MALWAREBYTES
Malwarebytes
www.malwarebytes.com
-Dettagli log-
Data scansione: 08/06/20
Ora scansione: 22:56
File di log: 853c0f74-a9ca-11ea-a293-00205a718ba6.json
-Informazioni software-
Versione: 3.6.1.2711
Versione componenti: 1.0.463
Aggiorna versione pacchetto: 1.0.16506
Licenza: Trial
-Informazioni sistema-
SO: Windows 10 (Build 18362.836)
CPU: x64
File system: NTFS
Utente: DESKTOP-73B3OPP\Marco
-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 291609
Minacce rilevate: 0
Minacce messe in quarantena: 0
Tempo impiegato: 1 min, 47 sec
-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare
-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)
Modulo: 0
(Nessun elemento nocivo rilevato)
Chiave di registro: 0
(Nessun elemento nocivo rilevato)
Valore di registro: 0
(Nessun elemento nocivo rilevato)
Dati di registro: 0
(Nessun elemento nocivo rilevato)
Flusso di dati: 0
(Nessun elemento nocivo rilevato)
Cartella: 0
(Nessun elemento nocivo rilevato)
File: 0
(Nessun elemento nocivo rilevato)
Settore fisico: 0
(Nessun elemento nocivo rilevato)
WMI: 0
(Nessun elemento nocivo rilevato)
(end)
ADWCLEANER
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-26.2 (Cloud)
# Support:
https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 6
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Marco\AppData\Roaming\Wise Euask
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1944 octets] - [08/06/2020 23:01:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
ROGUEKILLER
RogueKiller Anti-Malware V14.5.0.0 (x64) [May 27 2020] (Free) by Adlice Software
mail :
https://adlice.com/contact/
Website :
https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : Marco [Administrator]
Started from : C:\Users\Marco\Downloads\RogueKiller_portable64.exe
Signatures : 20200608_121847, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/06/08 23:10:27 (Duration : 00:05:24)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] (folder) DriverSetupUtility -- C:\ProgramData\DriverSetupUtility -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) DriverSetupUtility -- C:\Program Files\DriverSetupUtility -> Found
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
FRST
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Marco (administrator) on DESKTOP-73B3OPP (Acer Nitro AN515-52) (08-06-2020 23:20:07)
Running from C:\Users\Marco\Desktop
Loaded Profiles: Marco
Platform: Windows 10 Pro Version 1909 18363.836 (X64) Language: Italiano (Italia)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\NitroSense Service\PSAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\NitroSense Service\PSAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\NitroSense Service\PSSvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_e335ebb186115025\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(TomTom) [File not signed] C:\Program Files\TomTom HOME\TTHOMEService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-10-23] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-12] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13177008 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3074752 2020-05-07] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-05-22] (Valve -> Valve Corporation)
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME\TTHOMERunner.exe [332288 2019-12-17] (TomTom) [File not signed]
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-06-07]
ShortcutTarget: GenuineService.lnk -> C:\Users\Marco\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0ED790FD-0EF7-474B-AAEC-00123878C04A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0F281506-DF47-4F48-AE76-40AD341F89FB} - System32\Tasks\NitroSense => C:\Program Files (x86)\Acer\NitroSense Service\PSLauncher.exe [580416 2018-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {0F54F66E-A12D-4C43-B2E0-A521A31EDEDF} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5754352 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {17433460-EF44-473A-A8D1-196E537E06CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1BD182D0-1A29-4086-9DB2-56E1B6AC83E6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20C93B2E-75CF-4BBF-8909-11931EB558B5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {46A7241F-CE15-4700-8FD1-2EE163ED4BD4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13177008 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {58888F37-614B-45B0-9E45-1DBDFAD388BA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58A23367-7304-40F0-8A35-D1C773A5D8F3} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5754352 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {5C22A15E-E444-4C06-AAF3-A2640D7B0324} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6EB6458B-40C8-4F6D-85F0-B0D230A3335A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {70DBB286-DE3D-4DB2-8D89-A00575B57374} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491320 2020-05-12] (Bitdefender SRL -> Bitdefender)
Task: {72B6876C-4574-4FFC-89BF-CBDF940A4CFE} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {80D3BC51-47D6-45B6-8A5F-BAE0CB7A46C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-21] (Google LLC -> Google LLC)
Task: {980A127D-C481-4118-A5F2-727191AE18C4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A18A6492-A65F-48EA-8F45-F70A6D32E793} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2F61803-5AE6-4329-B31D-039142DE4AD7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B54CC079-38F4-4EBA-A03E-31B669E0B0B3} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13177008 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {BF91F94D-E01B-4486-B3AA-731CDF06809B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-21] (Google LLC -> Google LLC)
Task: {C014B1D6-B296-4A5D-BD23-48E904E1E411} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5754352 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D186149D-38EC-4181-9061-A1444BE706BC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-01-31] (Acer Incorporated -> Acer Incorporated)
Task: {D6B66C89-AA1E-4A11-8D8C-A5C430923F9B} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [4197032 2017-11-14] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {E7E089B5-E0C2-4562-970F-A8F888C7DC20} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EAEAF2AC-297A-4B35-A850-617CA7BB33E0} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5754352 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F39CE43A-9C73-43C3-A2B0-AB8187ECA976} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13177008 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F3ABDFEF-8291-4E4F-80B8-98D32927A286} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5754352 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45a945eb-1cc5-4cd7-9e53-af59e5b750f2}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{a47b45b6-5292-4cd8-866a-26c882061367}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{a47b45b6-5292-4cd8-866a-26c882061367}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ac8dc660-5fba-4b21-8bbb-b71b9fa83f92}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{ac8dc660-5fba-4b21-8bbb-b71b9fa83f92}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3162225256-117509224-3689321729-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3162225256-117509224-3689321729-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Marco\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-13] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default [2020-06-08]
CHR StartupUrls: Default -> "hxxp://duckduckgo.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-21]
CHR Extension: (DuckDuckGo) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2020-05-29]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-21]
CHR Extension: (HTTPS Everywhere) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-05-21]
CHR Extension: (StopFingerprinting) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhlgmfkolojpnmhgggilmillpcokmnb [2020-04-21]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-21]
CHR Extension: (WebRTC Network Limiter) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2020-04-21]
CHR Extension: (uMatrix) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2020-04-21]
CHR Extension: (Gmail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-23]
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-08]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [414720 2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11326384 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11326384 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675496 2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [214672 2018-01-31] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-11-30] (Intel(R) Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [860016 2020-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1352120 2020-05-12] (Bitdefender SRL -> Bitdefender)
R3 PSSvc; C:\Program Files (x86)\Acer\NitroSense Service\PSSvc.exe [717120 2018-09-10] (Acer Incorporated -> Acer Incorporated)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [File not signed]
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-03-17] (Bitdefender SRL -> Bitdefender)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-04-09] (Oracle Corporation -> Oracle Corporation)
U2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [463312 2020-05-12] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-03-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-25] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-11-30] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29912 2019-05-03] (Acer Incorporated -> Acer Incorporated)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [2106424 2020-05-08] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [757240 2020-04-30] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [39056 2020-01-08] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844176 2020-01-08] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [47072 2020-01-08] (Comodo Security Solutions, Inc. -> COMODO)
S3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [453344 2020-04-21] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [129208 2020-01-08] (Comodo Security Solutions, Inc. -> COMODO)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [200232 2020-06-01] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_f8f5bc8650263f5c\nvlddmkm.sys [23234064 2020-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-11-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [638368 2020-01-31] (Bitdefender SRL -> Bitdefender)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237824 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [631200 2020-04-25] (IDRIX -> IDRIX)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [379048 2020-04-13] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [394680 2020-05-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-08 23:20 - 2020-06-08 23:20 - 000028439 _____ C:\Users\Marco\Desktop\FRST.txt
2020-06-08 23:19 - 2020-06-08 23:20 - 000000000 ____D C:\FRST
2020-06-08 23:17 - 2020-06-08 23:17 - 002289152 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2020-06-08 23:16 - 2020-06-08 23:16 - 000002512 _____ C:\Users\Marco\Desktop\Rgk.txt
2020-06-08 23:08 - 2020-06-08 23:10 - 000000000 ____D C:\ProgramData\RogueKiller
2020-06-08 23:07 - 2020-06-08 23:07 - 030112824 _____ C:\Users\Marco\Downloads\RogueKiller_portable64.exe
2020-06-08 23:00 - 2020-06-08 23:02 - 000000000 ____D C:\AdwCleaner
2020-06-08 22:59 - 2020-06-08 23:00 - 008402608 _____ (Malwarebytes) C:\Users\Marco\Downloads\adwcleaner_8.0.5.exe
2020-06-08 18:24 - 2020-06-08 18:24 - 000000000 ____D C:\Users\Marco\AppData\Local\PeerDistRepub
2020-06-08 14:17 - 2020-06-08 14:18 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\ConnectedDevicesPlatform
2020-06-08 14:17 - 2020-06-08 14:18 - 000000000 ____D C:\Users\defaultuser100000
2020-06-08 12:01 - 2020-06-08 12:04 - 000000000 ____D C:\Windows\CSC
2020-06-08 12:01 - 2020-06-08 12:01 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2020-06-08 12:01 - 2020-06-08 12:01 - 000000000 ___SD C:\Windows\system32\AppV
2020-06-08 12:01 - 2020-06-08 12:01 - 000000000 ____D C:\Windows\RemotePackages
2020-06-08 12:01 - 2020-06-08 12:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-06-07 16:27 - 2020-06-08 23:12 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2020-06-07 16:27 - 2020-06-07 16:29 - 000000000 ____D C:\Users\Marco\AppData\Local\Comodo
2020-06-07 16:27 - 2020-06-07 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2020-06-07 16:27 - 2020-06-07 16:29 - 000000000 ____D C:\Program Files (x86)\Comodo
2020-06-07 16:27 - 2020-06-07 16:27 - 000002138 _____ C:\Users\Public\Desktop\COMODO Internet Security Premium.lnk
2020-06-07 16:27 - 2020-06-07 16:27 - 000002138 _____ C:\ProgramData\Desktop\COMODO Internet Security Premium.lnk
2020-06-07 16:27 - 2020-06-07 16:27 - 000000000 ____D C:\Windows\system32\Tasks\COMODO
2020-06-07 16:27 - 2020-06-07 16:27 - 000000000 ____D C:\Program Files\COMODO
2020-06-07 16:27 - 2020-01-27 15:36 - 000017576 _____ (COMODO) C:\Windows\system32\Drivers\cmdboot.sys
2020-06-07 16:25 - 2020-06-07 16:29 - 000000000 ____D C:\ProgramData\Comodo
2020-06-07 16:25 - 2020-06-07 16:25 - 000000000 ____D C:\ProgramData\Shared Space
2020-06-04 17:47 - 2020-06-04 17:47 - 000001657 _____ C:\Users\Marco\Desktop\JW Library.lnk
2020-06-02 18:06 - 2020-06-02 18:06 - 000000000 ____D C:\Users\Marco\AppData\Roaming\dvdcss
2020-06-01 12:36 - 2020-06-01 12:36 - 000200232 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-06-01 12:36 - 2020-06-01 12:36 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-01 12:36 - 2020-06-01 12:36 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-01 12:36 - 2020-06-01 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-06-01 12:36 - 2020-06-01 12:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-01 12:36 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-06-01 12:14 - 2020-06-01 12:14 - 000000000 ____D C:\Program Files\UNP
2020-06-01 11:59 - 2020-06-01 11:59 - 000001192 _____ C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2020-06-01 11:59 - 2020-06-01 11:59 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2020-06-01 11:58 - 2020-06-01 11:58 - 000003802 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-06-01 11:58 - 2020-06-01 11:58 - 000001207 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2020-06-01 11:58 - 2020-06-01 11:58 - 000001207 _____ C:\ProgramData\Desktop\Bitdefender Antivirus Free.lnk
2020-06-01 11:58 - 2020-06-01 11:58 - 000000000 ____D C:\ProgramData\Bitdefender
2020-06-01 11:58 - 2020-02-03 16:53 - 000309120 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\edrsensor.sys
2020-06-01 11:58 - 2020-01-31 17:11 - 000638368 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2020-06-01 11:58 - 2019-03-21 01:12 - 000022960 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2020-06-01 11:57 - 2020-06-08 23:02 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-06-01 11:57 - 2020-05-08 17:26 - 002106424 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2020-06-01 11:57 - 2020-04-30 18:04 - 000757240 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2020-06-01 11:57 - 2020-04-21 18:19 - 000453344 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2020-06-01 11:57 - 2020-04-13 14:56 - 000379048 _____ (Bitdefender) C:\Windows\system32\Drivers\vlflt.sys
2020-06-01 11:56 - 2020-06-01 12:01 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-06-01 11:56 - 2020-06-01 11:56 - 000115508 _____ C:\ProgramData\agent.1591005382.bdinstall.v2.bin
2020-06-01 11:41 - 2020-06-01 11:43 - 000000000 ____D C:\Users\Marco\AppData\LocalLow\IGDump
2020-05-30 19:10 - 2020-06-01 18:09 - 000000000 ____D C:\Users\Marco\AppData\Roaming\qBittorrent
2020-05-30 19:10 - 2020-05-30 19:10 - 000000889 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2020-05-30 19:10 - 2020-05-30 19:10 - 000000889 _____ C:\ProgramData\Desktop\qBittorrent.lnk
2020-05-30 19:10 - 2020-05-30 19:10 - 000000000 ____D C:\Users\Marco\AppData\Local\qBittorrent
2020-05-30 19:10 - 2020-05-30 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-05-30 19:10 - 2020-05-30 19:10 - 000000000 ____D C:\Program Files\qBittorrent
2020-05-29 23:30 - 2020-05-29 23:59 - 000000000 ____D C:\Users\Marco\Documents\CloneSpy
2020-05-29 12:26 - 2020-05-29 12:26 - 000001032 _____ C:\Users\Public\Desktop\LibreOffice 6.4.lnk
2020-05-29 12:26 - 2020-05-29 12:26 - 000001032 _____ C:\ProgramData\Desktop\LibreOffice 6.4.lnk
2020-05-29 12:26 - 2020-05-29 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4
2020-05-29 12:25 - 2020-05-29 12:26 - 000000000 ____D C:\Program Files\LibreOffice
2020-05-26 19:26 - 2020-05-26 19:27 - 000000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.8
2020-05-26 19:26 - 2020-05-26 19:26 - 000000000 ____D C:\Users\Marco\AppData\Local\Package Cache
2020-05-24 12:16 - 2020-05-24 12:16 - 000005984 _____ C:\Users\Marco\AppData\Local\recently-used.xbel
2020-05-23 16:51 - 2020-05-24 00:24 - 000000000 ____D C:\Users\Marco\AppData\Local\SimilarImages
2020-05-23 16:51 - 2020-05-23 16:51 - 000000044 _____ C:\ProgramData\.SimImages
2020-05-23 15:52 - 2020-05-23 15:52 - 000000000 ____D C:\Users\Marco\Documents\EasyDuplicateFinder
2020-05-23 15:52 - 2020-05-23 15:52 - 000000000 ____D C:\Users\Marco\AppData\Roaming\Neos Eureka S.r.l
2020-05-23 15:52 - 2020-05-23 15:52 - 000000000 ____D C:\Users\Marco\AppData\Roaming\EasyDuplicateFinder
2020-05-23 15:52 - 2020-05-23 15:52 - 000000000 ____D C:\ProgramData\Easy Duplicate Finder
2020-05-23 13:05 - 2020-05-23 13:05 - 002510856 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 025902080 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 025444864 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 022638592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 019851264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 018029056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 009929528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 007822888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 007267840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 007011840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 006710272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 006525936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 006435328 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 006291456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 006168576 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 006082808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 005945856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 005340568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 005280192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 005111296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 005098352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 004612608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 004012032 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 003986944 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 003807232 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 003727360 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 003655680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 003513856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 002798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-05-15 10:18 - 2020-05-15 10:18 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-05-15 10:18 - 2020-05-15 10:18 - 002736640 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 002354688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 002073176 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001990576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001975808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001952872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001825280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001819648 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001737216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001665720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001654952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001646552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001637376 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001581056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001556200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001539072 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 001525760 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001510912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001505592 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001486336 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001461760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001428480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001417760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 001393960 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001393664 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001382400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001375232 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001373184 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001370112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001357312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001344000 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001343488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001336832 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001336320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001306424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001306112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001288648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001282560 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001260032 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001222656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001218560 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001214264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001213440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001195008 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001184256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001125376 _____ (Microsoft Corporation) C:\Windows\system32\CBDHSvc.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001107456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001099600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001098752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001085752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 001071616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001068032 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001048480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001034752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 001011712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000994304 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000943640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000911872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000896000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000894016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000891392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000888352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000881664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000879064 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000866304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000861696 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000859944 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000854528 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000852992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000847872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000843576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000819200 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000796904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000792808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputHost.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000778552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000777840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000752584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 000748544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000747832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000742200 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000716312 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000693672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000685368 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000683288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000673456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000672944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000668672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000655360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000652800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000650240 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000643584 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000628024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000602224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000594472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000581544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000573952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000572200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000564480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000557056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 000547992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000540200 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000539184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000524208 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000518456 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000513024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000512512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000509952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000506368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.PredictionUnit.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000500736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\MixedReality.Broker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-05-15 10:18 - 2020-05-15 10:18 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000467952 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000460200 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000453944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000451584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000442880 _____ (Microsoft Corporation) C:\Windows\system32\fhsettingsprovider.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000441584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000437248 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000435712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000418816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000408576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000406480 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000405424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000395776 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000390968 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000386320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\PickerPlatform.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AccountsRt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000345016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneOm.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000335360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Cortana.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000333128 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-05-15 10:18 - 2020-05-15 10:18 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000311096 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000310928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.CredDialogController.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000301064 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000299064 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TaskApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000292864 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Preview.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\ComposerFramework.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000273744 _____ (Microsoft Corporation) C:\Windows\system32\wkspbroker.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PickerPlatform.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000266552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SystemSettings.DataModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000262848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000260328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConsoleLogon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\PasswordEnrollmentManager.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\DataExchangeHost.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000245336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2020-05-15 10:18 - 2020-05-15 10:18 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000221496 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\MtcModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\DiagSvc.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000209208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\SwitcherDataModel.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000199992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000197432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000188928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000188416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2020-05-15 10:18 - 2020-05-15 10:18 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DataExchange.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\rdpinput.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Clipboard.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUxClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000176440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Management.Workplace.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.CapturePicker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000166912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000165176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\useractivitybroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Haptics.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppExtension.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000132712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingExperienceMEM.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\CredDialogBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\CaptureService.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\wkspbrokerAx.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gamingtcui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoipRT.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000109056 _____ C:\Windows\system32\RDVGHelper.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\socialapis.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\Family.Authentication.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000099104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkspbrokerAx.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000090936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000089328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeopleAPIs.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRBroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\TSSessionUX.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DiagnosticInvoker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbussdapi.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000068408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Printers.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coloradapterclient.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ffbroker.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\RdpSa.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RdpSa.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\RdpSaProxy.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RdpSaProxy.exe
2020-05-15 10:18 - 2020-05-15 10:18 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\localui.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-05-15 10:18 - 2020-05-15 10:18 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-05-15 10:17 - 2020-05-15 10:18 - 007902912 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 009339392 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 007297536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 006232568 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 003711488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 003581752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-05-15 10:17 - 2020-05-15 10:17 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002854400 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002760704 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2020-05-15 10:17 - 2020-05-15 10:17 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-05-15 10:17 - 2020-05-15 10:17 - 002504440 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002448712 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002284032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002256384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002235008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002157056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 002060800 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001786880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001745208 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001722880 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001536512 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001500672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001498624 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001385176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001346048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001333248 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001270784 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrSvc.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001263616 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001158144 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001150784 _____ (Microsoft Corporation) C:\Windows\system32\InputHost.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001132544 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001098240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Signals.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001072128 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001059328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001053696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001027816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Perception.Stub.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001007928 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000957056 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000938496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000916768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000915456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000902656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-05-15 10:17 - 2020-05-15 10:17 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2020-05-15 10:17 - 2020-05-15 10:17 - 000819696 _____ (Microsoft Corporation) C:\Windows\system32\windows.applicationmodel.datatransfer.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000793088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000781312 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000777216 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000768000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000759808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000738304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000710656 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000706544 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000636416 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000634680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2020-05-15 10:17 - 2020-05-15 10:17 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000622592 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000614400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000604160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-05-15 10:17 - 2020-05-15 10:17 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000479744 _____ (Microsoft Corporation) C:\Windows\system32\BcastDVRClient.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000442880 _____ (Microsoft Corporation) C:\Windows\system32\PhoneOm.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-05-15 10:17 - 2020-05-15 10:17 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000410608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\TaskApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000399672 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DataModel.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000394240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000380632 _____ (Microsoft Corporation) C:\Windows\system32\CredentialEnrollmentManager.exe
2020-05-15 10:17 - 2020-05-15 10:17 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000339824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000318680 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000316416 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000273208 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000238904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Workplace.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Devices.Sensors.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\DataExchange.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\useractivitybroker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Haptics.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Compression.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\AppExtension.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcui.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\VoipRT.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\socialapis.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Storage.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\PeopleAPIs.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\BcastDVRBroker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticInvoker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000088280 _____ (Microsoft Corporation) C:\Windows\system32\coloradapterclient.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\mbussdapi.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\ffbroker.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-05-15 10:17 - 2020-05-15 10:17 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-05-15 10:17 - 2020-05-15 10:17 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2020-05-15 10:17 - 2020-05-15 10:17 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2020-05-15 10:17 - 2020-05-15 10:17 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveTask.exe
2020-05-15 10:17 - 2020-05-15 10:17 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-05-14 23:04 - 2020-05-14 23:04 - 000000011 ____R C:\Windows\amunres.lsl
2020-05-14 11:36 - 2020-05-14 11:36 - 000627992 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2020-05-14 11:36 - 2020-05-14 11:36 - 000366872 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2020-05-14 11:36 - 2020-05-14 11:36 - 000332568 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2020-05-14 11:36 - 2020-05-14 11:36 - 000206104 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2020-05-14 11:36 - 2020-05-14 11:36 - 000085784 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2020-05-14 11:36 - 2020-05-14 11:36 - 000031512 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll
2020-05-13 18:24 - 2020-05-13 18:24 - 000000000 ____D C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-05-12 13:46 - 2020-05-12 13:46 - 000000000 ____D C:\Users\Marco\Documents\TomTomUpgrade
2020-05-12 13:43 - 2020-05-12 13:43 - 000000000 ____D C:\Users\Marco\AppData\Roaming\H2CU_VCR
2020-05-12 13:42 - 2020-05-12 13:46 - 000000000 ____D C:\Users\Marco\AppData\Local\TomTomUpgrade
2020-05-12 13:42 - 2020-05-12 13:42 - 000000000 ____D C:\Users\Marco\TomTomUpgrade
2020-05-12 13:42 - 2020-05-12 13:42 - 000000000 ____D C:\Users\Marco\AppData\Roaming\TomTomUpgrade
2020-05-12 13:42 - 2020-05-12 13:42 - 000000000 ____D C:\ProgramData\TomTom
2020-05-10 12:59 - 2020-05-16 15:35 - 000000000 ____D C:\Users\Marco\AppData\Local\gtk-2.0
2020-05-10 12:44 - 2020-05-24 12:23 - 000000000 ____D C:\Users\Marco\AppData\Local\babl-0.1
2020-05-10 12:44 - 2020-05-10 12:44 - 000000000 ____D C:\Users\Marco\AppData\Roaming\GIMP
2020-05-10 12:44 - 2020-05-10 12:44 - 000000000 ____D C:\Users\Marco\AppData\Local\GIMP
2020-05-10 12:44 - 2020-05-10 12:44 - 000000000 ____D C:\Users\Marco\AppData\Local\gegl-0.4
2020-05-09 20:58 - 2020-06-05 14:30 - 000000008 _____ C:\Users\Marco\Desktop\97.txt
2020-05-09 19:43 - 2020-06-05 14:11 - 000636936 _____ C:\Users\Marco\Desktop\Senza nome 2.odt
2020-05-09 17:12 - 2020-05-09 17:12 - 000000103 _____ C:\Users\Marco\Desktop\Numeri.txt
2020-05-09 12:29 - 2020-05-09 12:29 - 000000000 ____D C:\Users\Marco\Desktop\Il mio pensiero
2020-05-09 12:23 - 2020-05-09 12:23 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-08 23:18 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-06-08 23:17 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-08 23:09 - 2020-04-21 21:05 - 001760898 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-08 23:09 - 2019-03-19 14:33 - 000782652 _____ C:\Windows\system32\perfh010.dat
2020-06-08 23:09 - 2019-03-19 14:33 - 000147324 _____ C:\Windows\system32\perfc010.dat
2020-06-08 23:09 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-06-08 23:05 - 2020-04-21 22:30 - 000000000 ____D C:\Users\Marco\AppData\Roaming\KeePass
2020-06-08 23:03 - 2020-04-21 23:12 - 000000000 ____D C:\ProgramData\Acer
2020-06-08 23:03 - 2020-04-21 22:47 - 000000000 __SHD C:\Users\Marco\IntelGraphicsProfiles
2020-06-08 23:03 - 2020-04-21 21:16 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-08 23:02 - 2020-04-21 20:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-08 23:02 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-06-08 18:30 - 2020-04-21 20:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-06-08 15:25 - 2019-03-19 06:37 - 000065536 _____ C:\Windows\system32\config\ELAM
2020-06-08 14:24 - 2020-04-22 09:42 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-08 14:16 - 2020-04-21 21:00 - 000000000 ____D C:\Windows\minidump
2020-06-08 13:16 - 2020-04-21 22:28 - 000000000 ____D C:\Users\Marco\AppData\Roaming\WhatsApp
2020-06-08 12:04 - 2020-04-21 21:04 - 000000000 ____D C:\Users\Marco\AppData\Local\Packages
2020-06-08 12:01 - 2020-03-13 07:04 - 000023552 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2020-06-08 12:01 - 2019-03-19 14:33 - 000000000 ____D C:\Windows\system32\it
2020-06-08 12:01 - 2019-03-19 07:00 - 000219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2020-06-08 12:01 - 2019-03-19 07:00 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2020-06-08 12:01 - 2019-03-19 07:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2020-06-08 12:01 - 2019-03-19 07:00 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2020-06-08 12:01 - 2019-03-19 06:59 - 000221696 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2020-06-08 12:01 - 2019-03-19 06:59 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2020-06-08 12:01 - 2019-03-19 06:58 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2020-06-08 12:01 - 2019-03-19 06:58 - 000162104 _____ (Microsoft Corporation) C:\Windows\system32\hvsigpext.dll
2020-06-08 12:01 - 2019-03-19 06:57 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2020-06-08 12:01 - 2019-03-19 06:57 - 000147439 _____ C:\Windows\system32\gpedit.msc
2020-06-08 12:01 - 2019-03-19 06:57 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2020-06-08 12:01 - 2019-03-19 06:57 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2020-06-08 12:01 - 2019-03-19 06:57 - 000043566 _____ C:\Windows\system32\rsop.msc
2020-06-08 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
2020-06-08 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemApps
2020-06-08 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\security
2020-06-08 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\schemas
2020-06-08 12:01 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-06-08 12:01 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-06-08 12:00 - 2020-01-09 23:25 - 002158080 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 001185792 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 001126912 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000762880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000030720 _____ C:\Windows\system32\uwfservicingapi.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2020-06-08 12:00 - 2020-01-09 23:25 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2020-06-08 12:00 - 2020-01-09 23:25 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2020-06-08 12:00 - 2020-01-09 23:24 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2020-06-08 12:00 - 2019-03-19 07:01 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000930816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000366592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000147439 _____ C:\Windows\SysWOW64\gpedit.msc
2020-06-08 12:00 - 2019-03-19 07:00 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000043566 _____ C:\Windows\SysWOW64\rsop.msc
2020-06-08 12:00 - 2019-03-19 07:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2020-06-08 12:00 - 2019-03-19 07:00 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CIWmi.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NcaApi.dll
2020-06-08 12:00 - 2019-03-19 07:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2020-06-08 12:00 - 2019-03-19 06:59 - 000403456 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2020-06-08 12:00 - 2019-03-19 06:59 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2020-06-08 12:00 - 2019-03-19 06:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2020-06-08 12:00 - 2019-03-19 06:59 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 001965568 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000797696 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000418304 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000400384 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AssignedAccess.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smbdirect.sys
2020-06-08 12:00 - 2019-03-19 06:58 - 000163840 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000161280 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000146389 _____ C:\Windows\system32\printmanagement.msc
2020-06-08 12:00 - 2019-03-19 06:58 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.SecureAssessment.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000140088 _____ (Microsoft Corporation) C:\Windows\system32\iotstartup.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000120458 _____ C:\Windows\system32\secpol.msc
2020-06-08 12:00 - 2019-03-19 06:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizardElev.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerWizard.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000089600 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2020-06-08 12:00 - 2019-03-19 06:58 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistAD.dll
2020-06-08 12:00 - 2019-03-19 06:58 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000637952 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\appvetwsharedperformance.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\AppvClientEventLog.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000163640 _____ (Microsoft Corporation) C:\Windows\system32\hvsievaluator.exe
2020-06-08 12:00 - 2019-03-19 06:57 - 000151040 _____ C:\Windows\system32\uwfcsp.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000136704 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000118784 _____ C:\Windows\system32\uwfcfgmgmt.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\RemoteAppLifetimeManager.exe
2020-06-08 12:00 - 2019-03-19 06:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppVMgmtCSP.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000081720 _____ (Microsoft Corporation) C:\Windows\system32\windowsdefenderapplicationguardcsp.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessShellProxy.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2020-06-08 12:00 - 2019-03-19 06:57 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\CIWmi.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000041272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UevAgentDriver.sys
2020-06-08 12:00 - 2019-03-19 06:57 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\RemoteAppLifetimeManagerProxyStub.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AgentDriverEvents.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2020-06-08 12:00 - 2019-03-19 06:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessproviderevents.dll
2020-06-07 16:28 - 2020-04-21 21:57 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2020-06-07 16:27 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-06-06 14:02 - 2020-05-04 19:07 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2020-06-06 14:02 - 2020-04-28 11:59 - 000000000 ____D C:\Users\Marco\Documents\Wondershare Filmora 9
2020-06-06 11:17 - 2020-04-25 12:49 - 000000000 ____D C:\Users\Marco\AppData\Roaming\vlc
2020-06-06 10:44 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-04 17:47 - 2020-04-27 23:41 - 000000000 ____D C:\Users\Marco\.VirtualBox
2020-06-04 17:47 - 2020-04-27 23:41 - 000000000 ____D C:\ProgramData\VirtualBox
2020-06-04 11:47 - 2020-05-08 08:26 - 000000000 ____D C:\Users\Marco\Desktop\Scuola
2020-06-03 21:23 - 2020-04-21 21:17 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-03 21:23 - 2020-04-21 21:17 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-03 21:23 - 2020-04-21 21:17 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-01 16:01 - 2020-04-21 22:19 - 000000000 ____D C:\Users\Marco\AppData\Local\JDownloader 2.0
2020-06-01 12:11 - 2020-05-05 13:01 - 000000000 ____D C:\Program Files (x86)\Avira
2020-06-01 12:11 - 2020-04-21 20:58 - 000557592 _____ C:\Windows\system32\FNTCACHE.DAT
2020-06-01 12:00 - 2020-04-21 21:22 - 000013822 _____ C:\Users\Marco\Documents\Password.kdbx
2020-06-01 11:53 - 2020-04-21 21:55 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-01 11:47 - 2020-04-22 10:40 - 000000000 ____D C:\Users\Marco\AppData\Roaming\Wise Registry Cleaner
2020-05-31 11:26 - 2020-05-05 13:08 - 000000000 ____D C:\Users\Public\Security Sessions
2020-05-29 17:40 - 2020-04-21 22:51 - 000000000 ____D C:\Users\Marco\AppData\Local\ElevatedDiagnostics
2020-05-29 13:12 - 2020-04-22 09:33 - 000000000 ____D C:\Users\Marco\Desktop\testdisk-7.1
2020-05-27 12:34 - 2020-04-21 22:28 - 000000000 ____D C:\Users\Marco\AppData\Local\WhatsApp
2020-05-21 12:41 - 2020-05-08 08:27 - 000000000 ____D C:\Users\Marco\Desktop\Video Meccanica
2020-05-18 15:50 - 2020-04-21 21:22 - 020971520 _____ C:\Users\Marco\Documents\Documenti
2020-05-15 12:21 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
2020-05-15 12:21 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-05-15 12:21 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
2020-05-15 11:09 - 2020-04-21 21:33 - 000000000 ____D C:\Windows\system32\MRT
2020-05-15 10:21 - 2020-04-21 21:33 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-05-15 10:17 - 2020-04-21 21:02 - 002874880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-05-15 10:16 - 2020-01-09 23:25 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll
2020-05-13 18:59 - 2020-04-21 21:04 - 000000000 ____D C:\Users\Marco
2020-05-13 18:24 - 2020-04-23 12:30 - 000002118 _____ C:\Users\Marco\Desktop\Zoom.lnk
2020-05-13 18:24 - 2020-04-21 22:30 - 000000000 ____D C:\Users\Marco\AppData\Roaming\Zoom
2020-05-12 13:43 - 2020-04-21 22:26 - 000000707 _____ C:\Users\Marco\Desktop\TomTom HOME.lnk
2020-05-10 21:48 - 2020-04-21 22:28 - 000000000 ____D C:\Users\Marco\AppData\Local\Windows Live
2020-05-09 12:23 - 2020-04-21 21:21 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
==================== Files in the root of some directories ========
2020-05-24 12:16 - 2020-05-24 12:16 - 000005984 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restored successfully
==================== End of FRST.txt ========================
ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Marco (08-06-2020 23:22:24)
Running from C:\Users\Marco\Desktop
Windows 10 Pro Version 1909 18363.836 (X64) (2020-04-21 19:00:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3162225256-117509224-3689321729-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3162225256-117509224-3689321729-503 - Limited - Disabled)
Guest (S-1-5-21-3162225256-117509224-3689321729-501 - Limited - Disabled)
Marco (S-1-5-21-3162225256-117509224-3689321729-1001 - Administrator - Enabled) => C:\Users\Marco
WDAGUtilityAccount (S-1-5-21-3162225256-117509224-3689321729-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: COMODO Firewall (Disabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ACA & MEP 2020 Object Enabler (HKLM\...\{28B89EEF-3004-0000-5102-CF3F3A09B77D}) (Version: 8.2.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-3001-0000-3102-CF3F3A09B77D}) (Version: 23.1.47.0 - Autodesk) Hidden
Aggiornamenti NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Amazon Kindle (HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
App desktop Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
Applicazioni disponibili di Autodesk 2020 (HKLM-x32\...\{D0194D24-57D6-4FC8-9B80-3B60BFEBA23A}) (Version: 3.0.0 - Autodesk)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2020 - Italiano (Italian) (HKLM\...\{28B89EEF-3001-0410-2102-CF3F3A09B77D}) (Version: 23.1.47.0 - Autodesk) Hidden
AutoCAD 2020 (HKLM\...\{28B89EEF-3001-0000-0102-CF3F3A09B77D}) (Version: 23.1.47.0 - Autodesk) Hidden
AutoCAD 2020 Language Pack - Italiano (Italian) (HKLM\...\{28B89EEF-3001-0410-1102-CF3F3A09B77D}) (Version: 23.1.47.0 - Autodesk) Hidden
Autodesk App Manager 2020 (HKLM-x32\...\{093769E2-0281-4626-88B1-43180365CCDF}) (Version: 3.0.0 - Autodesk)
Autodesk AutoCAD 2020 - Italiano (Italian) (HKLM\...\AutoCAD 2020 - Italiano (Italian)) (Version: 23.1.47.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{317D67F2-9027-4E85-9ED1-ADF4D765AE02}) (Version: 3.0.11 - Autodesk)
Autodesk Material Library 2020 (HKLM-x32\...\{B9312A51-41B5-479D-9F72-E7448A2D89AF}) (Version: 18.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2020 (HKLM-x32\...\{0E976988-E753-4C81-BD96-434CE305B176}) (Version: 18.11.1.0 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{E3807FC8-DD0A-4D6D-89E9-EAADE00C845C}) (Version: 10.22.00.1800 - Autodesk)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 100.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.17.178 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
COMODO Internet Security Premium (HKLM\...\{0E9AFD45-C3BA-41D1-B54B-495A22CB3409}) (Version: 12.2.2.7036 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7036 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{4A02DCED-C2B0-4DD3-87BD-7D8E68D6AF3C}) (Version: 0.8.6.75 - Dolby Laboratories, Inc.)
GIMP 2.10.18 (HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6576 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.8.1024 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1040-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.45 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.45 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 6.4.4.2 (HKLM\...\{F00C391B-6092-40E7-9ECD-144933865571}) (Version: 6.4.4.2 - The Document Foundation)
Malwarebytes versione 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NitroSense Service (HKLM-x32\...\{6FC78E80-6385-43D6-8A43-FA80094F1A2E}) (Version: 3.01.3001 - Acer Incorporated)
NVIDIA Driver audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Driver grafico 442.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Oracle VM VirtualBox 6.1.6 (HKLM\...\{447191E4-A677-4976-B961-CA32E61872B5}) (Version: 6.1.6 - Oracle Corporation)
Pannello di controllo NVIDIA 442.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.23 - NVIDIA Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd)
Python 3.8.2 (64-bit) (HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\{13ee6ab9-4dca-406c-bc3b-5d86391d39a1}) (Version: 3.8.2150.0 - Python Software Foundation)
Python 3.8.2 Add to Path (64-bit) (HKLM\...\{88AF4D20-BE9D-4CA6-8BD4-5DB380A41CC8}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Core Interpreter (64-bit) (HKLM\...\{AD923240-0ACE-45C9-8749-05BF77AAE101}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Development Libraries (64-bit) (HKLM\...\{BDFB7011-0AB2-440F-8F00-32AF7A9ED1ED}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Documentation (64-bit) (HKLM\...\{65B0F976-5151-427E-95B4-2320DC64F91E}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Executables (64-bit) (HKLM\...\{A36C1168-60E6-42E4-93DB-6BE8C6DD9DD6}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 pip Bootstrap (64-bit) (HKLM\...\{8EEE042B-6EAF-4171-BA6E-01319ED99DA8}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Standard Library (64-bit) (HKLM\...\{33F9B46C-EB19-4BB7-ABFA-F8C71B73E9A4}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Tcl/Tk Support (64-bit) (HKLM\...\{FCA1EB7D-2F62-4659-AA5F-42C37CE5D3CB}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Test Suite (64-bit) (HKLM\...\{F6DA05CF-67B5-47D0-ABD4-371C80BA0717}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python 3.8.2 Utility Scripts (64-bit) (HKLM\...\{52AB506A-EC3C-4060-9EBF-6A975994CB35}) (Version: 3.8.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{AF12A465-EA47-447D-B6BF-2A82CDBE2F0E}) (Version: 3.8.6994.0 - Python Software Foundation)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10458 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.455 - Qualcomm Atheros)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
Salva su Autodesk Web & Mobile (HKLM\...\{26FB18F7-B553-430D-94F6-C2389A91235F}) (Version: 3.0.21 - Autodesk)
Software Intel® PROSet/Wireless (HKLM-x32\...\{64f650eb-cb37-4658-9131-7db4820f10be}) (Version: 20.20.0 - Intel Corporation)
Software per periferiche con chipset Intel® (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
TomTom HOME 2.20.11.41 (HKLM\...\TomTom HOME) (Version: 2.20.11.41 - TomTom)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.21 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\WhatsApp) (Version: 2.2021.4 - WhatsApp)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wise Registry Cleaner 9.5.2 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.5.2 - WiseCleaner.com, Inc.)
Wondershare Filmora9(Build 9.3.7) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
Centro comandi della grafica Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2730.0_x64__8j3eq9eme6ctt [2020-05-27] (INTEL CORP) [Startup Task]
Componente aggiuntivo motore dei supporti Foto -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Corporation)
JW Library -> C:\Program Files\WindowsApps\WatchtowerBibleandTractSo.45909CDBADF3C_11.6.1.0_x64__5rz59y55nfz3e [2020-05-27] (Watchtower Bible and Tract Society of New York)
NitroSense_V31 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseV31_3.1.3001.0_x64__48frkmn4z8aw4 [2020-04-23] (Acer Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3162225256-117509224-3689321729-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3162225256-117509224-3689321729-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3162225256-117509224-3689321729-1001_Classes\CLSID\{D1DE6864-2236-48B7-99C3-D29C757903A4}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2020\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3162225256-117509224-3689321729-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2020\it-IT\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2019-01-30] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2019-01-30] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxDTCM.dll [2019-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2020-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-02-27] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-04-21 21:51 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:Easy$Duplicate$Finder [136]
AlternateDataStreams: C:\Users\All Users:Easy$Duplicate$Finder [136]
AlternateDataStreams: C:\ProgramData\Dati applicazioni:Easy$Duplicate$Finder [136]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2020-05-04 19:10 - 000000989 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 cbs.wondershare.com
127.0.0.1
www.cbs.wondershare.com
127.0.0.1 platform.wondershare.com
127.0.0.1
www.wondershare.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Marco\bin;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Connessione alla rete locale (LAN)* 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Connessione alla rete locale (LAN)* 2: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_ASC"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "DAX2_APP"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3162225256-117509224-3689321729-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{42ABB0A5-AD66-491A-BF70-3E137A81FE2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{70096DAD-5E10-473A-A164-9AF3568B1BAE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BD933A8C-5435-4C81-9A0C-F18D13C48022}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{49F31EEB-ACFE-4501-9510-84D9F6EAFFF8}] => (Allow) LPort=2869
FirewallRules: [{9B7CDE23-597A-4DB3-A684-7A471661840B}] => (Allow) LPort=1900
FirewallRules: [{4663C5D9-B0F7-449E-A14F-46E74E6CAF0D}] => (Allow) C:\Users\Marco\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7ADA87D1-A1BD-41AB-91CD-99216D558B72}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{EEFAE812-B8C6-4D0F-A259-FF6FBA47FF49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E6D3CD0-B7B8-459F-A05C-08BEF7923F18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97F2ABD3-CB4C-4C7F-9A1C-2FCDB88F885F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4D109D3D-E429-4679-A03E-DC2C222ECC3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0ADADD3B-62EF-4941-8C5B-7DA711FBD207}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CE4ECCA-DA83-4D0C-9440-D230647C9C15}] => (Allow) C:\Users\Marco\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4279A126-FCA9-421E-B8B3-7AFACABEC12D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{462D61EB-FBBF-4749-975D-C9486062EB88}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{1A679311-B025-4901-B86C-CF722857F0C2}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{E25D588A-C58B-4860-A2E4-8A477BB5CA33}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{B3B41CB6-61CB-4C66-AAF5-38BB47ED7017}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
08-06-2020 23:02:06 AdwCleaner_BeforeCleaning_08/06/2020_23:02:05
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/08/2020 11:05:02 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Servizio Centro Sicurezza di Windows: impossibile caricare istanze di FirewallProduct dal datastore.
Error: (06/08/2020 11:03:02 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inizializzazione della registrazione del certificato SCEP per WORKGROUP\DESKTOP-73B3OPP$ tramite
https://INTC-KeyId-17a00575d05e58e3...639.microsoftaik.azure.net/templates/Aik/scep non riuscita:
GetCACaps
Metodo: GET(47ms)
Fase: GetCACaps
Impossibile risolvere il nome o l'indirizzo del server 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (06/08/2020 11:02:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine CoCreateInstance. hr = 0x8007045b, È in corso l'arresto del sistema.
.
Error: (06/08/2020 11:02:37 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]
Error: (06/08/2020 11:02:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine CoCreateInstance. hr = 0x8007045b, È in corso l'arresto del sistema.
.
Error: (06/08/2020 11:02:37 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]
Error: (06/08/2020 11:02:35 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.
Error: (06/08/2020 10:52:01 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.
System errors:
=============
Error: (06/08/2020 11:02:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.
Percorso modulo: C:\Windows\system32\IntelWifiIhv08.dll
Error: (06/08/2020 11:02:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.
Percorso modulo: C:\Windows\system32\IntelWifiIhv08.dll
Error: (06/08/2020 11:02:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.
Percorso modulo: C:\Windows\system32\IntelWifiIhv08.dll
Error: (06/08/2020 11:02:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Intel(R) Dynamic Application Loader Host Interface Service. Questo evento si è già verificato 1 volta(e).
Error: (06/08/2020 11:02:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio TTHOMEService. Questo evento si è già verificato 1 volta(e).
Error: (06/08/2020 11:02:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dolby DAX2 API Service. Questo evento si è già verificato 1 volta(e).
Error: (06/08/2020 11:02:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Predator Service. Questo evento si è già verificato 1 volta(e).
Error: (06/08/2020 11:02:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Intel(R) Content Protection HECI Service. Questo evento si è già verificato 1 volta(e).
CodeIntegrity:
===================================
Date: 2020-06-08 23:17:59.784
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:56.987
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:39.251
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:33.818
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:21.044
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:20.961
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:20.632
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-06-08 23:17:20.425
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.26 03/27/2019
Motherboard: CFL Freed_CFS
Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Percentage of memory in use: 58%
Total physical RAM: 8032.35 MB
Available physical RAM: 3316.13 MB
Total Virtual: 9312.35 MB
Available Virtual: 3442.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:474.76 GB) (Free:264.13 GB) NTFS
\\?\Volume{e25b9899-d072-49d0-8332-969965a81d8b}\ () (Fixed) (Total:0.53 GB) (Free:0.52 GB) NTFS
\\?\Volume{7e9125f8-066d-4e8a-aa80-0ffced1a2612}\ () (Fixed) (Total:1 GB) (Free:0.52 GB) NTFS
\\?\Volume{b8ac8f1b-1f9f-43bf-9ca1-f67746176825}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 185AD76D)
Partition: GPT.
==================== End of Addition.txt =======================