:42 - 022715392 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2018-12-12 02:48 - 2018-12-07 23:42 - 009084928 _____ (Microsoft Corporation) C:\Windows\System32\BingMaps.dll
2018-12-12 02:48 - 2018-12-07 23:41 - 007057408 _____ (Microsoft Corporation) C:\Windows\System32\mos.dll
2018-12-12 02:48 - 2018-12-07 23:40 - 004710912 _____ (Microsoft Corporation) C:\Windows\System32\cdp.dll
2018-12-12 02:48 - 2018-12-07 23:40 - 004384768 _____ (Microsoft Corporation) C:\Windows\System32\EdgeContent.dll
2018-12-12 02:48 - 2018-12-07 23:38 - 022016000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-12-12 02:48 - 2018-12-07 23:38 - 003392000 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll
2018-12-12 02:48 - 2018-12-07 23:38 - 002739200 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2018-12-12 02:48 - 2018-12-07 23:37 - 002825728 _____ (Microsoft Corporation) C:\Windows\System32\MapGeocoder.dll
2018-12-12 02:48 - 2018-12-07 23:36 - 007573504 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll
2018-12-12 02:48 - 2018-12-07 23:36 - 003396608 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2018-12-12 02:48 - 2018-12-07 23:36 - 003090432 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll
2018-12-12 02:48 - 2018-12-07 23:36 - 002364928 _____ (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2018-12-12 02:48 - 2018-12-07 23:36 - 001768448 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2018-12-12 02:48 - 2018-12-07 23:35 - 002126336 _____ (Microsoft Corporation) C:\Windows\System32\LocationFramework.dll
2018-12-12 02:48 - 2018-12-07 23:35 - 001826816 _____ (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.dll
2018-12-12 02:48 - 2018-12-07 23:35 - 000808448 _____ (Microsoft Corporation) C:\Windows\System32\EdgeManager.dll
2018-12-12 02:48 - 2018-12-07 23:33 - 019405312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-12-12 02:48 - 2018-12-07 23:33 - 002904064 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2018-12-12 02:48 - 2018-12-07 23:33 - 001457152 _____ (Microsoft Corporation) C:\Windows\System32\dosvc.dll
2018-12-12 02:48 - 2018-12-07 23:32 - 001097728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2018-12-12 02:48 - 2018-12-07 23:30 - 002966528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-12-12 02:48 - 2018-12-07 23:29 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-12-12 02:48 - 2018-12-07 23:29 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-12-12 02:48 - 2018-12-07 23:28 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-12-12 02:48 - 2018-12-07 23:28 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-12-12 02:48 - 2018-11-08 22:15 - 021388752 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2018-12-12 02:48 - 2018-11-08 21:59 - 008623616 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2018-12-12 02:48 - 2018-11-08 21:57 - 004491264 _____ (Microsoft Corporation) C:\Windows\System32\xpsrchvw.exe
2018-12-12 02:48 - 2018-11-08 21:55 - 001254400 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettings.Handlers.dll
2018-12-12 02:48 - 2018-11-08 21:55 - 000878592 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2018-12-12 02:48 - 2018-11-08 21:32 - 020383832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-12-12 02:48 - 2018-11-08 21:17 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2018-12-12 02:48 - 2018-11-08 18:56 - 001213472 _____ (Microsoft Corporation) C:\Windows\System32\ClipUp.exe
2018-12-12 02:48 - 2018-11-08 18:48 - 003179760 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2018-12-12 02:48 - 2018-11-08 18:48 - 001613288 _____ (Microsoft Corporation) C:\Windows\System32\D3D12.dll
2018-12-12 02:48 - 2018-11-08 18:47 - 002765344 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2018-12-12 02:48 - 2018-11-08 18:47 - 002571128 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2018-12-12 02:48 - 2018-11-08 18:21 - 004866560 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2018-12-12 02:48 - 2018-11-08 18:21 - 001627136 _____ (Microsoft Corporation) C:\Windows\System32\enterprisecsps.dll
2018-12-12 02:48 - 2018-11-08 18:20 - 006032384 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2018-12-12 02:48 - 2018-11-08 18:19 - 002368512 _____ (Microsoft Corporation) C:\Windows\System32\WebRuntimeManager.dll
2018-12-12 02:48 - 2018-11-08 18:18 - 003320320 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2018-12-12 02:48 - 2018-11-08 18:18 - 001487360 _____ (Microsoft Corporation) C:\Windows\System32\InstallService.dll
2018-12-12 02:48 - 2018-11-08 18:16 - 004939776 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2018-12-12 02:48 - 2018-11-08 18:16 - 002224640 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys
2018-12-12 02:48 - 2018-11-08 18:16 - 001364992 _____ (Microsoft Corporation) C:\Windows\System32\lpasvc.dll
2018-12-12 02:48 - 2018-11-08 18:15 - 000943616 _____ (Microsoft Corporation) C:\Windows\System32\BingOnlineServices.dll
2018-12-12 02:48 - 2018-11-08 17:46 - 002253184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-12-12 02:48 - 2018-11-08 17:46 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-12-12 02:48 - 2018-11-08 17:29 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-12-12 02:48 - 2018-11-08 17:28 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2018-12-12 02:48 - 2018-11-08 17:28 - 002900992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-12-12 02:48 - 2018-11-08 17:26 - 004514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-12-12 02:47 - 2018-12-08 04:48 - 000034104 _____ C:\Windows\System32\SyncAppvPublishingServer.exe
2018-12-12 02:47 - 2018-12-08 04:47 - 001627656 _____ (Microsoft Corporation) C:\Windows\System32\AppVIntegration.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 001422864 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntSubsystemController.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 001048712 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Shell.Broker.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 001038352 _____ (Microsoft Corporation) C:\Windows\System32\AppVPolicy.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000954384 _____ (Microsoft Corporation) C:\Windows\System32\AppVManifest.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000830480 _____ (Microsoft Corporation) C:\Windows\System32\AppVOrchestration.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000825352 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntStreamingManager.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000750096 _____ (Microsoft Corporation) C:\Windows\System32\AppVReporting.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000670224 _____ (Microsoft Corporation) C:\Windows\System32\AppVCatalog.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000652296 _____ (Microsoft Corporation) C:\Windows\System32\AppVPublishing.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000645320 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000495632 _____ (Microsoft Corporation) C:\Windows\System32\TransportDSA.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000399880 _____ (Microsoft Corporation) C:\Windows\System32\AppVScripting.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000258064 _____ (Microsoft Corporation) C:\Windows\System32\AppVFileSystemMetadata.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000231440 _____ (Microsoft Corporation) C:\Windows\System32\AppVShNotify.exe
2018-12-12 02:47 - 2018-12-08 04:47 - 000228368 _____ (Microsoft Corporation) C:\Windows\System32\AppVStreamMap.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000201744 _____ (Microsoft Corporation) C:\Windows\System32\AppVStreamingUX.dll
2018-12-12 02:47 - 2018-12-08 04:47 - 000180752 _____ (Microsoft Corporation) C:\Windows\System32\AppVDllSurrogate.exe
2018-12-12 02:47 - 2018-12-08 04:47 - 000173072 _____ (Microsoft Corporation) C:\Windows\System32\AppVNice.exe
2018-12-12 02:47 - 2018-12-08 04:46 - 000549760 _____ (Microsoft Corporation) C:\Windows\System32\AppResolver.dll
2018-12-12 02:47 - 2018-12-08 04:43 - 000304144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mssecflt.sys
2018-12-12 02:47 - 2018-12-08 04:42 - 001634944 _____ (Microsoft Corporation) C:\Windows\System32\gdi32full.dll
2018-12-12 02:47 - 2018-12-08 04:41 - 000481880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-12-12 02:47 - 2018-12-08 04:40 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2018-12-12 02:47 - 2018-12-08 04:39 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2018-12-12 02:47 - 2018-12-08 04:29 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\iemigplugin.dll
2018-12-12 02:47 - 2018-12-08 04:27 - 000140800 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Management.SecureAssessment.dll
2018-12-12 02:47 - 2018-12-08 04:27 - 000082432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storqosflt.sys
2018-12-12 02:47 - 2018-12-08 04:27 - 000068608 _____ (Microsoft Corporation) C:\Windows\System32\fdBth.dll
2018-12-12 02:47 - 2018-12-08 04:27 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdBth.dll
2018-12-12 02:47 - 2018-12-08 04:23 - 001856512 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2018-12-12 02:47 - 2018-12-08 04:23 - 001661440 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2018-12-12 02:47 - 2018-12-08 04:23 - 001364992 _____ (Microsoft Corporation) C:\Windows\System32\bcastdvruserservice.dll
2018-12-12 02:47 - 2018-12-08 04:23 - 000503296 _____ (Microsoft Corporation) C:\Windows\System32\sppcext.dll
2018-12-12 02:47 - 2018-12-08 04:23 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-12-12 02:47 - 2018-12-08 04:22 - 001586176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-12-12 02:47 - 2018-12-08 04:22 - 001469952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-12-12 02:47 - 2018-12-08 04:22 - 000577024 _____ (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
2018-12-12 02:47 - 2018-12-08 00:12 - 000272408 _____ (Microsoft Corporation) C:\Windows\System32\SgrmEnclave.dll
2018-12-12 02:47 - 2018-12-08 00:12 - 000269336 _____ (Microsoft Corporation) C:\Windows\System32\SgrmEnclave_secure.dll
2018-12-12 02:47 - 2018-12-08 00:12 - 000092688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bindflt.sys
2018-12-12 02:47 - 2018-12-08 00:07 - 001328632 _____ (Microsoft Corporation) C:\Windows\System32\wpx.dll
2018-12-12 02:47 - 2018-12-08 00:07 - 001063416 _____ (Microsoft Corporation) C:\Windows\System32\SecConfig.efi
2018-12-12 02:47 - 2018-12-08 00:07 - 000135168 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.dll
2018-12-12 02:47 - 2018-12-08 00:07 - 000076280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hvservice.sys
2018-12-12 02:47 - 2018-12-08 00:06 - 000777512 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2018-12-12 02:47 - 2018-12-08 00:06 - 000709936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2018-12-12 02:47 - 2018-12-08 00:06 - 000566784 _____ (Microsoft Corporation) C:\Windows\System32\tcblaunch.exe
2018-12-12 02:47 - 2018-12-08 00:06 - 000491416 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll
2018-12-12 02:47 - 2018-12-08 00:06 - 000433168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2018-12-12 02:47 - 2018-12-08 00:06 - 000249088 _____ (Microsoft Corporation) C:\Windows\System32\weretw.dll
2018-12-12 02:47 - 2018-12-08 00:05 - 001935008 _____ (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2018-12-12 02:47 - 2018-12-08 00:05 - 001209888 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2018-12-12 02:47 - 2018-12-08 00:05 - 001018880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ClipSp.sys
2018-12-12 02:47 - 2018-12-08 00:05 - 000793592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys
2018-12-12 02:47 - 2018-12-08 00:05 - 000706040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2018-12-12 02:47 - 2018-12-08 00:05 - 000594224 _____ (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2018-12-12 02:47 - 2018-12-08 00:05 - 000421176 _____ (Microsoft Corporation) C:\Windows\System32\xbgmengine.dll
2018-12-12 02:47 - 2018-12-08 00:05 - 000413920 _____ (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2018-12-12 02:47 - 2018-12-08 00:05 - 000171008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2018-12-12 02:47 - 2018-12-08 00:05 - 000130312 _____ (Microsoft Corporation) C:\Windows\System32\rmclient.dll
2018-12-12 02:47 - 2018-12-08 00:05 - 000086016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2018-12-12 02:47 - 2018-12-08 00:04 - 002590296 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2018-12-12 02:47 - 2018-12-08 00:04 - 001457032 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2018-12-12 02:47 - 2018-12-08 00:04 - 001257672 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2018-12-12 02:47 - 2018-12-08 00:04 - 001150312 _____ (Microsoft Corporation) C:\Windows\System32\MSVP9DEC.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 001140480 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2018-12-12 02:47 - 2018-12-08 00:04 - 000982912 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2018-12-12 02:47 - 2018-12-08 00:04 - 000885760 _____ (Microsoft Corporation) C:\Windows\System32\CoreMessaging.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 000604984 _____ (Microsoft Corporation) C:\Windows\System32\securekernel.exe
2018-12-12 02:47 - 2018-12-08 00:04 - 000527160 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 000413176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2018-12-12 02:47 - 2018-12-08 00:04 - 000375608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2018-12-12 02:47 - 2018-12-08 00:04 - 000335672 _____ (Microsoft Corporation) C:\Windows\System32\moshostcore.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 000268280 _____ (Microsoft Corporation) C:\Windows\System32\browserbroker.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 000260800 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 000158624 _____ (Microsoft Corporation) C:\Windows\System32\vertdll.dll
2018-12-12 02:47 - 2018-12-08 00:04 - 000128824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys
2018-12-12 02:47 - 2018-12-08 00:04 - 000058168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\iorate.sys
2018-12-12 02:47 - 2018-12-08 00:04 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
2018-12-12 02:47 - 2018-12-07 23:47 - 000785760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-12-12 02:47 - 2018-12-07 23:46 - 001397104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll
2018-12-12 02:47 - 2018-12-07 23:46 - 000665224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2018-12-12 02:47 - 2018-12-07 23:46 - 000101192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2018-12-12 02:47 - 2018-12-07 23:45 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-12-12 02:47 - 2018-12-07 23:45 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-12-12 02:47 - 2018-12-07 23:45 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-12-12 02:47 - 2018-12-07 23:45 - 000356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2018-12-12 02:47 - 2018-12-07 23:45 - 000129296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-12-12 02:47 - 2018-12-07 23:39 - 000036352 _____ (Microsoft Corporation) C:\Windows\System32\wpnsruprov.dll
2018-12-12 02:47 - 2018-12-07 23:38 - 000419328 _____ (Microsoft Corporation) C:\Windows\System32\eeprov.dll
2018-12-12 02:47 - 2018-12-07 23:38 - 000310272 _____ (Microsoft Corporation) C:\Windows\System32\wc_storage.dll
2018-12-12 02:47 - 2018-12-07 23:38 - 000132608 _____ (Microsoft Corporation) C:\Windows\System32\DataUsageLiveTileTask.exe
2018-12-12 02:47 - 2018-12-07 23:38 - 000085504 _____ (Microsoft Corporation) C:\Windows\System32\LocationFrameworkInternalPS.dll
2018-12-12 02:47 - 2018-12-07 23:38 - 000083456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys
2018-12-12 02:47 - 2018-12-07 23:38 - 000055296 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 001308160 _____ (Microsoft Corporation) C:\Windows\System32\MSVPXENC.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000395776 _____ (Microsoft Corporation) C:\Windows\System32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000386048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.System.Diagnostics.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000358912 _____ (Microsoft Corporation) C:\Windows\System32\DataUsageHandlers.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000209408 _____ (Microsoft Corporation) C:\Windows\System32\AppXApplicabilityBlob.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000184320 _____ (Microsoft Corporation) C:\Windows\System32\bthserv.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000170496 _____ (Microsoft Corporation) C:\Windows\System32\appsruprov.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000157696 _____ (Microsoft Corporation) C:\Windows\System32\energyprov.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000106496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2018-12-12 02:47 - 2018-12-07 23:37 - 000099328 _____ (Microsoft Corporation) C:\Windows\System32\utcutil.dll
2018-12-12 02:47 - 2018-12-07 23:37 - 000079872 _____ (Microsoft Corporation) C:\Windows\System32\offreg.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 003381248 _____ (Microsoft Corporation) C:\Windows\System32\MapRouter.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 000894464 _____ (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 000566784 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 000462336 _____ (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2018-12-12 02:47 - 2018-12-07 23:36 - 000356352 _____ (Microsoft Corporation) C:\Windows\System32\dusmsvc.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 000227328 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2018-12-12 02:47 - 2018-12-07 23:36 - 000154112 _____ (Microsoft Corporation) C:\Windows\System32\Chakradiag.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 000153600 _____ (Microsoft Corporation) C:\Windows\System32\RMapi.dll
2018-12-12 02:47 - 2018-12-07 23:36 - 000043008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mmcss.sys
2018-12-12 02:47 - 2018-12-07 23:35 - 001708544 _____ (Microsoft Corporation) C:\Windows\System32\MSPhotography.dll
2018-12-12 02:47 - 2018-12-07 23:35 - 001551360 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.desktop.dll
2018-12-12 02:47 - 2018-12-07 23:35 - 000623104 _____ (Microsoft Corporation) C:\Windows\System32\PsmServiceExtHost.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 002173440 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 001535488 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 001023488 _____ (Microsoft Corporation) C:\Windows\System32\ShareHost.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 000884224 _____ (Microsoft Corporation) C:\Windows\System32\NMAA.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 000693248 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 000684544 _____ (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2018-12-12 02:47 - 2018-12-07 23:34 - 000491520 _____ (Microsoft Corporation) C:\Windows\System32\defragsvc.dll
2018-12-12 02:47 - 2018-12-07 23:33 - 001264640 _____ (Microsoft Corporation) C:\Windows\System32\JpMapControl.dll
2018-12-12 02:47 - 2018-12-07 23:33 - 001058304 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2018-12-12 02:47 - 2018-12-07 23:33 - 000949248 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2018-12-12 02:47 - 2018-12-07 23:33 - 000823296 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2018-12-12 02:47 - 2018-12-07 23:33 - 000176640 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll
2018-12-12 02:47 - 2018-12-07 23:32 - 001032704 _____ (Microsoft Corporation) C:\Windows\System32\modernexecserver.dll
2018-12-12 02:47 - 2018-12-07 23:32 - 000895488 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 02:47 - 2018-12-07 23:32 - 000796672 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2018-12-12 02:47 - 2018-12-07 23:32 - 000776192 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2018-12-12 02:47 - 2018-12-07 23:32 - 000542208 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2018-12-12 02:47 - 2018-12-07 23:32 - 000406528 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2018-12-12 02:47 - 2018-12-07 23:30 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-12-12 02:47 - 2018-12-07 23:30 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2018-12-12 02:47 - 2018-12-07 23:29 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 02:47 - 2018-12-07 23:29 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2018-12-12 02:47 - 2018-12-07 23:28 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-12-12 02:47 - 2018-12-07 23:28 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-12-12 02:47 - 2018-12-07 23:28 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-12-12 02:47 - 2018-12-07 23:28 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 02:47 - 2018-12-07 23:27 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-12-12 02:47 - 2018-12-07 23:27 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-12-12 02:47 - 2018-12-07 23:27 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-12-12 02:47 - 2018-12-07 23:27 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-12-12 02:47 - 2018-12-07 23:27 - 000555008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-12 02:47 - 2018-12-07 23:27 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-12-12 02:47 - 2018-12-07 23:26 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2018-12-12 02:47 - 2018-12-07 23:26 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2018-12-12 02:47 - 2018-12-07 23:25 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-12-12 02:47 - 2018-12-07 23:25 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-12-12 02:47 - 2018-12-07 23:25 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2018-12-12 02:47 - 2018-12-07 23:25 - 000702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2018-12-12 02:47 - 2018-12-07 23:25 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-12-12 02:47 - 2018-12-07 23:25 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-12-12 02:47 - 2018-12-07 23:24 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 02:47 - 2018-12-07 23:24 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-12-12 02:47 - 2018-12-07 23:24 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-12-12 02:47 - 2018-12-07 23:24 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-12-12 02:47 - 2018-12-07 22:16 - 000001310 _____ C:\Windows\System32\tcbres.wim
2018-12-12 02:47 - 2018-11-08 22:00 - 000177664 _____ (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2018-12-12 02:47 - 2018-11-08 21:58 - 000244736 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2018-12-12 02:47 - 2018-11-08 21:57 - 000208896 _____ (Microsoft Corporation) C:\Windows\System32\sensrsvc.dll
2018-12-12 02:47 - 2018-11-08 21:56 - 000392192 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2018-12-12 02:47 - 2018-11-08 21:56 - 000381952 _____ (Microsoft Corporation) C:\Windows\System32\ninput.dll
2018-12-12 02:47 - 2018-11-08 21:56 - 000103936 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSoftwareInstallationClient.dll
2018-12-12 02:47 - 2018-11-08 21:54 - 001535488 _____ (Microsoft Corporation) C:\Windows\System32\wbengine.exe
2018-12-12 02:47 - 2018-11-08 21:22 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-12-12 02:47 - 2018-11-08 21:20 - 007987712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-12-12 02:47 - 2018-11-08 21:20 - 003397632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-12-12 02:47 - 2018-11-08 21:19 - 000181248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-12-12 02:47 - 2018-11-08 21:18 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-12-12 02:47 - 2018-11-08 21:18 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2018-12-12 02:47 - 2018-11-08 18:49 - 000723416 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2018-12-12 02:47 - 2018-11-08 18:49 - 000565048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2018-12-12 02:47 - 2018-11-08 18:49 - 000368656 _____ (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2018-12-12 02:47 - 2018-11-08 18:48 - 002719736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2018-12-12 02:47 - 2018-11-08 18:48 - 000899920 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2018-12-12 02:47 - 2018-11-08 18:48 - 000766704 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2018-12-12 02:47 - 2018-11-08 18:48 - 000745472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2018-12-12 02:47 - 2018-11-08 18:48 - 000375296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2018-12-12 02:47 - 2018-11-08 18:47 - 002062392 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2018-12-12 02:47 - 2018-11-08 18:47 - 001285432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2018-12-12 02:47 - 2018-11-08 18:47 - 000930616 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2018-12-12 02:47 - 2018-11-08 18:47 - 000537912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2018-12-12 02:47 - 2018-11-08 18:22 - 000185344 _____ (Microsoft Corporation) C:\Windows\System32\InstallServiceTasks.dll
2018-12-12 02:47 - 2018-11-08 18:22 - 000097792 _____ (Microsoft Corporation) C:\Windows\System32\winhttpcom.dll
2018-12-12 02:47 - 2018-11-08 18:21 - 000119808 _____ (Microsoft Corporation) C:\Windows\System32\UserDataTimeUtil.dll
2018-12-12 02:47 - 2018-11-08 18:21 - 000112128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys
2018-12-12 02:47 - 2018-11-08 18:21 - 000002560 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2018-12-12 02:47 - 2018-11-08 18:20 - 000530432 _____ (Microsoft Corporation) C:\Windows\System32\MapConfiguration.dll
2018-12-12 02:47 - 2018-11-08 18:20 - 000399872 _____ (Microsoft Corporation) C:\Windows\System32\BthAvctpSvc.dll
2018-12-12 02:47 - 2018-11-08 18:20 - 000200704 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BthA2DP.sys
2018-12-12 02:47 - 2018-11-08 18:20 - 000193536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2018-12-12 02:47 - 2018-11-08 18:20 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\tzautoupdate.dll
2018-12-12 02:47 - 2018-11-08 18:19 - 000726528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2018-12-12 02:47 - 2018-11-08 18:19 - 000304128 _____ (Microsoft Corporation) C:\Windows\System32\domgmt.dll
2018-12-12 02:47 - 2018-11-08 18:18 - 000573952 _____ (Microsoft Corporation) C:\Windows\System32\webio.dll
2018-12-12 02:47 - 2018-11-08 18:18 - 000514048 _____ (Microsoft Corporation) C:\Windows\System32\BTAGService.dll
2018-12-12 02:47 - 2018-11-08 18:18 - 000300032 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2018-12-12 02:47 - 2018-11-08 18:17 - 002584576 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2018-12-12 02:47 - 2018-11-08 18:17 - 001069568 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2018-12-12 02:47 - 2018-11-08 18:16 - 001225216 _____ (Microsoft Corporation) C:\Windows\System32\MapsStore.dll
2018-12-12 02:47 - 2018-11-08 18:16 - 000308736 _____ (Microsoft Corporation) C:\Windows\System32\EnterpriseAppMgmtSvc.dll
2018-12-12 02:47 - 2018-11-08 18:15 - 000933888 _____ (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2018-12-12 02:47 - 2018-11-08 18:15 - 000884224 _____ (Microsoft Corporation) C:\Windows\System32\MapControlCore.dll
2018-12-12 02:47 - 2018-11-08 18:15 - 000505344 _____ (Microsoft Corporation) C:\Windows\System32\edgeIso.dll
2018-12-12 02:47 - 2018-11-08 18:07 - 002417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-12-12 02:47 - 2018-11-08 18:07 - 001299704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2018-12-12 02:47 - 2018-11-08 17:48 - 000550728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-12-12 02:47 - 2018-11-08 17:47 - 000295224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2018-12-12 02:47 - 2018-11-08 17:46 - 002161008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2018-12-12 02:47 - 2018-11-08 17:46 - 000829960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2018-12-12 02:47 - 2018-11-08 17:46 - 000721024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-12-12 02:47 - 2018-11-08 17:46 - 000573504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-12-12 02:47 - 2018-11-08 17:31 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2018-12-12 02:47 - 2018-11-08 17:31 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-12-12 02:47 - 2018-11-08 17:30 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2018-12-12 02:47 - 2018-11-08 17:30 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttpcom.dll
2018-12-12 02:47 - 2018-11-08 17:29 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-12-12 02:47 - 2018-11-08 17:29 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2018-12-12 02:47 - 2018-11-08 17:29 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-12-12 02:47 - 2018-11-08 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2018-12-12 02:47 - 2018-11-08 17:26 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2018-12-12 02:47 - 2018-11-08 17:26 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2018-12-12 02:47 - 2018-11-08 17:26 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-12-12 02:47 - 2018-11-08 17:25 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2018-12-12 02:47 - 2018-11-08 17:25 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2018-12-11 04:46 - 2018-12-11 04:46 - 000069632 _____ C:\Users\PC\Desktop\Event 1.evtx
2018-12-11 04:25 - 2018-09-04 14:36 - 001476904 _____ (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2018-12-11 04:10 - 2018-12-11 04:10 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-10 12:39 - 2018-12-10 12:39 - 000000000 ____D C:\Windows\System32\Drivers\NVIDIA Corporation
2018-12-10 12:39 - 2018-11-29 08:11 - 005338608 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2018-12-10 12:39 - 2018-11-29 08:11 - 002620624 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2018-12-10 12:39 - 2018-11-29 08:11 - 001767632 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2018-12-10 12:39 - 2018-11-29 08:11 - 000651248 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll
2018-12-10 12:39 - 2018-11-29 08:11 - 000450600 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2018-12-10 12:39 - 2018-11-29 08:11 - 000125240 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2018-12-10 12:39 - 2018-11-29 08:11 - 000082800 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll
2018-12-10 12:39 - 2018-11-27 15:28 - 008453862 _____ C:\Windows\System32\nvcoproc.bin
2018-12-10 12:39 - 2018-11-14 04:00 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-12-10 12:37 - 2018-11-30 20:59 - 000978336 _____ C:\Windows\System32\vulkan-1-999-0-0-0.dll
2018-12-10 12:37 - 2018-11-30 20:59 - 000978336 _____ C:\Windows\System32\vulkan-1.dll
2018-12-10 12:37 - 2018-11-30 20:59 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-10 12:37 - 2018-11-30 20:59 - 000845216 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-12-10 12:37 - 2018-11-30 20:59 - 000552416 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2018-12-10 12:37 - 2018-11-30 20:59 - 000456832 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-12-10 12:37 - 2018-11-30 20:59 - 000268192 _____ C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe
2018-12-10 12:37 - 2018-11-30 20:59 - 000268192 _____ C:\Windows\System32\vulkaninfo.exe
2018-12-10 12:37 - 2018-11-30 20:59 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-10 12:37 - 2018-11-30 20:59 - 000243616 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-12-10 12:37 - 2018-11-30 20:56 - 002018080 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6441722.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 002003856 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 001511880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 001468032 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6441722.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 001461016 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 001126688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 000631688 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll
2018-12-10 12:37 - 2018-11-30 20:56 - 000521472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 040260352 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 035156424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 015909720 _____ (NVIDIA Corporation) C:\Windows\System32\nvptxJitCompiler.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 013204104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 004946016 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 004316440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 000750472 _____ (NVIDIA Corporation) C:\Windows\System32\nvDecMFTMjpeg.dll
2018-12-10 12:37 - 2018-11-30 20:55 - 000608864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 019714064 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 016989840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 004999872 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 004258384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 001471616 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncMFThevc.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 001462216 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncMFTH264.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 001167600 _____ (NVIDIA Corporation) C:\Windows\System32\nvfatbinaryLoader.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 001152176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 001145736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 000914592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 000822768 _____ (NVIDIA Corporation) C:\Windows\System32\nvmcumd.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 000794824 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2018-12-10 12:37 - 2018-11-30 20:54 - 000637672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-12-10 12:37 - 2018-11-29 09:52 - 001682896 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2018-12-10 12:37 - 2018-11-29 09:52 - 000227896 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2018-12-10 12:37 - 2018-11-29 09:52 - 000074576 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvhci.sys
2018-12-10 12:37 - 2018-11-29 09:52 - 000048148 _____ C:\Windows\System32\nvinfo.pb
2018-12-10 12:37 - 2018-11-29 09:52 - 000047384 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2018-12-10 11:28 - 2018-12-10 11:28 - 000000000 ____D C:\TDSSKiller_Quarantine
2018-12-10 11:27 - 2018-12-10 11:28 - 000163906 _____ C:\TDSSKiller.2.8.16.0_10.12.2018_23.27.31_log.txt
2018-12-10 11:27 - 2018-12-10 11:27 - 000208216 _____ (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\72412583.sys
2018-12-10 11:06 - 2018-12-11 04:11 - 000740554 _____ C:\Windows\ntbtlog.txt
2018-12-10 02:33 - 2014-12-02 18:01 - 000206104 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2018-12-10 02:33 - 2014-12-02 18:01 - 000110488 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2018-12-10 02:32 - 2018-12-10 02:32 - 000000000 ____D C:\Program Files\SAMSUNG
2018-12-10 02:08 - 2018-12-10 02:15 - 000067203 _____ C:\Users\PC\Desktop\Repair Screen.jpeg
2018-12-10 02:02 - 2018-12-12 15:10 - 116391936 _____ C:\Windows\System32\config\SOFTWARE
2018-12-10 02:02 - 2018-12-12 15:10 - 003145728 _____ C:\Windows\System32\config\DEFAULT
2018-12-10 02:02 - 2018-12-12 15:10 - 000073728 _____ C:\Windows\System32\config\SAM
2018-12-10 02:02 - 2018-12-12 15:10 - 000045056 _____ C:\Windows\System32\config\SECURITY
2018-12-10 02:02 - 2018-12-10 02:02 - 000000000 ____H C:\asc_rdflag
2018-12-09 15:41 - 2018-12-09 15:41 - 000000017 _____ C:\Users\PC\AppData\Local\resmon.resmoncfg
2018-12-09 14:56 - 2018-12-11 04:19 - 000000000 ____D C:\Program Files (x86)\RegVac Registry Cleaner
2018-12-09 14:56 - 2018-12-09 14:56 - 000001190 _____ C:\Users\PC\Desktop\RegVac Registry Cleaner.lnk
2018-12-09 13:10 - 2018-12-12 14:44 - 000000464 _____ C:\Users\PC\Desktop\Tmp files created by 360.txt
2018-12-09 13:01 - 2015-12-23 06:34 - 000034080 _____ (IObit) C:\Windows\System32\RegistryDefragBootTime.exe
2018-12-09 13:00 - 2018-12-09 13:00 - 000208216 _____ (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\22824565.sys
2018-12-09 13:00 - 2018-12-09 13:00 - 000005986 _____ C:\TDSSKiller.2.8.16.0_10.12.2018_01.00.54_log.txt
2018-12-09 12:48 - 2018-12-09 14:50 - 000200683 _____ C:\Windows\ZAM.krnl.trace
2018-12-09 12:31 - 2018-12-09 12:31 - 000608358 _____ C:\TDSSKiller.2.8.16.0_10.12.2018_00.31.11_log.txt
2018-12-09 12:31 - 2018-12-09 12:31 - 000208216 _____ (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\97867137.sys
2018-12-09 12:30 - 2018-12-09 12:30 - 000208216 _____ (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\62293771.sys
2018-12-09 12:30 - 2018-12-09 12:30 - 000005904 _____ C:\TDSSKiller.2.8.16.0_10.12.2018_00.30.04_log.txt
2018-12-09 12:29 - 2018-12-09 12:30 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\PC\Downloads\tdsskiller.exe
2018-12-09 12:20 - 2018-12-09 12:20 - 000203680 _____ (Zemana Ltd.) C:\Windows\System32\Drivers\zamguard64.sys
2018-12-09 12:20 - 2018-12-09 12:20 - 000000000 ____D C:\Users\PC\AppData\Local\Zemana
2018-12-07 13:19 - 2018-12-10 04:33 - 001065984 _____ C:\Users\PC\AppData\Local\file__0.localstorage
2018-12-07 13:01 - 2018-12-07 13:01 - 000414309 _____ C:\Users\PC\Desktop\SHELBY.zip
2018-12-07 13:00 - 2018-12-07 13:00 - 009696426 _____ C:\Users\PC\Desktop\SHELBY.arn
2018-12-07 12:57 - 2018-12-07 12:57 - 000729840 _____ (Sysinternals - www.sysinternals.com) C:\Users\PC\Desktop\autoruns.exe
2018-12-07 10:00 - 2018-12-07 10:04 - 000000000 ____D C:\Users\PC\Desktop\Process Monitor
2018-12-07 10:00 - 2018-12-07 10:00 - 001010826 _____ C:\Users\PC\Downloads\ProcessMonitor.zip
2018-12-07 08:55 - 2018-12-07 08:55 - 000003354 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1745146063-4005962234-3562053907-1001
2018-12-06 15:08 - 2018-12-06 15:09 - 027261864 _____ (Yamicsoft) C:\Users\PC\Downloads\windows10manager.exe
2018-12-06 14:21 - 2018-12-07 13:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\MAXON
2018-12-06 11:15 - 2018-11-30 20:01 - 000835688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-06 11:15 - 2018-11-30 20:01 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 09:24 - 2018-12-06 09:24 - 000000424 _____ C:\Users\PC\Desktop\Computer.lnk
2018-12-06 09:21 - 2018-12-06 09:21 - 000000000 ____D C:\ProgramData\Sophos
2018-12-06 09:20 - 2018-12-06 09:20 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-12-06 09:20 - 2018-12-06 09:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-12-06 09:12 - 2018-04-23 00:27 - 000464808 _____ (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2018-12-06 02:23 - 2016-10-27 01:54 - 000183576 _____ (BitDefender LLC) C:\Windows\System32\Drivers\gzflt.sys
2018-12-06 02:03 - 2018-12-09 13:19 - 000002238 _____ C:\Users\PC\Desktop\Advanced SystemCare Ultimate 11.lnk
2018-12-06 01:41 - 2018-12-09 12:50 - 000002876 _____ C:\Windows\System32\Tasks\ASCU11_SkipUac_PC
2018-12-06 01:41 - 2018-12-06 01:41 - 000003112 _____ C:\Windows\System32\Tasks\ASCU_ASCTray_Auto
2018-12-06 01:41 - 2018-12-06 01:41 - 000003092 _____ C:\Windows\System32\Tasks\ASCU11_PerformanceMonitor
2018-12-06 01:40 - 2018-12-12 14:42 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Ultimate
2018-12-06 01:38 - 2018-12-06 02:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-06 01:38 - 2018-12-06 01:38 - 000255928 _____ (Malwarebytes) C:\Windows\System32\Drivers\131C0D2C.sys
2018-12-06 01:37 - 2018-12-06 01:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\PC\Downloads\mbar-1.10.3.1001.exe
2018-12-05 16:46 - 2018-12-05 16:46 - 000000207 _____ C:\Windows\tweaking.com-regbackup-SHELBY-Windows-10-Pro-(64-bit).dat
2018-12-05 16:46 - 2018-12-05 16:46 - 000000000 ____D C:\RegBackup
2018-12-05 16:44 - 2018-12-05 16:45 - 000000000 ____D C:\Users\PC\Desktop\Windows Repair Tool
2018-12-05 16:44 - 2018-12-05 16:44 - 037626408 _____ C:\Users\PC\Downloads\tweaking.com_windows_repair_aio.zip
2018-12-05 16:09 - 2018-12-05 16:09 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:09 - 2018-12-05 16:09 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:09 - 2018-11-16 03:55 - 002864496 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2018-12-05 16:08 - 2018-12-05 16:08 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-12-05 16:08 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-05 16:08 - 2018-10-01 10:47 - 000070024 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2018-12-05 15:14 - 2018-12-05 15:14 - 000000027 _____ C:\Windows\System32\Drivers\etc\hosts_bak_399
2018-12-05 14:21 - 2018-12-05 14:21 - 000448512 _____ (OldTimer Tools) C:\Users\PC\Desktop\TempFilecleaner.exe
2018-12-05 14:10 - 2018-12-06 03:17 - 000000000 ____D C:\Windows\Minidump
2018-12-05 13:59 - 2018-12-06 02:06 - 000000952 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-12-05 13:59 - 2018-12-05 14:41 - 000000000 ____D C:\ProgramData\RogueKiller
2018-12-05 13:59 - 2018-12-05 13:59 - 000000000 ____D C:\Program Files\RogueKiller
2018-12-05 13:51 - 2018-12-05 13:53 - 000000000 ____D C:\AdwCleaner
2018-12-05 13:51 - 2018-12-05 13:51 - 007321808 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.5.0.exe
2018-12-05 13:47 - 2018-12-11 02:55 - 000000000 ____D C:\Users\PC\Desktop\FRST
2018-12-05 13:45 - 2018-12-11 02:55 - 000000000 ____D C:\FRST
2018-12-05 13:34 - 2018-12-05 13:34 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2018-12-05 13:14 - 2018-12-06 14:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-05 13:14 - 2018-12-05 13:14 - 000000000 ____D C:\Users\PC\AppData\Local\mbamtray
2018-12-05 12:42 - 2018-12-05 12:42 - 009379840 _____ C:\Users\PC\NTUSER.rhk
2018-12-05 12:39 - 2018-12-05 12:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Wise Registry Cleaner
2018-12-05 12:39 - 2018-12-05 12:39 - 000000898 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2018-12-05 12:39 - 2018-12-05 12:39 - 000000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2018-12-05 12:26 - 2018-12-05 12:28 - 000000805 _____ C:\Users\PC\Desktop\CCleaner.lnk
2018-12-05 12:18 - 2018-12-05 12:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\GlarySoft
2018-12-05 09:18 - 2018-12-05 09:18 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-12-04 13:53 - 2018-12-04 14:04 - 000000000 ____D C:\Users\PC\Heaven
2018-12-04 13:21 - 2018-12-04 13:25 - 000000000 ____D C:\ProgramData\HitmanPro
2018-12-03 10:30 - 2018-12-03 10:30 - 000002735 _____ C:\Users\PC\Unigine_Valley_Benchmark_1.0_20181203_2229.html
2018-12-03 10:22 - 2018-12-04 01:31 - 000000000 ____D C:\Users\PC\Valley
2018-12-03 07:28 - 2018-12-03 07:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\IO Interactive
2018-12-02 16:01 - 2018-12-02 16:01 - 000074120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E05.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000071560 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E18.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000030072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5DDA.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000028536 _____ (Microsoft Corporation) C:\Windows\System32\TBM5DED.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000027536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5DF0.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000027536 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E02.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000025472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E6C.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000025472 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E7F.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000025472 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E59.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000025464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E56.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000023944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E40.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000023936 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E43.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000023432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5D5E.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000023424 _____ (Microsoft Corporation) C:\Windows\System32\TBM5D71.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000021880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E82.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000021880 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E94.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000021392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5D99.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000021392 _____ (Microsoft Corporation) C:\Windows\System32\TBM5D9C.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E2A.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5D49.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000020352 _____ (Microsoft Corporation) C:\Windows\System32\TBM5E2D.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000020344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5DAF.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000020344 _____ (Microsoft Corporation) C:\Windows\System32\TBM5DB2.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000020344 _____ (Microsoft Corporation) C:\Windows\System32\TBM5D5B.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000019864 _____ (Microsoft Corporation) C:\Windows\System32\TBM5D86.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000019856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5D74.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000019848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5E97.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000019840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TBM5DC4.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000019840 _____ (Microsoft Corporation) C:\Windows\System32\TBM5EA9.tmp
2018-12-02 16:01 - 2018-12-02 16:01 - 000019840 _____ (Microsoft Corporation) C:\Windows\System32\TBM5DC7.tmp
2018-11-16 06:19 - 2018-12-07 09:49 - 000000000 ____D C:\Program Files\rempl
2018-11-16 04:57 - 2018-12-06 15:40 - 000000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2018-11-14 11:03 - 2018-11-16 03:55 - 002264432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-11-14 11:03 - 2018-11-16 03:55 - 001322864 _____ (NVIDIA Corporation) C:\Windows\System32\NvRtmpStreamer64.dll
2018-11-14 11:03 - 2018-10-04 04:33 - 000203760 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2018-11-14 11:03 - 2018-10-04 04:33 - 000179696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-11-14 04:36 - 2018-11-01 03:49 - 000348160 _____ (Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
2018-11-14 04:36 - 2018-11-01 03:45 - 001376672 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2018-11-14 04:36 - 2018-11-01 03:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\System32\musdialoghandlers.dll
2018-11-14 04:36 - 2018-11-01 03:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\System32\msisip.dll
2018-11-14 04:36 - 2018-11-01 03:29 - 000073728 _____ (Microsoft Corporation) C:\Windows\System32\SMSRouter.dll
2018-11-14 04:36 - 2018-11-01 03:28 - 000253952 _____ (Microsoft Corporation) C:\Windows\System32\prnntfy.dll
2018-11-14 04:36 - 2018-11-01 03:27 - 001121792 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2018-11-14 04:36 - 2018-11-01 03:26 - 000463872 _____ (Microsoft Corporation) C:\Windows\System32\rdpshell.exe
2018-11-14 04:36 - 2018-11-01 03:26 - 000327168 _____ (Microsoft Corporation) C:\Windows\System32\rdpinit.exe
2018-11-14 04:36 - 2018-11-01 02:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 04:36 - 2018-11-01 01:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-11-14 04:36 - 2018-11-01 01:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-14 04:36 - 2018-11-01 01:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2018-11-14 04:36 - 2018-11-01 01:15 - 023861760 _____ (Microsoft Corporation) C:\Windows\System32\Hydrogen.dll
2018-11-14 04:36 - 2018-11-01 01:13 - 019525120 _____ (Microsoft Corporation) C:\Windows\System32\HologramCompositor.dll
2018-11-14 04:36 - 2018-10-31 23:26 - 003291640 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2018-11-14 04:36 - 2018-10-31 23:26 - 001363536 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2018-11-14 04:36 - 2018-10-31 23:25 - 001784680 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2018-11-14 04:36 - 2018-10-31 23:25 - 001288920 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2018-11-14 04:36 - 2018-10-31 23:25 - 000713472 _____ (Microsoft Corporation) C:\Windows\System32\MSVideoDSP.dll
2018-11-14 04:36 - 2018-10-31 23:25 - 000463672 _____ (Microsoft Corporation) C:\Windows\System32\coml2.dll
2018-11-14 04:36 - 2018-10-31 23:03 - 000034816 _____ (Microsoft Corporation) C:\Windows\System32\dusmtask.exe
2018-11-14 04:36 - 2018-10-31 23:02 - 000047104 _____ (Microsoft Corporation) C:\Windows\System32\dusmapi.dll
2018-11-14 04:36 - 2018-10-31 23:02 - 000023552 _____ (Microsoft Corporation) C:\Windows\System32\CSystemEventsBrokerClient.dll
2018-11-14 04:36 - 2018-10-31 23:00 - 008189440 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2018-11-14 04:36 - 2018-10-31 23:00 - 000433664 _____ (Microsoft Corporation) C:\Windows\System32\MusNotification.exe
2018-11-14 04:36 - 2018-10-31 22:59 - 000322048 _____ (Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
2018-11-14 04:36 - 2018-10-31 22:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\System32\tetheringservice.dll
2018-11-14 04:36 - 2018-10-31 22:59 - 000192000 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2018-11-14 04:36 - 2018-10-31 22:59 - 000176128 _____ (Microsoft Corporation) C:\Windows\System32\WPTaskScheduler.dll
2018-11-14 04:36 - 2018-10-31 22:59 - 000107520 _____ (Microsoft Corporation) C:\Windows\System32\dab.dll
2018-11-14 04:36 - 2018-10-31 22:58 - 000273408 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2018-11-14 04:36 - 2018-10-31 22:58 - 000149504 _____ (Microsoft Corporation) C:\Windows\System32\dssvc.dll
2018-11-14 04:36 - 2018-10-31 22:57 - 001804288 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2018-11-14 04:36 - 2018-10-31 22:57 - 000898560 _____ (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll
2018-11-14 04:36 - 2018-10-31 22:57 - 000835584 _____ (Microsoft Corporation) C:\Windows\System32\PhoneService.dll
2018-11-14 04:36 - 2018-10-31 22:57 - 000281600 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2018-11-14 04:36 - 2018-10-31 22:57 - 000265728 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2018-11-14 04:36 - 2018-10-31 22:56 - 002929664 _____ (Microsoft Corporation) C:\Windows\System32\xpsservices.dll
2018-11-14 04:36 - 2018-10-31 22:56 - 001395200 _____ (Microsoft Corporation) C:\Windows\System32\TokenBroker.dll
2018-11-14 04:36 - 2018-10-31 22:56 - 000506880 _____ (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2018-11-14 04:36 - 2018-10-31 22:54 - 001679360 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2018-11-14 04:36 - 2018-10-31 22:54 - 000916480 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 04:36 - 2018-10-31 22:54 - 000606208 _____ (Microsoft Corporation) C:\Windows\System32\updatehandlers.dll
2018-11-14 04:36 - 2018-10-31 22:53 - 002248192 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2018-11-14 04:36 - 2018-10-31 22:53 - 001373696 _____ (Microsoft Corporation) C:\Windows\System32\usocore.dll
2018-11-14 04:36 - 2018-10-31 22:53 - 001159680 _____ (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2018-11-14 04:36 - 2018-10-31 22:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2018-11-14 04:36 - 2018-10-31 20:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-14 04:36 - 2018-10-31 20:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-11-14 04:36 - 2018-10-31 20:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coml2.dll
2018-11-14 04:36 - 2018-10-31 20:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 04:36 - 2018-10-31 20:47 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-11-14 04:36 - 2018-10-31 20:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 04:36 - 2018-10-31 20:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-14 04:36 - 2018-10-31 20:29 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2018-11-14 04:36 - 2018-10-31 20:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 04:36 - 2018-10-31 20:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-11-14 04:36 - 2018-10-31 20:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 04:36 - 2018-10-31 20:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 04:36 - 2018-10-21 05:04 - 002267448 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntSubsystems64.dll
2018-11-14 04:36 - 2018-10-21 05:00 - 001639560 _____ (Microsoft Corporation) C:\Windows\System32\user32.dll
2018-11-14 04:36 - 2018-10-21 05:00 - 001516120 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2018-11-14 04:36 - 2018-10-21 05:00 - 000790416 _____ (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
2018-11-14 04:36 - 2018-10-21 05:00 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2018-11-14 04:36 - 2018-10-21 04:59 - 000766480 _____ (Microsoft Corporation) C:\Windows\System32\LicensingWinRT.dll
2018-11-14 04:36 - 2018-10-21 04:59 - 000236728 _____ (Microsoft Corporation) C:\Windows\System32\EditionUpgradeManagerObj.dll
2018-11-14 04:36 - 2018-10-21 04:46 - 004393472 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_nt.dll
2018-11-14 04:36 - 2018-10-21 04:45 - 000123392 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2018-11-14 04:36 - 2018-10-21 04:44 - 000623104 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe
2018-11-14 04:36 - 2018-10-21 04:44 - 000085504 _____ (Microsoft Corporation) C:\Windows\System32\INETRES.dll
2018-11-14 04:36 - 2018-10-21 04:43 - 000345600 _____ (Microsoft Corporation) C:\Windows\System32\AcGenral.dll
2018-11-14 04:36 - 2018-10-21 04:43 - 000276992 _____ (Microsoft Corporation) C:\Windows\System32\wisp.dll
2018-11-14 04:36 - 2018-10-21 04:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\System32\LanguageComponentsInstaller.dll
2018-11-14 04:36 - 2018-10-21 04:42 - 001127936 _____ (Microsoft Corporation) C:\Windows\System32\nettrace.dll
2018-11-14 04:36 - 2018-10-21 04:42 - 000765440 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2018-11-14 04:36 - 2018-10-21 04:42 - 000592896 _____ (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2018-11-14 04:36 - 2018-10-21 04:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\System32\EditionUpgradeHelper.dll
2018-11-14 04:36 - 2018-10-21 04:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2018-11-14 04:36 - 2018-10-21 03:41 - 001540408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2018-11-14 04:36 - 2018-10-21 03:38 - 001322376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-11-14 04:36 - 2018-10-21 03:38 - 000662312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-11-14 04:36 - 2018-10-21 03:38 - 000660480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2018-11-14 04:36 - 2018-10-21 03:38 - 000221216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-14 04:36 - 2018-10-21 03:37 - 001626656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2018-11-14 04:36 - 2018-10-21 03:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-11-14 04:36 - 2018-10-21 03:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2018-11-14 04:36 - 2018-10-21 03:23 - 000523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2018-11-14 04:36 - 2018-10-21 03:22 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-11-14 04:36 - 2018-10-21 03:22 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2018-11-14 04:36 - 2018-10-21 01:29 - 001008640 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.MixedRealityCapture.dll
2018-11-14 04:36 - 2018-10-21 00:44 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-14 04:36 - 2018-10-20 23:46 - 000717112 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_StorageSense.dll
2018-11-14 04:36 - 2018-10-20 23:46 - 000611640 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2018-11-14 04:36 - 2018-10-20 23:46 - 000560136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2018-11-14 04:36 - 2018-10-20 23:46 - 000497864 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Enumeration.dll
2018-11-14 04:36 - 2018-10-20 23:45 - 003283512 _____ (Microsoft Corporation) C:\Windows\System32\CoreUIComponents.dll
2018-11-14 04:36 - 2018-10-20 23:45 - 001098064 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2018-11-14 04:36 - 2018-10-20 23:45 - 000607136 _____ (Microsoft Corporation) C:\Windows\System32\TextInputFramework.dll
2018-11-14 04:36 - 2018-10-20 23:45 - 000185120 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2018-11-14 04:36 - 2018-10-20 23:45 - 000175624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spacedump.sys
2018-11-14 04:36 - 2018-10-20 23:45 - 000139792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2018-11-14 04:36 - 2018-10-20 23:45 - 000058088 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2018-11-14 04:36 - 2018-10-20 23:28 - 016592384 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2018-11-14 04:36 - 2018-10-20 23:21 - 001589248 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2018-11-14 04:36 - 2018-10-20 23:21 - 000123424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-14 04:36 - 2018-10-20 23:20 - 000424000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-14 04:36 - 2018-10-20 23:20 - 000161792 _____ (Microsoft Corporation) C:\Windows\System32\spacebridge.dll
2018-11-14 04:36 - 2018-10-20 23:20 - 000141312 _____ C:\Windows\System32\DataStoreCacheDumpTool.exe
2018-11-14 04:36 - 2018-10-20 23:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\System32\wcimage.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 002487088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 001130768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000514560 _____ (Microsoft Corporation) C:\Windows\System32\nltest.exe
2018-11-14 04:36 - 2018-10-20 23:19 - 000505616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000463360 _____ (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000409088 _____ (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000228864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\winnat.sys
2018-11-14 04:36 - 2018-10-20 23:19 - 000228352 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Web.Diagnostics.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000137728 _____ (Microsoft Corporation) C:\Windows\System32\InputLocaleManager.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000086528 _____ (Microsoft Corporation) C:\Windows\System32\ofdeploy.exe
2018-11-14 04:36 - 2018-10-20 23:19 - 000060928 _____ (Microsoft Corporation) C:\Windows\System32\BthAvrcpAppSvc.dll
2018-11-14 04:36 - 2018-10-20 23:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhf.sys
2018-11-14 04:36 - 2018-10-20 23:19 - 000028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2018-11-14 04:36 - 2018-10-20 23:18 - 000761344 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2018-11-14 04:36 - 2018-10-20 23:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Activities.dll
2018-11-14 04:36 - 2018-10-20 23:18 - 000275456 _____ (Microsoft Corporation) C:\Windows\System32\scecli.dll
2018-11-14 04:36 - 2018-10-20 23:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\System32\DAFWSD.dll
2018-11-14 04:36 - 2018-10-20 23:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\System32\officecsp.dll
2018-11-14 04:36 - 2018-10-20 23:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\System32\seclogon.dll
2018-11-14 04:36 - 2018-10-20 23:17 - 001668096 _____ (Microsoft Corporation) C:\Windows\System32\cdprt.dll
2018-11-14 04:36 - 2018-10-20 23:17 - 000787456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdiWiFi.sys
2018-11-14 04:36 - 2018-10-20 23:17 - 000473600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2018-11-14 04:36 - 2018-10-20 23:17 - 000311296 _____ (Microsoft Corporation) C:\Windows\System32\BthAvrcp.dll
2018-11-14 04:36 - 2018-10-20 23:17 - 000271872 _____ (Microsoft Corporation) C:\Windows\System32\dafBth.dll
2018-11-14 04:36 - 2018-10-20 23:16 - 000847360 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2018-11-14 04:36 - 2018-10-20 23:16 - 000323584 _____ (Microsoft Corporation) C:\Windows\System32\AppxAllUserStore.dll
2018-11-14 04:36 - 2018-10-20 23:15 - 003212800 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2018-11-14 04:36 - 2018-10-20 23:15 - 000743936 _____ (Microsoft Corporation) C:\Windows\System32\PrintRenderAPIHost.DLL
2018-11-14 04:36 - 2018-10-20 23:15 - 000401920 _____ (Microsoft Corporation) C:\Windows\System32\rascustom.dll
2018-11-14 04:36 - 2018-10-20 23:14 - 001919488 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2018-11-14 04:36 - 2018-10-20 23:14 - 001854976 _____ (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2018-11-14 04:36 - 2018-10-20 23:14 - 000632320 _____ (Microsoft Corporation) C:\Windows\System32\cdpsvc.dll
2018-11-14 04:36 - 2018-10-20 23:14 - 000453632 _____ (Microsoft Corporation) C:\Windows\System32\cdpusersvc.dll
2018-11-14 04:36 - 2018-10-20 23:09 - 013873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-11-14 04:36 - 2018-10-20 23:02 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2018-11-14 04:36 - 2018-10-20 23:01 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-14 04:36 - 2018-10-20 23:01 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-14 04:36 - 2018-10-20 23:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2018-11-14 04:36 - 2018-10-20 22:59 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-11-14 04:36 - 2018-10-20 22:58 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2018-11-14 04:36 - 2018-10-20 22:58 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 04:36 - 2018-10-20 22:58 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2018-11-14 04:36 - 2018-10-20 22:57 - 002611200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-11-14 04:36 - 2018-10-20 21:59 - 000806320 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 04:36 - 2018-10-20 21:59 - 000806320 _____ C:\Windows\System32\locale.nls
2018-11-13 14:17 - 2018-11-13 14:17 - 000039504 _____ (Intel Corporation) C:\Windows\System32\Drivers\ICCWDT.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-12 15:10 - 2018-05-16 09:41 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-12 15:10 - 2018-04-11 13:04 - 000786432 _____ C:\Windows\System32\config\BBI
2018-12-12 14:51 - 2018-04-11 15:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-12 14:50 - 2015-12-18 05:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-12 14:45 - 2018-05-16 09:41 - 000428644 _____ C:\Windows\System32\PerfStringBackup.INI
2018-12-12 14:45 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\INF
2018-12-12 14:43 - 2018-03-21 06:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-12 14:41 - 2015-07-20 19:58 - 000000000 ____D C:\Users\PC\Documents\Assassin's Creed Unity
2018-12-12 14:09 - 2018-04-11 15:30 - 000000000 ____D C:\Windows\CbsTemp
2018-12-12 14:04 - 2018-05-15 23:30 - 000000000 ___DC C:\Windows\Panther
2018-12-12 14:00 - 2016-12-03 00:30 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2018-12-12 13:34 - 2018-05-16 09:36 - 000000000 ____D C:\Windows\System32\SleepStudy
2018-12-12 04:05 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\AppReadiness
2018-12-12 04:05 - 2015-08-18 11:30 - 000000000 ___RD C:\Users\PC\3D Objects
2018-12-12 04:05 - 2015-08-05 10:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-12 04:04 - 2018-05-16 09:36 - 000269920 _____ C:\Windows\System32\FNTCACHE.DAT
2018-12-12 04:03 - 2018-04-11 15:38 - 000000000 ___SD C:\Windows\System32\DiagSvcs
2018-12-12 04:03 - 2018-04-11 15:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-12-12 04:03 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\TextInput
2018-12-12 04:03 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\ShellComponents
2018-12-12 04:03 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\bcastdvr
2018-12-12 02:51 - 2015-07-16 11:32 - 137260640 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2018-12-12 02:51 - 2015-07-16 11:32 - 000000000 ____D C:\Windows\System32\MRT
2018-12-12 02:42 - 2018-04-11 15:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-10 12:39 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\Help
2018-12-10 12:39 - 2018-03-21 06:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-10 12:39 - 2018-03-21 06:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-10 12:39 - 2018-03-21 06:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-10 11:28 - 2015-07-16 09:37 - 000000000 ____D C:\Users\PC\Downloads\Applications
2018-12-10 04:52 - 2018-03-25 04:06 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2018-12-10 04:32 - 2016-01-28 09:12 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2018-12-10 04:24 - 2018-04-01 02:10 - 000000000 ____D C:\ProgramData\CLink4
2018-12-10 02:53 - 2016-10-13 11:57 - 000018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2018-12-10 02:32 - 2015-07-16 05:12 - 000000000 ____D C:\ProgramData\Samsung
2018-12-10 02:02 - 2018-08-02 05:40 - 112914432 _____ C:\Windows\System32\config\SOFTWARE.iodefrag.bak
2018-12-10 02:02 - 2018-08-02 05:40 - 005525504 _____ C:\Windows\System32\config\DRIVERS.iodefrag.bak
2018-12-10 02:02 - 2018-08-02 05:40 - 003043328 _____ C:\Windows\System32\config\DEFAULT.iodefrag.bak
2018-12-10 02:02 - 2018-08-02 05:40 - 000073728 _____ C:\Windows\System32\config\SAM.iodefrag.bak
2018-12-10 02:02 - 2018-08-02 05:40 - 000045056 _____ C:\Windows\System32\config\SECURITY.iodefrag.bak
2018-12-09 06:25 - 2018-03-25 05:24 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-12-09 04:20 - 2018-05-16 09:37 - 000000000 ____D C:\users\PC
2018-12-07 13:42 - 2017-11-18 13:48 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-12-07 10:35 - 2016-07-29 11:58 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2018-12-07 10:34 - 2017-05-14 22:05 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-12-07 08:55 - 2015-07-16 05:26 - 000000000 __RDL C:\Users\PC\OneDrive
2018-12-07 08:12 - 2015-07-16 05:41 - 000000000 ____D C:\ProgramData\ProductData
2018-12-06 15:40 - 2015-07-16 04:57 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2018-12-06 14:24 - 2015-07-16 05:43 - 000000000 ___RD C:\Users\PC\Desktop\OverClockin'
2018-12-06 03:17 - 2018-05-18 09:33 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2018-12-05 17:11 - 2015-07-15 08:25 - 000000000 ____D C:\Windows\CSC
2018-12-05 16:01 - 2013-08-22 07:36 - 000000000 ___HD C:\Windows\System32\GroupPolicy
2018-12-05 15:14 - 2015-08-19 12:01 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Temp
2018-12-05 14:56 - 2018-04-11 13:04 - 000032768 _____ C:\Windows\System32\config\ELAM
2018-12-05 14:11 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-12-05 12:36 - 2018-02-16 20:58 - 000000000 ____D C:\Users\PC\Downloads\GTA V Mods
2018-12-05 12:27 - 2018-04-11 15:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-12-05 09:22 - 2015-07-16 09:38 - 000000000 ____D C:\Users\PC\Downloads\Overclocking
2018-12-05 08:50 - 2018-05-16 09:41 - 000004576 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-05 08:49 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-05 08:49 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\System32\Macromed
2018-12-04 05:56 - 2018-04-06 01:22 - 000000000 ____D C:\Windows\System32\Drivers\wd
2018-12-04 05:46 - 2015-07-16 06:15 - 000592416 _____ (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2018-12-03 05:18 - 2015-07-16 06:32 - 000000000 ___RD C:\Users\PC\Desktop\Games
2018-12-02 04:08 - 2015-07-16 10:42 - 000000000 ____D C:\ProgramData\Origin
2018-12-02 01:22 - 2015-07-16 05:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2018-12-02 01:21 - 2017-03-15 00:41 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-11-16 22:32 - 2015-07-16 09:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2018-11-15 20:41 - 2015-07-19 01:44 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-15 20:41 - 2015-07-19 01:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-15 11:28 - 2018-03-25 04:04 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-11-15 05:36 - 2018-11-12 09:44 - 000002339 _____ C:\Users\PC\Desktop\Deezer.lnk
2018-11-15 05:36 - 2018-11-12 09:44 - 000000000 ____D C:\Users\PC\AppData\Roaming\Deezer
2018-11-14 10:58 - 2018-10-12 02:31 - 078589952 _____ C:\Windows\System32\config\COMPONENTS.iodefrag.bak
2018-11-14 10:57 - 2018-04-11 15:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-11-14 10:57 - 2018-04-11 15:38 - 000000000 ___SD C:\Windows\System32\F12
2018-11-14 10:57 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\System32\ShellExperiences
2018-11-14 10:57 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-11-13 14:15 - 2018-08-01 15:44 - 000002912 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (PC)
2018-11-13 14:07 - 2015-07-16 05:41 - 000000000 ____D C:\ProgramData\IObit
2018-11-13 13:43 - 2015-07-17 03:40 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics

Some files in TEMP:
====================
2018-12-10 11:20 - 2018-12-12 14:41 - 001639936 _____ (CPUID) C:\Users\PC\AppData\Local\Temp\speccycpuid.dll

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points  =========================

Restore point date: 2018-12-11 04:25
Restore point date: 2018-12-12 14:40

==================== Memory info =========================== 

Percentage of memory in use: 6%
Total physical RAM: 16334.8 MB
Available physical RAM: 15195.3 MB
Total Virtual: 16334.8 MB
Available Virtual: 15244.02 MB

==================== Drives ================================

Drive 😄 (SSD) (Fixed) (Total:462.04 GB) (Free:202.56 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (ESD-USB) (Removable) (Total:7.19 GB) (Free:3.41 GB) FAT32
Drive g: (HDD) (Fixed) (Total:931.17 GB) (Free:317.19 GB) NTFS
Drive h: (System Reserved) (Fixed) (Total:1.42 GB) (Free:1.04 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive i: () (Fixed) (Total:0.45 GB) (Free:0.04 GB) NTFS
Drive j: () (Fixed) (Total:1.84 GB) (Free:1.45 GB) NTFS
Drive k: (SSHD) (Fixed) (Total:1862.67 GB) (Free:648.66 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 958718AE)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 054F3EBD)
Partition 1: (Not Active) - (Size=1.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=462 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=461 MB) - (Type=27)
Partition 4: (Not Active) - (Size=1.8 GB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: BE0158D9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 7.2 GB) (Disk ID: 17C920BD)
Partition 1: (Active) - (Size=7.2 GB) - (Type=0C)

LastRegBack: 2018-05-16 09:36

==================== End of FRST.txt ============================

FRST.txt

Share this post


Link to post
Share on other sites

Here is an exact breakdown of which files appear on every startup including the registry after the pop up appears: 

At C:\Users\PC\AppData\Local\Temp
An INSXXX.tmp file, with the Xs representing a random digit/alphabet. These are the variations I have gotten on the past startups : 

InsF056, InsEF5C, InsEF8B, InsEE52, InsEDF5, InsEFBA, InsECDB, InsED78, InsEE72, InsECBD, InsECBC, InsED39, InsEC01, InsEBA3, InsEB16, InsD6B6, InsED2A, InsEC10
 

An empty LuUpdater.log

Three .tmp files that change randomly on each startup. The most recent startup included these: 

{1B597CEB-EEFB-4772-9668-0C50A05C00B1}

{7DD8CDF8-B3C2-4baa-8269-F9D95561648F}

{E2AB6399-A1D5-47c0-953D-FF3DD1927DC6}

A folder titled !@tDD1.tmp.dir containing two icons: computer_rescue_icon and soft_manager_icon with .png formats. The "DD1" in the folder's title changes randomly on each startup.

A folder with a randomly generated title {C3E0FC33-FDAA-4d16-AE7A-782FE3199A97}.tmp containing 360P2SP.dll and an empty folder with fixed title liveupdatelog

In the registry: 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe

Each INSxxx.tmp created creates two entries under Firewall Rules, the below list is the accumulation of four startups:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15B29787-9708-4E8A-8F5D-36683C851C72}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsD6B6.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5DD8F2DB-1AAC-4882-921D-2826CE6AEF01}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsD6B6.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0657E434-1A21-49F7-AB22-D36B69C73600}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsED2A.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{991F4E9C-54AE-49CF-BB57-391EA6BC4BF9}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsED2A.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1337A5C3-2839-4FD2-93DB-BEDF7D24605B}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsEC10.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4519D765-73B9-4A66-9880-062BB7DFB046}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsEC10.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B6582A29-2148-4739-B9D0-11829B12796B}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsEBF1.tmp|Name=360安全卫士-安装|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{9B06CA76-E95D-4EE8-9345-D9861134DC61}"="v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\PC\AppData\Local\Temp\InsEBF1.tmp|Name=360安全卫士-安装|"
 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LiveUpdate360

PendingFileRenameOperations under Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager with the below as it's data:

\??\C:\Users\PC\AppData\Local\Temp\!@tDD1.tmp.dir\computer_rescue_icon.png

\??\C:\Users\PC\AppData\Local\Temp\!@tDD1.tmp.dir\soft_manager_icon.png

\??\C:\Users\PC\AppData\Local\Temp\!@tDD1.tmp.dir\

 

To my knowledge these are all the files and entries that are created on each startup post pop-up. 

1.jpg

2.jpg

3.jpg

4.jpg

Share this post


Link to post
Share on other sites

That file is a log, should not be a cause for concern..

Save the attached file fixlist.txt to your flash drive, same place as FRST.

Plug Flashdrive back into Sick PC, Run System Recovery Options as you did to get the log.

Run FRST and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot to Normal mode on completion, any change...?

 

fixlist.txt

Share this post


Link to post
Share on other sites

Yep relentless is a very good description. If this was my system I would now run the registry backup fix with FRST via RE.

One other point worth considering is to let 360 install, reboot when done. Now run a thorough Uninstall with an uninstaller tool such as GeekUninstaller

What are your thoughts....

Share this post


Link to post
Share on other sites

I was actually considering just that, and I even made a restore point and have a folder on my hard drive titled 360 Trial Install but didn't go through with it. My hard drive is basically a backup drive and no windows, would installing it there be ideal and less invasive? Also, what are the possible risks of doing a registry restore? 

Share this post


Link to post
Share on other sites

When th program is installed the popups should cease, what happens after a thorough uninstall is anyones guess. I suppose we could be back to the popup, so no big deal..

The reg backup fix LastRegBack: 2018-05-16 09:36 takes the registry back to the listed date, whatever changes you`ve made since then are lost. That should include our popup...

Share this post


Link to post
Share on other sites

I ended up installing the software then going into safe mode and deleting every last god damn file related to the app and it seemed all clear. I restarted and it STILL pops up... How is this even possible?

Share this post


Link to post
Share on other sites

There must be a hidden service that puts all the removed entries back after a reboot, i`ve never seen anything like this before. There is a thread at BC more or less the same, we have other guys looking for a reason, as yet none are found.

How do you feel about using the reg backup, this would be all hives reverted back to 2018-05-16, obviously any software that has been installed since then would have to be reinstalled. I would expect the popup would not be there after a total registry change, I cannot give a cast iron guarantee...

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.