PROBLEMA Problema con malware

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Salve a tutti.
Recentemente durante l'installazione di un programma mi sono stati scaricati all'interno del computer diversi virus e malware che ho rimosso all'istante con malwarebytes e avast, e programmi di gestione del pc che ho subito disinstallato.
Il giorno dopo mi sono accorto che per questo attacco lo store di windows 10 e le app scaricate da esso avevano smesso di funzionare e quindi ho provveduto a installare nuovamente windows 10 in place, risolvendo il problema.
Oggi scrivo qui in quanto, dopo giorni di pace questa mattina mentre stavo caricando su un sito un file word creato da me avast ha cominciato a squillare e ad aprire i pop-up di minacce neutralizzate ininterrottamente finché non ho chiuso la pagina web interrompendo il caricamento. Dopodiché ho eseguito una scansione con malwarebytes che ha rilevato 26 minacce e che ho cancellato fin da subito. Ora i file rilevati da malwarebytes erano quasi tutti trojan, e i virus rilevati da avast erano xmrig.exe e trz(seguiti da vari caratteri).tmp .

Voglio puntualizzare che il sito in questione è sicuramente affidabile e controllando il cestino dei virus di avast tutti i file infetti provenivano da questo percorso:
C:\Users\Utente\AppData\Local\Temp.
Ho provveduto a controllare di persona il percorso senza vedere alcuno di quei file e riprovando a caricare nuovamente il file word sul sito è accaduta la stessa identica cosa.

C'è qualcuno che può aiutarmi a risolvere questo problema?

*Aggiornamento*

Ho provato nuovamente a caricare il file tenendo aperta la cartella dove vengono trovate le minacce e ho visto personalmente comparire il programma xmrig.exe per poco meno di un secondo e i file trz---.tmp.
Inoltre ho notato che un programma che ho disinstallato prima della reinstallazione di windows è ancora presente e se provo a disinstallarlo parte avast!
 
Ultima modifica:

danilo79

Utente Èlite
1,814
549
Esegui queste scansioni:

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Scarica Adwcleaner sul desktop:
https://www.bleepingcomputer.com/download/adwcleaner/
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc... siano chiusi)
Clicca sul pulsante "Analizza".
Finita la scansione clicca su "Pulisci"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni....
Postalo qui.

Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report

Poi ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Infine scarica frst da quihttps://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

ciao
 
  • Mi piace
Reazioni: Gabdo

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Esegui queste scansioni:

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Scarica Adwcleaner sul desktop:
https://www.bleepingcomputer.com/download/adwcleaner/
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc... siano chiusi)
Clicca sul pulsante "Analizza".
Finita la scansione clicca su "Pulisci"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni....
Postalo qui.

Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report

Poi ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Infine scarica frst da quihttps://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

ciao

Questo è il log di Malwarebytes

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 21/02/18
Ora scansione: 18:23
File di log: ebbe9017-172b-11e8-8d14-3497f68dee17.json
Amministratore: Sì

-Informazioni software-
Versione: 3.3.1.2183
Versione componenti: 1.0.262
Aggiorna versione pacchetto: 1.0.4036
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 16299.248)
CPU: x64
File system: NTFS
Utente: PCGABRI\Utente

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 347920
Minacce rilevate: 0
(Nessun elemento nocivo rilevato)
Minacce messe in quarantena: 0
(Nessun elemento nocivo rilevato)
Tempo impiegato: 1 min, 31 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

File: 0
(Nessun elemento nocivo rilevato)

Settore fisico: 0
(Nessun elemento nocivo rilevato)


(end)

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Questo è quello di Adwcleaner

# AdwCleaner 7.0.8.0 - Logfile created on Wed Feb 21 17:32:09 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Users\vince\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\vince\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Users\vince\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\vince\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\Public\Documents\Downloaded Installers
Deleted: C:\Users\Utente\AppData\Local\AdvinstAnalytics
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\Users\Utente\AppData\Local\slimware utilities inc
Deleted: C:\Users\Utente\AppData\Local\SlimWare Utilities Inc
Deleted: C:\Users\Utente\AppData\Roaming\FastDataX
Deleted: C:\Program Files (x86)\OneSystemCare
Deleted: C:\Users\Utente\AppData\Roaming\SystemHealer
Deleted: C:\Program Files (x86)\ProxyGate


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\IObit\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\IObit\RealTimeProtector
Deleted: [Key] - HKLM\SOFTWARE\IObit\ASC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKU\S-1-5-21-3454903148-161096206-1152172953-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-3454903148-161096206-1152172953-1001\Software\SetupCompany
Deleted: [Key] - HKCU\Software\SetupCompany
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3956 B] - [2018/2/21 17:31:6]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Aggiungo che al riavvio avast ha ricominciato per un paio di minuti a bloccare minacce.
 
Ultima modifica:

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Questo è il report di TDSSKiller

12:14:03.0840 11788 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:14:04.0248 11788 ============================================================
12:14:04.0248 11788 Current date / time: 2018/02/22 12:14:04.0248
12:14:04.0248 11788 SystemInfo:
12:14:04.0248 11788
12:14:04.0248 11788 OS Version: 6.2.9200 ServicePack: 0.0
12:14:04.0248 11788 Product type: Workstation
12:14:04.0248 11788 ComputerName: PCGABRI
12:14:04.0248 11788 UserName: Utente
12:14:04.0248 11788 Windows directory: C:\WINDOWS
12:14:04.0248 11788 System windows directory: C:\WINDOWS
12:14:04.0248 11788 Running under WOW64
12:14:04.0248 11788 Processor architecture: Intel x64
12:14:04.0248 11788 Number of processors: 4
12:14:04.0248 11788 Page size: 0x1000
12:14:04.0248 11788 Boot type: Normal boot
12:14:04.0248 11788 ============================================================
12:14:04.0263 11788 BG loaded
12:14:04.0404 11788 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:14:04.0404 11788 ============================================================
12:14:04.0404 11788 \Device\Harddisk0\DR0:
12:14:04.0404 11788 MBR partitions:
12:14:04.0404 11788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
12:14:04.0404 11788 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1BD2EA69
12:14:04.0404 11788 ============================================================
12:14:04.0404 11788 C: <-> \Device\Harddisk0\DR0\Partition2
12:14:04.0404 11788 ============================================================
12:14:04.0404 11788 Initialize success
12:14:04.0404 11788 ============================================================
12:14:34.0155 12244 ============================================================
12:14:34.0155 12244 Scan started
12:14:34.0155 12244 Mode: Manual; SigCheck;
12:14:34.0155 12244 ============================================================
12:14:34.0280 12244 ================ Scan system memory ========================
12:14:34.0280 12244 System memory - ok
12:14:34.0280 12244 ================ Scan services =============================
12:14:34.0343 12244 [ 08312DEEF0D3F8647AA53AD90A69094E ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:14:34.0389 12244 1394ohci - ok
12:14:34.0389 12244 Suspicious service (Hidden): 27666012
12:14:34.0389 12244 27666012 ( HiddenService.Multi.Generic ) - warning
12:14:34.0389 12244 27666012 - detected HiddenService.Multi.Generic (1)
12:14:34.0389 12244 [ 645009E711BBF117CCEE917A03FB0CDD ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:14:34.0405 12244 3ware - ok
12:14:34.0421 12244 [ 69481E5474C7E61CDB3FE6A8A0F3B1B4 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:14:34.0452 12244 ACPI - ok
12:14:34.0452 12244 [ 44EA35A4B397898A83BF1B9B4B8DAE35 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
12:14:34.0468 12244 AcpiDev - ok
12:14:34.0468 12244 [ 91D113A1532B8AB1E25B7DE5AB3C2F83 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:14:34.0483 12244 acpiex - ok
12:14:34.0499 12244 [ 620BB2682BA625DF037072D89F44F6EE ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:14:34.0514 12244 acpipagr - ok
12:14:34.0514 12244 [ B9805A3C479390CEAEA5AEF5E4A90A2E ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:14:34.0530 12244 AcpiPmi - ok
12:14:34.0530 12244 [ ABD4EB55C661143B015BD0B9B47B235C ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:14:34.0546 12244 acpitime - ok
12:14:34.0561 12244 [ 79EE5A2B3BF3685AF9B7AC4780371A25 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
12:14:34.0577 12244 AdobeUpdateService - ok
12:14:34.0593 12244 [ 8C58BD711FAD5F11E8CFDBC5CED973A5 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:14:34.0652 12244 ADP80XX - ok
12:14:34.0652 12244 [ AD7B46330B55170ED706043DE88AC1A9 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:14:34.0683 12244 AFD - ok
12:14:34.0715 12244 [ 58A5D48F16E89575C21C0B14A15D4383 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
12:14:34.0783 12244 AGSService - ok
12:14:34.0783 12244 [ 56166D110D3ECFFC595E5FA02D9BA491 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:14:34.0798 12244 ahcache - ok
12:14:34.0814 12244 [ 84FFB4AC2BA923364DF13F73751E05D1 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
12:14:34.0830 12244 AJRouter - ok
12:14:34.0830 12244 [ 084101AB03969D8ED00D5FFBE5F4C3DF ] ALG C:\WINDOWS\System32\alg.exe
12:14:34.0845 12244 ALG - ok
12:14:34.0845 12244 [ 62619E31AFF88F906A7E793AC4A9FF51 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:14:34.0877 12244 AmdK8 - ok
12:14:34.0877 12244 [ 735142DD039BEB35632765C41FC6E397 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:14:34.0892 12244 AmdPPM - ok
12:14:34.0892 12244 [ F1C16AABA27E9E153AEC7BD2AB853F30 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:14:34.0908 12244 amdsata - ok
12:14:34.0923 12244 [ C834D0F1ECB8473E9E6D18EE1BCEECB2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:14:34.0939 12244 amdsbs - ok
12:14:34.0939 12244 [ 49203D2FFE30CBB36BE66A0E70F3D954 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:14:34.0955 12244 amdxata - ok
12:14:34.0955 12244 [ 3692C75C47285D388C886D162F54C430 ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:14:34.0970 12244 AppID - ok
12:14:34.0970 12244 [ A78F24AF599EA536C6028D80E4037664 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:14:34.0986 12244 AppIDSvc - ok
12:14:35.0001 12244 [ 083C727CCAFEDE51D27E21B7D36F62C3 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:14:35.0001 12244 Appinfo - ok
12:14:35.0017 12244 [ 1E085E2302D568F0CE041732B3E887B0 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
12:14:35.0017 12244 applockerfltr - ok
12:14:35.0033 12244 [ 043786FF3A1B6A066613E0B166F28F07 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:14:35.0048 12244 AppMgmt - ok
12:14:35.0048 12244 [ 1D123729F547EEDFBE3F510346848C38 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:14:35.0080 12244 AppReadiness - ok
12:14:35.0080 12244 [ 02E6B550E258EEBD9B5B30B00CAD6026 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
12:14:35.0111 12244 AppVClient - ok
12:14:35.0111 12244 [ 05B19AD776D80FF0FADB44608896C16F ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
12:14:35.0127 12244 AppvStrm - ok
12:14:35.0142 12244 [ 3EA678F2C70083FB1588772FE7FAFFE1 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
12:14:35.0158 12244 AppvVemgr - ok
12:14:35.0158 12244 [ ADD72B1FFE20B37A13A5A861724ECA05 ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
12:14:35.0173 12244 AppvVfs - ok
12:14:35.0205 12244 [ 9B5C6FE333D485BA4A3A665C74766E3F ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:14:35.0252 12244 AppXSvc - ok
12:14:35.0267 12244 [ B42C83DE28776B80DBA1310C56DD4F74 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:14:35.0283 12244 arcsas - ok
12:14:35.0298 12244 [ 798DE15F187C1F013095BBBEB6FB6197 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
12:14:35.0314 12244 AsIO - ok
12:14:35.0330 12244 [ 0D51FFDAE7C906C308369EAB87358304 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
12:14:35.0345 12244 AssignedAccessManagerSvc - ok
12:14:35.0345 12244 [ 50B0F056CCD917C4991274537C695B2F ] AsusVBus C:\WINDOWS\System32\drivers\AsusVBus.sys
12:14:35.0345 12244 AsusVBus - ok
12:14:35.0361 12244 [ 99A8C4ADE17B9CF2B5373E5BDE354DC4 ] aswArPot C:\WINDOWS\system32\drivers\aswArPot.sys
12:14:35.0377 12244 aswArPot - ok
12:14:35.0502 12244 [ A13586710C5CFFD09CDB78C05A9CC0B3 ] aswbIDSAgent C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
12:14:35.0627 12244 aswbIDSAgent - ok
12:14:35.0642 12244 [ 9E3CAA4E0E81BDC0E529BF3B32F9A08F ] aswbidsdriver C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
12:14:35.0658 12244 aswbidsdriver - ok
12:14:35.0658 12244 [ FD31AC49D034541FF25BD6B158153035 ] aswbidsh C:\WINDOWS\system32\drivers\aswbidsha.sys
12:14:35.0673 12244 aswbidsh - ok
12:14:35.0673 12244 [ 47DF29AA4FBE5A290B309D7F9109233E ] aswblog C:\WINDOWS\system32\drivers\aswbloga.sys
12:14:35.0705 12244 aswblog - ok
12:14:35.0705 12244 [ 0C9979B3B4B8472EB4286DFBBE37DEDA ] aswbuniv C:\WINDOWS\system32\drivers\aswbuniva.sys
12:14:35.0720 12244 aswbuniv - ok
12:14:35.0720 12244 [ A3B07E62979505688581D55182F5E617 ] aswHdsKe C:\WINDOWS\system32\drivers\aswHdsKe.sys
12:14:35.0720 12244 aswHdsKe - ok
12:14:35.0736 12244 [ E4BCCBD78DB4DEC414DE4F1578328B24 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
12:14:35.0736 12244 aswHwid - ok
12:14:35.0752 12244 [ 96A7DBC6B971CBFF8322AEE66EA671F9 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:14:35.0767 12244 aswMonFlt - ok
12:14:35.0767 12244 [ A47527A8E9A5BD0C30703BD90DC5D4FF ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
12:14:35.0783 12244 aswRdr - ok
12:14:35.0783 12244 [ A9D1665A18B3C7B763C1A4CF7AB1DD09 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
12:14:35.0798 12244 aswRvrt - ok
12:14:35.0814 12244 [ B05F534A31CE10355A0F25DAED14CA3E ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:14:35.0845 12244 aswSnx - ok
12:14:35.0845 12244 [ 3687CDF17F8BBB6134BC1C289674564D ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:14:35.0877 12244 aswSP - ok
12:14:35.0877 12244 [ CFC4326AC78CCAB412D4729DB38946DF ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
12:14:35.0877 12244 aswStm - ok
12:14:35.0892 12244 [ E4ABC023E251D2BB6B98C9FCAF5CF16D ] aswTap C:\WINDOWS\System32\drivers\aswTap.sys
12:14:35.0892 12244 aswTap - ok
12:14:35.0908 12244 [ 0B2CB619C6A36A9490C251E2A15E92C4 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
12:14:35.0923 12244 aswVmm - ok
12:14:35.0923 12244 [ C2151380227CD1F7DDA2401C1F151367 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
12:14:35.0939 12244 AsyncMac - ok
12:14:35.0955 12244 [ 6191B9B2EE0E8CB957C683B9B341CC86 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:14:35.0955 12244 atapi - ok
12:14:35.0970 12244 [ 0A414BE36FFA16E9F20F94008E366AD6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:14:35.0986 12244 AudioEndpointBuilder - ok
12:14:36.0002 12244 [ 57D7504862058467BA8FB8D988E6D372 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:14:36.0033 12244 Audiosrv - ok
12:14:36.0048 12244 [ 2C4CED727FAC83B0FFA005421DC55FC7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:14:36.0048 12244 avast! Antivirus - ok
12:14:36.0048 12244 [ 947FF5992E26AFD4CAA34506678B70BC ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:14:36.0064 12244 AxInstSV - ok
12:14:36.0080 12244 [ A921805C1ED3253DF48FCA4D724173EB ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:14:36.0095 12244 b06bdrv - ok
12:14:36.0095 12244 [ 763CF81762483E244BAEB83DEFFC53F3 ] bam C:\WINDOWS\system32\drivers\bam.sys
12:14:36.0111 12244 bam - ok
12:14:36.0111 12244 [ 2A7267AA15E508F6D05A5B562F1FD1CE ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:14:36.0127 12244 BasicDisplay - ok
12:14:36.0127 12244 [ 2E1EE0F10FAF1250D1AC05BFB0E6BD3D ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:14:36.0142 12244 BasicRender - ok
12:14:36.0142 12244 [ 739D089777D2B66DBE7201E5EA4BA2D7 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:14:36.0158 12244 bcmfn2 - ok
12:14:36.0174 12244 [ 72963E0676003016B431306A6F4951BF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:14:36.0189 12244 BDESVC - ok
12:14:36.0189 12244 [ EDDAA3A563E7EB71C991FE91249C7D81 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:14:36.0205 12244 Beep - ok
12:14:36.0205 12244 [ 86CAB4060251D418B6449D6CBCC852A6 ] BFE C:\WINDOWS\System32\bfe.dll
12:14:36.0236 12244 BFE - ok
12:14:36.0252 12244 [ E223918B4E0B28CF7BE132C30D1E161A ] BITS C:\WINDOWS\System32\qmgr.dll
12:14:36.0299 12244 BITS - ok
12:14:36.0299 12244 [ D030A1203680D66716F4E74053468627 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:14:36.0314 12244 bowser - ok
12:14:36.0330 12244 [ 77A3FFCB7243281829796A9C3C15B20C ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:14:36.0345 12244 BrokerInfrastructure - ok
12:14:36.0345 12244 [ 2BA1BED8E8168C301522AC7CFBFA2141 ] Browser C:\WINDOWS\System32\browser.dll
12:14:36.0361 12244 Browser - ok
12:14:36.0361 12244 [ A4863B7B1F0DB513D6E34547BACC211A ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:14:36.0392 12244 BthAvrcpTg - ok
12:14:36.0392 12244 [ 9C9EE272C11252C651C5DE6A1AC1EDAA ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:14:36.0408 12244 BthHFEnum - ok
12:14:36.0408 12244 [ 69734E386826ED857C889330F35B4D9C ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:14:36.0424 12244 bthhfhid - ok
12:14:36.0424 12244 [ BC58294295CBAD6637A526470305B5EA ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
12:14:36.0455 12244 BthHFSrv - ok
12:14:36.0455 12244 [ A94AFAEA86F5F792BB4ECA095B231464 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:14:36.0470 12244 BTHMODEM - ok
12:14:36.0470 12244 [ 572BCA61B7E026E057AF7DF456AC7E0B ] bthserv C:\WINDOWS\system32\bthserv.dll
12:14:36.0486 12244 bthserv - ok
12:14:36.0502 12244 [ 39E7437FC59CDD7A303ABD514E462E8B ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
12:14:36.0502 12244 bttflt - ok
12:14:36.0517 12244 [ 522888590B0C19BC8128119060AE7901 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:14:36.0533 12244 buttonconverter - ok
12:14:36.0533 12244 [ 2AB01CE5E233A6FBA3E91BD57772AA4B ] CAD C:\WINDOWS\System32\drivers\CAD.sys
12:14:36.0549 12244 CAD - ok
12:14:36.0549 12244 [ E2C8EE32C053892E685A989071AAE333 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
12:14:36.0564 12244 camsvc - ok
12:14:36.0564 12244 [ F6F97879F53AD57194C6BC8272FD73EA ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
12:14:36.0580 12244 CapImg - ok
12:14:36.0580 12244 [ 9E82A95D77AC78C84BA75FF896B060BF ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:14:36.0611 12244 cdfs - ok
12:14:36.0611 12244 [ 147CEBE0C5F7A80135C54715521AD9E1 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
12:14:36.0642 12244 CDPSvc - ok
12:14:36.0642 12244 [ C2F158F11391F21C7D3FEB572D11C2D2 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
12:14:36.0658 12244 CDPUserSvc - ok
12:14:36.0674 12244 [ 6D83565C1652E80447EDEA6947FA89D7 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:14:36.0689 12244 cdrom - ok
12:14:36.0689 12244 [ 200A5398C0E7E78DBDF6C0D9E811F366 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:14:36.0705 12244 CertPropSvc - ok
12:14:36.0705 12244 [ D81954CE5E016FD716EDDB2B2FD9BA58 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
12:14:36.0736 12244 cht4iscsi - ok
12:14:36.0752 12244 [ F9A8570805807FFD66488F0A858E1308 ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
12:14:36.0814 12244 cht4vbd - ok
12:14:36.0814 12244 [ 9798D58461706930190F1F2F6BF21D80 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:14:36.0830 12244 circlass - ok
12:14:36.0830 12244 [ 6AF3865AEF65623814209794409AA15F ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
12:14:36.0861 12244 CldFlt - ok
12:14:36.0861 12244 [ 33609EDF8062E8FE79DD5F9079E4D3CE ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:14:36.0892 12244 CLFS - ok
12:14:36.0892 12244 [ 0EFD85AB09099246CDF8DB63978CC00A ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
12:14:36.0924 12244 ClipSVC - ok
12:14:36.0939 12244 [ 2BA3BA38B5A6A667B0EAEC477276707B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:14:36.0939 12244 CmBatt - ok
12:14:36.0955 12244 [ 2733C4BF3157D81767C9570309444FE8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:14:36.0986 12244 CNG - ok
12:14:36.0986 12244 [ C65AF00EF12A1755E7CA370B0C71935D ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:14:37.0002 12244 cnghwassist - ok
12:14:37.0017 12244 [ A50300498D56B2448F3593D25478D508 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
12:14:37.0033 12244 CompositeBus - ok
12:14:37.0033 12244 COMSysApp - ok
12:14:37.0033 12244 [ 65602B0DB49199647FECB2D1212147BE ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:14:37.0049 12244 condrv - ok
12:14:37.0064 12244 [ CBA59790FE62C6896A7020DE0ADE2006 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:14:37.0095 12244 CoreMessagingRegistrar - ok
12:14:37.0095 12244 [ D64EF74FC6DA47EC2E460076F299E77D ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:14:37.0111 12244 CryptSvc - ok
12:14:37.0111 12244 [ 0AAC6E3138AB83C466281642D1A48F15 ] CSC C:\WINDOWS\system32\drivers\csc.sys
12:14:37.0142 12244 CSC - ok
12:14:37.0158 12244 [ 9D4FA712339A09110809A4CC270AF4F0 ] CscService C:\WINDOWS\System32\cscsvc.dll
12:14:37.0174 12244 CscService - ok
12:14:37.0174 12244 [ 72BE43ABD786E86AAE7EA2193201E100 ] dam C:\WINDOWS\system32\drivers\dam.sys
12:14:37.0189 12244 dam - ok
12:14:37.0189 12244 [ A4700D1F78539C0ED32FA50E64F9C692 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
12:14:37.0205 12244 dc3d - ok
12:14:37.0220 12244 [ 79BDBB684629A526CCD958F06B9D6FAD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:14:37.0252 12244 DcomLaunch - ok
12:14:37.0252 12244 [ F7FB921F438C3566CEC55657EA4E7D9C ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:14:37.0283 12244 defragsvc - ok
12:14:37.0283 12244 [ B5F9123D6537856EA698386ABA27A232 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:14:37.0299 12244 DeviceAssociationService - ok
12:14:37.0314 12244 [ 64A80A746FC460126FA4124AA2D93848 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:14:37.0330 12244 DeviceInstall - ok
12:14:37.0330 12244 [ A19F51A044B62C994144ED87A7A5A887 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
12:14:37.0361 12244 DevicesFlowUserSvc - ok
12:14:37.0361 12244 [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
12:14:37.0377 12244 DevQueryBroker - ok
12:14:37.0377 12244 [ 9910E9CFF5ECDCB225F82E72CE9DE459 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:14:37.0392 12244 Dfsc - ok
12:14:37.0392 12244 [ 9593475FBC857A05D93BFF4FA7323C2B ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:14:37.0408 12244 dg_ssudbus - ok
12:14:37.0408 12244 [ 309F4FBA6AC2CA70663C99690AE900C2 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:14:37.0424 12244 Dhcp - ok
12:14:37.0439 12244 [ 8C46ADC4354DDE94CA459CB4BA822073 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:14:37.0455 12244 diagnosticshub.standardcollector.service - ok
12:14:37.0455 12244 [ E2BF09B816393AF73EDCB8ECF9BBDB2D ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
12:14:37.0471 12244 diagsvc - ok
12:14:37.0502 12244 [ 363519B5143688A7779A51859CFDB863 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
12:14:37.0549 12244 DiagTrack - ok
12:14:37.0549 12244 [ 04CE856B96A3606AB8796EA684C62694 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
12:14:37.0564 12244 DigitalWave.Update.Service - ok
12:14:37.0580 12244 [ E427B693F48D9D7AC3DC2046BED74126 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
12:14:37.0627 12244 Disc Soft Lite Bus Service - ok
12:14:37.0627 12244 [ 811173C821171BB910219E53C7FD97AD ] Disk C:\WINDOWS\system32\drivers\disk.sys
12:14:37.0642 12244 Disk - ok
12:14:37.0658 12244 [ 133E5277C2A50770EADFAC4AF2232D69 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:14:37.0674 12244 DmEnrollmentSvc - ok
12:14:37.0689 12244 [ 569FE16775E15A49DC904DE20BF8CAA0 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:14:37.0705 12244 dmvsc - ok
12:14:37.0705 12244 [ 10E72E3315305461D3F0C7560AE98CA5 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:14:37.0721 12244 dmwappushservice - ok
12:14:37.0721 12244 [ 2925945E2864DD13A6BD4065D252B598 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:14:37.0736 12244 Dnscache - ok
12:14:37.0736 12244 [ 24F0CF56DF2725291937B32597BA8D51 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:14:37.0752 12244 dot3svc - ok
12:14:37.0767 12244 [ 6D8971C942FEE43A0AB6B3192534AFB4 ] DPS C:\WINDOWS\system32\dps.dll
12:14:37.0767 12244 DPS - ok
12:14:37.0783 12244 [ F4800922F4ABA619585CE320A72E6389 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
12:14:37.0783 12244 drmkaud - ok
12:14:37.0799 12244 [ BB73FD1329739982C2915AB827A01362 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:14:37.0799 12244 DsmSvc - ok
12:14:37.0814 12244 [ C7DC50CC0C6B0948A0C040622FCD70EA ] DsSvc C:\WINDOWS\System32\DsSvc.dll
12:14:37.0830 12244 DsSvc - ok
12:14:37.0830 12244 [ 679FF716052109392D870F6A6C4A3535 ] dtlitescsibus C:\WINDOWS\System32\drivers\dtlitescsibus.sys
12:14:37.0830 12244 dtlitescsibus - ok
12:14:37.0846 12244 [ E23FDD696839A4790682CA66C48D3F2F ] dtliteusbbus C:\WINDOWS\System32\drivers\dtliteusbbus.sys
12:14:37.0846 12244 dtliteusbbus - ok
12:14:37.0861 12244 [ A92C554CC7B6814841D118356B40975B ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
12:14:37.0877 12244 DusmSvc - ok
12:14:37.0892 12244 [ D4FECFD94C7198A8AD5664880EA2F7E0 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:14:37.0955 12244 DXGKrnl - ok
12:14:37.0955 12244 [ FA94398748930D840FE35A44F1D225A7 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:14:37.0971 12244 Eaphost - ok
12:14:38.0002 12244 [ C99D40C97841E0A7F0F90B8629593A97 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:14:38.0111 12244 ebdrv - ok
12:14:38.0111 12244 [ 94E06D509D50807774F35BEE3163E806 ] EFS C:\WINDOWS\System32\lsass.exe
12:14:38.0127 12244 EFS - ok
12:14:38.0127 12244 [ 260BBD6B1ED06298E509B452354EDB91 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:14:38.0142 12244 EhStorClass - ok
12:14:38.0142 12244 [ F3BEBDC1B9DBA32F183079EAE6244837 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:14:38.0142 12244 EhStorTcgDrv - ok
12:14:38.0158 12244 [ A75880A9192B9DA69F46867B06276746 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
12:14:38.0174 12244 embeddedmode - ok
12:14:38.0174 12244 [ 3BC17ABD52295C64A8BEE3CF4B244B12 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:14:38.0189 12244 EntAppSvc - ok
12:14:38.0189 12244 [ D315FF43E23DF424ECEC2F6C930203E4 ] EpsonScanSvc C:\WINDOWS\system32\EscSvc64.exe
12:14:38.0205 12244 EpsonScanSvc - ok
12:14:38.0205 12244 [ 1B63CA857FD03FD0A5A1379F2996784F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:14:38.0221 12244 ErrDev - ok
12:14:38.0221 12244 [ C08347A4F534C9E00FC7468AD2FDEC61 ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys
12:14:38.0236 12244 ETDSMBus - ok
12:14:38.0252 12244 [ 6A5FA501A2D96001391FF3CBA32935AB ] EventSystem C:\WINDOWS\system32\es.dll
12:14:38.0267 12244 EventSystem - ok
12:14:38.0267 12244 [ F1ACA42D448E3986565EA54275EEEA65 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:14:38.0299 12244 exfat - ok
12:14:38.0299 12244 [ 0AF4B36754A6EAE794EE4398E219A9E1 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:14:38.0330 12244 fastfat - ok
12:14:38.0330 12244 [ B1A38C0D977D8738779CA3EFEBDFCA8C ] Fax C:\WINDOWS\system32\fxssvc.exe
12:14:38.0361 12244 Fax - ok
12:14:38.0361 12244 [ 7CD8426A33F06EB72BFEC51F7C264AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:14:38.0377 12244 fdc - ok
12:14:38.0377 12244 [ 21EB16C5DDFBC19DEBE9EEC10EA423FB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:14:38.0392 12244 fdPHost - ok
12:14:38.0392 12244 [ 57F98EFE6CB82AE5400BA99C705AF45C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:14:38.0408 12244 FDResPub - ok
12:14:38.0408 12244 [ 02F93E4B9EC2821B6670208044FF5332 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:14:38.0424 12244 fhsvc - ok
12:14:38.0424 12244 [ DE51BBBCF358188F9736F031546F9908 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
12:14:38.0439 12244 FileCrypt - ok
12:14:38.0455 12244 [ 822F664952B0F8D11BB6BD2F11779602 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:14:38.0455 12244 FileInfo - ok
12:14:38.0471 12244 [ 5A4935682A0D47A4EAC4BE3C2ACF74D6 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:14:38.0486 12244 Filetrace - ok
12:14:38.0486 12244 [ 60641F22D1D38EAD197C25F0339C9712 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:14:38.0502 12244 flpydisk - ok
12:14:38.0502 12244 [ 56F9EAA7099159759B2F6C523007A13F ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:14:38.0533 12244 FltMgr - ok
12:14:38.0549 12244 [ 4DCB038D36B607DD92ED0393EEA7136E ] FontCache C:\WINDOWS\system32\FntCache.dll
12:14:38.0580 12244 FontCache - ok
12:14:38.0596 12244 [ A7C6894FFF261C0FEFDCB41BE83CF430 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:14:38.0596 12244 FontCache3.0.0.0 - ok
12:14:38.0611 12244 [ 95F8BF9B335A0BE8920BE160F95B2503 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
12:14:38.0627 12244 FrameServer - ok
12:14:38.0627 12244 [ 5D8A0E58E3F82583697E3F07052435AA ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:14:38.0643 12244 FsDepends - ok
12:14:38.0643 12244 [ BB82CC2F51F7C3D5DCD13FA3B040D8F8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:14:38.0658 12244 Fs_Rec - ok
12:14:38.0658 12244 [ 9E5E8464A9E6E177916DC010A9753CD4 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:14:38.0689 12244 fvevol - ok
12:14:38.0705 12244 [ 3B5DDF1061930A0A891FA63DB0CB878B ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:14:38.0721 12244 gencounter - ok
12:14:38.0721 12244 [ 8B34E3F794F652082D7E8AF112F71681 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
12:14:38.0736 12244 genericusbfn - ok
12:14:38.0736 12244 [ 127C23F4720C8902A3AB0FEE12205317 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:14:38.0752 12244 GPIOClx0101 - ok
12:14:38.0768 12244 [ A7A85B505944F99CB55C8669E4F7FC0F ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:14:38.0799 12244 gpsvc - ok
12:14:38.0799 12244 [ C7DEA3458E50B691E69EFF0B47CBCCDB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:14:38.0814 12244 GpuEnergyDrv - ok
12:14:38.0814 12244 [ 141904F0581468B39B579EA33CA57549 ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
12:14:38.0830 12244 GraphicsPerfSvc - ok
12:14:38.0830 12244 [ 50FCC5C822A6B4FC6F377EE9F9F37C7B ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:14:38.0846 12244 gupdate - ok
12:14:38.0846 12244 [ 50FCC5C822A6B4FC6F377EE9F9F37C7B ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:14:38.0846 12244 gupdatem - ok
12:14:38.0846 12244 [ 99A34FD1F6431A10D8C3BB50E170D0F2 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:14:38.0861 12244 HDAudBus - ok
12:14:38.0877 12244 [ 2443FC6EEB9CF092B62127D867901B02 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:14:38.0877 12244 HidBatt - ok
12:14:38.0893 12244 [ 205043CDC16ADE85E252DD54AE925161 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:14:38.0908 12244 HidBth - ok
12:14:38.0908 12244 [ B521DDDC9038C066B1B957BF063A531A ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:14:38.0924 12244 hidi2c - ok
12:14:38.0924 12244 [ 5AC0EBFA76E93273A806176D3178E986 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:14:38.0939 12244 hidinterrupt - ok
12:14:38.0939 12244 [ 366AC0E05EBF5D5C375F65CD8BC7F0DF ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:14:38.0955 12244 HidIr - ok
12:14:38.0971 12244 [ 75F4CCB7FF03603E91DD0C7FF83DAABF ] hidserv C:\WINDOWS\system32\hidserv.dll
12:14:38.0971 12244 hidserv - ok
12:14:38.0986 12244 [ 7CB54D02746024648FCE184FC3F941FF ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:14:39.0002 12244 HidUsb - ok
12:14:39.0002 12244 [ 459EC4290CF0D8269DB28FBFD6284C58 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:14:39.0018 12244 HomeGroupListener - ok
12:14:39.0018 12244 [ 24C900B7296AA9867FB761A5801AFBD1 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:14:39.0049 12244 HomeGroupProvider - ok
12:14:39.0049 12244 [ 835FB95D85D362057A72D21A48C2C7F8 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:14:39.0064 12244 HpSAMD - ok
12:14:39.0064 12244 [ 1BAAC22B54F149D26AFCD41446A1E2D1 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:14:39.0111 12244 HTTP - ok
12:14:39.0111 12244 [ AD930879F319969EB09449C015A32104 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
12:14:39.0127 12244 HvHost - ok
12:14:39.0127 12244 [ 9F2CFC90306532866C62BDCDFD2532AA ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
12:14:39.0143 12244 hvservice - ok
12:14:39.0174 12244 [ EF558A02D734A1403583E95CCEEC2487 ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
12:14:39.0174 12244 HWiNFO32 - ok
12:14:39.0174 12244 [ 3737FE486929AFC48F1D10677B698E52 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
12:14:39.0189 12244 HwNClx0101 - ok
12:14:39.0205 12244 [ 3C65EBF7F1BFD98426C355D66876ECEE ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:14:39.0205 12244 hwpolicy - ok
12:14:39.0221 12244 [ 7E00234C67A322988AFEA717D5609C9E ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:14:39.0236 12244 hyperkbd - ok
12:14:39.0236 12244 [ FBF5BB641DE99AE1DF4835E88D4F8993 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
12:14:39.0252 12244 HyperVideo - ok
12:14:39.0252 12244 [ 56FF074E50F9042FD2856AB3418F4B18 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:14:39.0268 12244 i8042prt - ok
12:14:39.0268 12244 [ B5EC43755E62591197DE5CBBDAA9FEB7 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
12:14:39.0283 12244 iagpio - ok
12:14:39.0299 12244 [ D8CA23F9C5FEF44296FDE1E005C06EC0 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
12:14:39.0314 12244 iai2c - ok
12:14:39.0314 12244 [ 7B769C9D19C013F94874C4B15D59A005 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
12:14:39.0330 12244 iaLPSS2i_GPIO2 - ok
12:14:39.0330 12244 [ E0F1B3A2A70FABE3BE1C9140BB55E607 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
12:14:39.0346 12244 iaLPSS2i_GPIO2_BXT_P - ok
12:14:39.0346 12244 [ 89A869BCC0588A3009ECB875B09ECD39 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:14:39.0377 12244 iaLPSS2i_I2C - ok
12:14:39.0377 12244 [ 2E693DF3C02A0859DB8DE25772751100 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
12:14:39.0393 12244 iaLPSS2i_I2C_BXT_P - ok
12:14:39.0393 12244 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:14:39.0408 12244 iaLPSSi_GPIO - ok
12:14:39.0408 12244 [ EB82A11613326691508D9ED9A4FE29E7 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:14:39.0424 12244 iaLPSSi_I2C - ok
12:14:39.0424 12244 [ 0C03EA90CAB8B82FBF6F043E412646AE ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
12:14:39.0471 12244 iaStorA - ok
12:14:39.0471 12244 [ 435883A27A376B125BD4DF888417C85F ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:14:39.0502 12244 iaStorAV - ok
12:14:39.0518 12244 [ 7118E4390C4ACDE61E280CE52BCAF44E ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:14:39.0533 12244 iaStorV - ok
12:14:39.0549 12244 [ 9DBE8C359ABACE1BE1BBAB687D114506 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
12:14:39.0564 12244 ibbus - ok
12:14:39.0564 12244 [ 64DA0E20006EE4AA7A45F146B0792676 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
12:14:39.0580 12244 icssvc - ok
12:14:39.0596 12244 [ 72AB18B50053FA57B08FD4065C11B16B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:14:39.0627 12244 IKEEXT - ok
12:14:39.0627 12244 [ 42CAF6216A6E516DC56BA319ACC7EEC5 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
12:14:39.0643 12244 IndirectKmd - ok
12:14:39.0658 12244 [ 02D6C68057FDED7E08FD3CAEE564B6C8 ] InstallService C:\WINDOWS\system32\InstallService.dll
12:14:39.0689 12244 InstallService - ok
12:14:39.0752 12244 [ 3481B5AE505F374A91F241ACE953B24C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:14:39.0893 12244 IntcAzAudAddService - ok
12:14:39.0893 12244 [ B63CF22D1AD2ABDC39D85851B2BEAA6D ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:14:39.0924 12244 Intel(R) Capability Licensing Service TCP IP Interface - ok
12:14:39.0924 12244 Suspicious service (Hidden): Intel(R) Security Assist
12:14:39.0924 12244 Intel(R) Security Assist ( HiddenService.Multi.Generic ) - warning
12:14:39.0924 12244 Intel(R) Security Assist - detected HiddenService.Multi.Generic (1)
12:14:39.0924 12244 [ 40943C1CD031ACE06A8374AD56B9E5EA ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:14:39.0940 12244 intelide - ok
12:14:39.0940 12244 [ 327D9CCF5492543AEF3979F9EEAD02BE ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:14:39.0955 12244 intelpep - ok
12:14:39.0971 12244 [ 10F2757836F41BFAEA2AE19F6FE869B2 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:14:39.0986 12244 intelppm - ok
12:14:39.0986 12244 [ 8387E90B551B9B7F32EDC69909591E9E ] invdimm C:\WINDOWS\System32\drivers\invdimm.sys
12:14:40.0002 12244 invdimm - ok
12:14:40.0002 12244 [ E207078E0E1BB3524277DB9077E4148E ] iorate C:\WINDOWS\system32\drivers\iorate.sys
12:14:40.0018 12244 iorate - ok
12:14:40.0018 12244 [ FD8F64B7B345E539F2EA7F72846F83B4 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:14:40.0033 12244 IpFilterDriver - ok
12:14:40.0049 12244 [ 0076CE11539416052A7A79B2DCC53E6D ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:14:40.0065 12244 iphlpsvc - ok
12:14:40.0080 12244 [ 8AAB863E72A4F9C578FED2EE3541545B ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:14:40.0096 12244 IPMIDRV - ok
12:14:40.0096 12244 [ 7BEC2AF23F586EFF0DB4DBF4331B0C70 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:14:40.0111 12244 IPNAT - ok
12:14:40.0111 12244 [ 35A54F19E703D4FE5919F812F6CC5D0A ] IPT C:\WINDOWS\System32\drivers\ipt.sys
12:14:40.0127 12244 IPT - ok
12:14:40.0143 12244 [ F6C47021C41F721B628161B64D7DECB9 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
12:14:40.0143 12244 IpxlatCfgSvc - ok
12:14:40.0158 12244 [ 359CDDBC825959DA28FA886B3C271B53 ] irda C:\WINDOWS\system32\drivers\irda.sys
12:14:40.0174 12244 irda - ok
12:14:40.0174 12244 [ F88664A2A82DDA456180FFF95A771765 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:14:40.0190 12244 IRENUM - ok
12:14:40.0190 12244 [ 4F500A0171606B0E37964694140FCA16 ] irmon C:\WINDOWS\System32\irmon.dll
12:14:40.0205 12244 irmon - ok
12:14:40.0205 12244 Suspicious service (Hidden): isaHelperSvc
12:14:40.0205 12244 isaHelperSvc ( HiddenService.Multi.Generic ) - warning
12:14:40.0205 12244 isaHelperSvc - detected HiddenService.Multi.Generic (1)
12:14:40.0205 12244 [ 2296B158C43C306B0AC5B4D57EA9F0E1 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:14:40.0221 12244 isapnp - ok
12:14:40.0221 12244 [ 6196E4C95284C1C62F6FD55A1F433B1B ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:14:40.0252 12244 iScsiPrt - ok
12:14:40.0252 12244 IUFileFilter - ok
12:14:40.0252 12244 [ 038CDE75D1D81B157C133EFC3471F939 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:14:40.0268 12244 jhi_service - ok
12:14:40.0268 12244 [ E320F986BBE0CD9324EA0A193EBF29B1 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:14:40.0283 12244 kbdclass - ok
12:14:40.0283 12244 [ AFF5DDCC1A79217C9526FF5E01A69E89 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:14:40.0299 12244 kbdhid - ok
12:14:40.0299 12244 [ 916E62AF3386F7A74603E5C545F6FF2D ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
12:14:40.0315 12244 kdnic - ok
12:14:40.0330 12244 [ 94E06D509D50807774F35BEE3163E806 ] KeyIso C:\WINDOWS\system32\lsass.exe
12:14:40.0330 12244 KeyIso - ok
12:14:40.0330 12244 [ 69FA8BEBADF807089FEFCD3F59CFAC1E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:14:40.0346 12244 KSecDD - ok
12:14:40.0361 12244 [ C1081E2B36F77781167FD9401119B98E ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:14:40.0377 12244 KSecPkg - ok
12:14:40.0377 12244 [ DD8C4726127CFE313233372D70787C37 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:14:40.0393 12244 ksthunk - ok
12:14:40.0393 12244 [ 6EAF246BC12DB548AC65A4CEFB14B547 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:14:40.0408 12244 KtmRm - ok
12:14:40.0424 12244 [ E154D11E1EDAD53DF6A2204F3A604F28 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:14:40.0440 12244 LanmanServer - ok
12:14:40.0440 12244 [ DBB81AAC130C4CAAB87E519467846A06 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:14:40.0455 12244 LanmanWorkstation - ok
12:14:40.0471 12244 [ D81931EF9914A135F9ECF409DC826266 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
12:14:40.0471 12244 lfsvc - ok
12:14:40.0486 12244 [ F180F46B88044C6F6D3C313A799E5857 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
12:14:40.0486 12244 LicenseManager - ok
12:14:40.0502 12244 [ 2A981DE0BB7663850C418271627D3039 ] LifeCamTrueColor C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys
12:14:40.0502 12244 LifeCamTrueColor - ok
12:14:40.0502 12244 [ CB5A6E117502156794F0DA9E61506006 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
12:14:40.0518 12244 lltdio - ok
12:14:40.0533 12244 [ 48199253D7F6119F88294F8845F0808D ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:14:40.0549 12244 lltdsvc - ok
12:14:40.0549 12244 [ DCF6F1AA7A51CC08FED089363F83316E ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:14:40.0565 12244 lmhosts - ok
12:14:40.0565 12244 [ 57AD6DFAB9C84BAAF008F57DFE2335EA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:14:40.0580 12244 LMS - ok
12:14:40.0580 12244 [ 20048BEE892138A745B1C23EBB0E069F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:14:40.0596 12244 LSI_SAS - ok
12:14:40.0611 12244 [ 9EAB16572B576979D585DDEDB12417CD ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:14:40.0611 12244 LSI_SAS2i - ok
12:14:40.0627 12244 [ 3B7B359C0870317106DF3438D4FF491D ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:14:40.0643 12244 LSI_SAS3i - ok
12:14:40.0643 12244 [ 2DE03BA338A4B0ACDB416A30F1C7D56F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:14:40.0658 12244 LSI_SSS - ok
12:14:40.0658 12244 [ A4ADC59A58724CDA67A7AB93457EEE43 ] LSM C:\WINDOWS\System32\lsm.dll
12:14:40.0690 12244 LSM - ok
12:14:40.0690 12244 [ 9A497169E145FCE2D8AA7DBC67377F64 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:14:40.0705 12244 luafv - ok
12:14:40.0705 12244 [ 3520DE00ABC5EFF0DBAFD41129AD970F ] MapsBroker C:\WINDOWS\System32\moshost.dll
12:14:40.0721 12244 MapsBroker - ok
12:14:40.0721 12244 [ BF56CB9D02DEE8CA9CBA50220BE16F15 ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
12:14:40.0752 12244 mausbhost - ok
12:14:40.0752 12244 [ 01BDEE1FFF6D2216797DFEE4ABD937D9 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
12:14:40.0768 12244 mausbip - ok
12:14:40.0830 12244 [ 734B435E1693386213EEFD4D17A70DEB ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
12:14:40.0940 12244 MBAMService - ok
12:14:40.0955 12244 [ B047B9CE5A0D800E6D713B43D0405221 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
12:14:40.0955 12244 MBAMSwissArmy - ok
12:14:40.0971 12244 [ C7B8B5053D646CBD30BE1BA6B487D396 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:14:40.0971 12244 megasas - ok
12:14:40.0987 12244 [ EB8ED3204499DDB2D3BA094A4563EE3E ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
12:14:41.0002 12244 megasas2i - ok
12:14:41.0010 12244 [ F1C1D4E752DE1D58295040E5BE8813AF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:14:41.0039 12244 megasr - ok
12:14:41.0044 12244 [ F1E754DEEB3369BCCE2228D5C10DE101 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
12:14:41.0066 12244 MEIx64 - ok
12:14:41.0069 12244 [ 4965456A1B4B3039E4B9AB233F5E9B1E ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:14:41.0082 12244 MessagingService - ok
12:14:41.0093 12244 [ 16B078D1089FEA98710C9D07C152DCEE ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:14:41.0121 12244 mlx4_bus - ok
12:14:41.0124 12244 [ 20C57CE47B1A877C48A4B68E9A4E21FA ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
12:14:41.0140 12244 MMCSS - ok
12:14:41.0143 12244 [ A4467A5C080318F0CCCF5ED463821F8B ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:14:41.0152 12244 Modem - ok
12:14:41.0152 12244 [ 78BE85C1F1C7F3AF6C87BCE127007D5A ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:14:41.0168 12244 monitor - ok
12:14:41.0168 12244 [ 8E262B34A8BD184B4B3025AA8C396B00 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:14:41.0183 12244 mouclass - ok
12:14:41.0199 12244 [ C094A555F148495EA130D3BBC5232D5E ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:14:41.0215 12244 mouhid - ok
12:14:41.0215 12244 [ 6434BC884502E95EEA2379C92DD22B60 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:14:41.0230 12244 mountmgr - ok
12:14:41.0230 12244 [ F36E4074C66DD31855A8D79EF0AE8066 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:14:41.0246 12244 mpsdrv - ok
12:14:41.0262 12244 [ E7CA9FE86A488786979F46DC3CE2DA6E ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:14:41.0277 12244 MpsSvc - ok
12:14:41.0293 12244 [ 215D672CB71987CD98EB2298EFB84DDC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:14:41.0308 12244 MRxDAV - ok
12:14:41.0320 12244 [ 71729B1EE949E1B092CB5CB75CC63715 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:14:41.0344 12244 mrxsmb - ok
12:14:41.0349 12244 [ 87FF93E7420C9068C0D5B2F3109809F4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:14:41.0366 12244 mrxsmb20 - ok
12:14:41.0371 12244 [ 167408B38458ECAE545C57527BC99024 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
12:14:41.0392 12244 MsBridge - ok
12:14:41.0396 12244 [ D5778559A0F34EE0BF0457293C6B5F4F ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:14:41.0411 12244 MSDTC - ok
12:14:41.0417 12244 [ AE111778CA6AC08862B3C713F0413333 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:14:41.0432 12244 Msfs - ok
12:14:41.0435 12244 [ 6DDDFCAB646BBBCFC583135C4430E10F ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:14:41.0449 12244 msgpiowin32 - ok
12:14:41.0452 12244 [ 01C6A86BEA8279E557A5056148F068BF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:14:41.0468 12244 mshidkmdf - ok
12:14:41.0471 12244 [ F65ABC7DE945047147F17330F79732CB ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:14:41.0487 12244 mshidumdf - ok
12:14:41.0490 12244 [ 05B23012427801E710BDD12720B9020B ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:14:41.0502 12244 msisadrv - ok
12:14:41.0506 12244 [ 21B88DF67507BD4DFF8A5487074BB31F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:14:41.0523 12244 MSiSCSI - ok
12:14:41.0526 12244 msiserver - ok
12:14:41.0528 12244 [ 021C34C1968B78ACFBF30553EE78A1D3 ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
12:14:41.0546 12244 MSKSSRV - ok
12:14:41.0549 12244 [ C3F5EA6B9041A30B4F11BE2E7863E487 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
12:14:41.0565 12244 MsLldp - ok
12:14:41.0568 12244 [ 601D666820F0408B896791D19BE6D258 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
12:14:41.0583 12244 MSPCLOCK - ok
12:14:41.0586 12244 [ 46E61FBA0097E48E5628C74A3F72233A ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
12:14:41.0603 12244 MSPQM - ok
12:14:41.0609 12244 [ 4EB9B77179BDEE89C496E60D4BF85CC1 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:14:41.0631 12244 MsRPC - ok
12:14:41.0638 12244 [ 29DC5DFDF305E73A40AB13D102736EEA ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
12:14:41.0659 12244 MsSecFlt - ok
12:14:41.0662 12244 [ CBD56E0B55FB3672BA80382EC2F8835C ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:14:41.0674 12244 mssmbios - ok
12:14:41.0676 12244 [ 5734B2A36D3BB13A638E5305EEEC582D ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
12:14:41.0693 12244 MSTEE - ok
12:14:41.0696 12244 [ 85270E0DC6907C6B99F72A36F17AED34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:14:41.0711 12244 MTConfig - ok
12:14:41.0714 12244 [ DB5B1539F5EBB3DD3A7ED25ADBC4D6D9 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:14:41.0731 12244 Mup - ok
12:14:41.0734 12244 [ 3C57FF3BCF496D24C39C2198158864BB ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:14:41.0747 12244 mvumis - ok
12:14:41.0757 12244 [ 8A9CD53B0FBE679116638120CCBB201E ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:14:41.0786 12244 NativeWifiP - ok
12:14:41.0796 12244 [ 4C2C3D884BDE7A4EBC0D838ABACC4C86 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
12:14:41.0823 12244 NaturalAuthentication - ok
12:14:41.0827 12244 [ FBA9F5B9F59A665F248F70B905EDCE14 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:14:41.0845 12244 NcaSvc - ok
12:14:41.0851 12244 [ 1A75CBB2C8161676CEA17E6FFE441FE7 ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:14:41.0869 12244 NcbService - ok
12:14:41.0872 12244 [ 3C7E074AE41D8DFB41A9E65904D8BF43 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:14:41.0889 12244 NcdAutoSetup - ok
12:14:41.0893 12244 [ 77B047B109CE758A017F58FAE5038D0D ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
12:14:41.0903 12244 ndfltr - ok
12:14:41.0917 12244 [ EC74F146BCA0586DF835027D56B6A68D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:14:41.0968 12244 NDIS - ok
12:14:41.0972 12244 [ 067AE5BA349CC35AF8975D22DC483DDF ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
12:14:41.0988 12244 NdisCap - ok
12:14:41.0991 12244 [ 6FC4D7EB5D38CFB7966405036116F065 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:14:42.0010 12244 NdisImPlatform - ok
12:14:42.0013 12244 [ ED7CC4E16B76B2603C9F827188EA63B4 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:14:42.0030 12244 NdisTapi - ok
12:14:42.0033 12244 [ 8D977AFC195A3F4B15B05D02B2BD0292 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
12:14:42.0050 12244 Ndisuio - ok
12:14:42.0053 12244 [ DC1D26D62F40B7552BCF49D92774F0C5 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:14:42.0069 12244 NdisVirtualBus - ok
12:14:42.0074 12244 [ 66F56AC744101DB870934D0EB31C2426 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
12:14:42.0096 12244 NdisWan - ok
12:14:42.0100 12244 [ 66F56AC744101DB870934D0EB31C2426 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:14:42.0122 12244 ndiswanlegacy - ok
12:14:42.0125 12244 [ 8ABF5B8D5839F8DAE2E0D3165AE732F6 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:14:42.0140 12244 ndproxy - ok
12:14:42.0144 12244 [ A791792DC412CCD83DA0AF6871682552 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:14:42.0163 12244 Ndu - ok
12:14:42.0167 12244 [ BE79982A50AC88BC0765F3AFECFCB596 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
12:14:42.0189 12244 NetAdapterCx - ok
12:14:42.0192 12244 [ E899D26A0C2555AC30ACDD526056E51F ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
12:14:42.0203 12244 NetBIOS - ok
12:14:42.0203 12244 [ 7FC54F2AF5EC52C7AC05AD90FFC757E6 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:14:42.0218 12244 NetBT - ok
12:14:42.0234 12244 [ 94E06D509D50807774F35BEE3163E806 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:14:42.0234 12244 Netlogon - ok
12:14:42.0249 12244 [ 94BC40F88309B0B7DFE68B2C2BB15EB6 ] Netman C:\WINDOWS\System32\netman.dll
12:14:42.0265 12244 Netman - ok
12:14:42.0265 12244 [ 79ED54CA41486399361778D533E55A99 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:14:42.0281 12244 netprofm - ok
12:14:42.0296 12244 [ B368E739AF3F577EA8D1B256F91036AD ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
12:14:42.0312 12244 NetSetupSvc - ok
12:14:42.0312 12244 [ 97FF2186BBAA215727300404862D297B ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:14:42.0328 12244 NetTcpPortSharing - ok
12:14:42.0328 12244 [ 680EB4AEA08EAC80C384E90E430DF16D ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
12:14:42.0359 12244 netvsc - ok
12:14:42.0367 12244 [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
12:14:42.0394 12244 NgcCtnrSvc - ok
12:14:42.0402 12244 [ A557C92583E81CA97D2C0F2467E7C2F9 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
12:14:42.0433 12244 NgcSvc - ok
12:14:42.0433 12244 [ 5152EC14CFC3470C6F2DC212DDBC27D9 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:14:42.0449 12244 NlaSvc - ok
12:14:42.0464 12244 [ F337ACAC7C85DE7A80AC2106C505FD13 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:14:42.0470 12244 Npfs - ok
12:14:42.0470 12244 npggsvc - ok
12:14:42.0486 12244 [ 5CB8082E51DE7D19042F0FF8C517CB0D ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:14:42.0501 12244 npsvctrig - ok
12:14:42.0501 12244 [ 3BA4E9585E9D7D7E6E68A18184DDDBF2 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:14:42.0517 12244 nsi - ok
12:14:42.0517 12244 [ 958921BB7AE2671983743FDA0DD587C4 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:14:42.0532 12244 nsiproxy - ok
12:14:42.0548 12244 [ B6FDEBE8F640E9173AD2BA3F9C014195 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
12:14:42.0645 12244 NTFS - ok
12:14:42.0648 12244 [ 0D1E03A5F87F4DE04D97622C686910A2 ] Null C:\WINDOWS\system32\drivers\Null.sys
12:14:42.0663 12244 Null - ok
12:14:42.0668 12244 [ 532F27A2B62D70C327E763F035AED6C1 ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
12:14:42.0686 12244 nvdimmn - ok
12:14:42.0692 12244 [ BF58D8D2DA50AF7A8E55567B7C73661A ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
12:14:42.0703 12244 NVHDA - ok
12:14:42.0848 12244 [ C18DE336EFB00CC23FE87ADED9A9AA92 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys
12:14:43.0188 12244 nvlddmkm - ok
12:14:43.0188 12244 [ 7E04652EB1A476BC0A72ECDC613AF0C5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:14:43.0204 12244 nvraid - ok
12:14:43.0204 12244 [ 880B3E874914DAEF97119876543AE117 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:14:43.0235 12244 nvstor - ok
12:14:43.0235 12244 [ 33486D139DB345A3D3245C4B57FDADC7 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:14:43.0235 12244 NvStreamKms - ok
12:14:43.0251 12244 [ 64473C7916BAF33FE73F1A44C559E672 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
12:14:43.0266 12244 NvTelemetryContainer - ok
12:14:43.0266 12244 [ 036A8C30C662397A2D882D9AFF99089F ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:14:43.0282 12244 nvvad_WaveExtensible - ok
12:14:43.0282 12244 [ 4F9006BFEF6FE05931D308C20E2B8D40 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
12:14:43.0282 12244 nvvhci - ok
12:14:43.0297 12244 [ 63FF50596D26ACA44886BF7A23994CD2 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
12:14:43.0313 12244 OneSyncSvc - ok
12:14:43.0313 12244 [ 58327B7E7C4E325C66B7C4A5220CE5F4 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:14:43.0329 12244 ose64 - ok
12:14:43.0329 12244 [ D1D1BEE82B816D6EB2F630969499BAF6 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:14:43.0344 12244 p2pimsvc - ok
12:14:43.0360 12244 [ 54161685F8B37EA1E91F9BAAFFC4422C ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:14:43.0376 12244 p2psvc - ok
12:14:43.0376 12244 [ 2E07EC2C1622F5E7B535D62DCD61F3AB ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:14:43.0391 12244 Parport - ok
12:14:43.0407 12244 [ 023DDF9DE429B2E6F0BADA72AA98EF8B ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:14:43.0422 12244 partmgr - ok
12:14:43.0422 12244 [ FE40324696AC7C7C00DC23BCD12C690B ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:14:43.0438 12244 PcaSvc - ok
12:14:43.0454 12244 [ D84CF338D5428EC31602DFB4ACEB7CDD ] pci C:\WINDOWS\system32\drivers\pci.sys
12:14:43.0469 12244 pci - ok
12:14:43.0469 12244 [ E5AF806815ED797086629741F29E4156 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:14:43.0485 12244 pciide - ok
12:14:43.0485 12244 [ 2A631D447B988AFBE847CBAA8E5CC298 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:14:43.0501 12244 pcmcia - ok
12:14:43.0516 12244 [ ACD510CF2B631A2D36B2CFB7D31E22FD ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:14:43.0516 12244 pcw - ok
12:14:43.0532 12244 [ 1796112EB89559910BC18865A29C8894 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:14:43.0532 12244 pdc - ok
12:14:43.0547 12244 [ F21127EDE5D72090A1B029AFF4AFFD17 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:14:43.0579 12244 PEAUTH - ok
12:14:43.0594 12244 [ 68654987BAEFA25B1697D9B0954ACD75 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
12:14:43.0641 12244 PeerDistSvc - ok
12:14:43.0641 12244 [ 35FD028E4323018202C0B7D115FD3AEF ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
12:14:43.0657 12244 percsas2i - ok
12:14:43.0657 12244 [ F9F3D8BE9BC9241CC726197261362AC4 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
12:14:43.0672 12244 percsas3i - ok
12:14:43.0704 12244 [ EA780FAE0D6796D56D0CAF39360BF7C0 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:14:43.0719 12244 PerfHost - ok
12:14:43.0735 12244 [ D21A31B2BC191432269FFDD6D3753061 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
12:14:43.0766 12244 PhoneSvc - ok
12:14:43.0766 12244 [ D59CD92CE3784678C09B8DF518A8E1A6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:14:43.0782 12244 PimIndexMaintenanceSvc - ok
12:14:43.0797 12244 [ 73B5A132EBF3A8075A7C68DFBB4DE719 ] pla C:\WINDOWS\system32\pla.dll
12:14:43.0829 12244 pla - ok
12:14:43.0844 12244 [ 64A80A746FC460126FA4124AA2D93848 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:14:43.0860 12244 PlugPlay - ok
12:14:43.0860 12244 [ 36D43EA5517F3F4AAAC8EE061C957EF1 ] pmem C:\WINDOWS\System32\drivers\pmem.sys
12:14:43.0876 12244 pmem - ok
12:14:43.0876 12244 [ 59048555B59FD69287CFAB6022B5CC86 ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
12:14:43.0891 12244 PNPMEM - ok
12:14:43.0891 12244 [ 7815D5EEE3624640150B1365EB2E98C5 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:14:43.0907 12244 PNRPAutoReg - ok
12:14:43.0907 12244 [ D1D1BEE82B816D6EB2F630969499BAF6 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:14:43.0923 12244 PNRPsvc - ok
12:14:43.0938 12244 [ 2842E59E2A5281D1A9ABD939E9E35721 ] Point64 C:\WINDOWS\System32\drivers\point64.sys
12:14:43.0938 12244 Point64 - ok
12:14:43.0954 12244 [ E1BCA08929D806A087D90BC11C6020E8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:14:43.0969 12244 PolicyAgent - ok
12:14:43.0969 12244 [ A3CCFB8A5BD48F56EF2ACB4A427A1AC7 ] Power C:\WINDOWS\system32\umpo.dll
12:14:43.0985 12244 Power - ok
12:14:44.0001 12244 [ AACA74DEF7BE3DED322411787494878B ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
12:14:44.0016 12244 PptpMiniport - ok
12:14:44.0048 12244 [ 7CD1D9EE59F49FBD3E72876F19038BE0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:14:44.0110 12244 PrintNotify - ok
12:14:44.0110 12244 [ 8803D4F36F1CB2E2203F5EB59571E89C ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
12:14:44.0126 12244 PrintWorkflowUserSvc - ok
12:14:44.0126 12244 [ B1111C47F128C946BDC87A18E44007EB ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:14:44.0141 12244 Processor - ok
12:14:44.0157 12244 [ A2CA8830BF77FAB39D6E5C45A404FB78 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:14:44.0173 12244 ProfSvc - ok
12:14:44.0173 12244 [ 5818FE76C3C6AE0CA723EBE483BF447F ] Psched C:\WINDOWS\system32\drivers\pacer.sys
12:14:44.0188 12244 Psched - ok
12:14:44.0204 12244 [ FC1CEF0CC00E2C405ABFEF07B8CD1375 ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
12:14:44.0219 12244 PushToInstall - ok
12:14:44.0219 12244 [ 034BA34ADFA10F9D7E4989273DDABA33 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:14:44.0235 12244 QWAVE - ok
12:14:44.0251 12244 [ 16F9A6B593B52EB18F7ECB9D251BDF7A ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:14:44.0266 12244 QWAVEdrv - ok
12:14:44.0266 12244 [ 13600C467512147E99052806F2C1307A ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
12:14:44.0282 12244 Ramdisk - ok
12:14:44.0282 12244 [ F57D1DE0C9522BCD590A69D044641B5A ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:14:44.0298 12244 RasAcd - ok
12:14:44.0298 12244 [ ED0EE10911C16AD8B21B9003C90E968F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
12:14:44.0313 12244 RasAgileVpn - ok
12:14:44.0329 12244 [ 54D8A771A5C32C293288E64ABE07FE50 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:14:44.0329 12244 RasAuto - ok
12:14:44.0344 12244 [ E0220BB6580D34001D4D1D133052DAA4 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
12:14:44.0360 12244 Rasl2tp - ok
12:14:44.0376 12244 [ DDC95170F61986C1226FC575D404298B ] RasMan C:\WINDOWS\System32\rasmans.dll
12:14:44.0391 12244 RasMan - ok
12:14:44.0391 12244 [ 12EE1D92F4E5FAE4B6F65195A2016CE5 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:14:44.0423 12244 RasPppoe - ok
12:14:44.0423 12244 [ 91CE469015979E5B3C3DBC2C41A476E8 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
12:14:44.0438 12244 RasSstp - ok
12:14:44.0438 12244 [ 4525664EFB5EB71D4B155405F78D93DB ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:14:44.0469 12244 rdbss - ok
12:14:44.0469 12244 [ 8A5285B38A203D15110E142DE68406DD ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:14:44.0485 12244 rdpbus - ok
12:14:44.0485 12244 [ DF83769C92527DB50653F8FB57D001FF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:14:44.0516 12244 RDPDR - ok
12:14:44.0516 12244 [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:14:44.0532 12244 RdpVideoMiniport - ok
12:14:44.0532 12244 [ 12AF835862F2B6B2FB9DEA8BA2288587 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:14:44.0548 12244 rdyboost - ok
12:14:44.0563 12244 [ FB0577F6BC9E07549CEACF5224327499 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:14:44.0641 12244 ReFS - ok
12:14:44.0641 12244 [ 4136BCA61BCDCC79DCE145F9CB639CD6 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
12:14:44.0688 12244 ReFSv1 - ok
12:14:44.0688 12244 [ 16884710EB4898CB49B18609EEE34C6C ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:14:44.0719 12244 RemoteAccess - ok
12:14:44.0719 12244 [ 9D82CD53B622A85A10B4DA8F4724A8E4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:14:44.0735 12244 RemoteRegistry - ok
12:14:44.0751 12244 [ 24C716C6A5AA3BEC3180BB15050C75C5 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
12:14:44.0782 12244 RetailDemo - ok
12:14:44.0782 12244 [ BBC228CA2F96B784B01FE7F1C5E3CFBB ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
12:14:44.0798 12244 rhproxy - ok
12:14:44.0798 12244 [ 665A51DE515A2E8B0BDB3D6917D47DD9 ] RmSvc C:\WINDOWS\System32\RMapi.dll
12:14:44.0813 12244 RmSvc - ok
12:14:44.0829 12244 [ D0F6698E56F0157EA72F2D754C6FD555 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:14:44.0844 12244 RpcEptMapper - ok
12:14:44.0844 12244 [ EB65907BD63871669C54D5E5BAE4DD34 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:14:44.0860 12244 RpcLocator - ok
12:14:44.0860 12244 [ 79BDBB684629A526CCD958F06B9D6FAD ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:14:44.0891 12244 RpcSs - ok
12:14:44.0907 12244 [ 27B80E5766B114621980F82FB78E912A ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
12:14:44.0923 12244 rspndr - ok
12:14:44.0938 12244 [ 36F26C719EA3DCF78323EA247630023F ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
12:14:44.0969 12244 rt640x64 - ok
12:14:44.0969 12244 [ F0FA6B67B16EEFDEF8E8AFAD47A4F9B8 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:14:44.0985 12244 s3cap - ok
12:14:44.0985 12244 [ 94E06D509D50807774F35BEE3163E806 ] SamSs C:\WINDOWS\system32\lsass.exe
12:14:45.0001 12244 SamSs - ok
12:14:45.0001 12244 [ 324FA3C337EB54B43448F7B08444DC8D ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:14:45.0016 12244 sbp2port - ok
12:14:45.0016 12244 [ 93B12AC7CEAF6BA742DC13AEA349217A ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:14:45.0032 12244 SCardSvr - ok
12:14:45.0048 12244 [ 5CB8816960FE5C608F75607F34530BBB ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:14:45.0063 12244 ScDeviceEnum - ok
12:14:45.0063 12244 [ 62A33CE69DB508BCEC63F4D3BFF400CE ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:14:45.0079 12244 scfilter - ok
12:14:45.0095 12244 [ 76848A868A61D84F7CA3A06D5EF5E0AC ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:14:45.0110 12244 Schedule - ok
12:14:45.0110 12244 [ 7B057373146CC4E5A1F1DA665EA55DC7 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
12:14:45.0126 12244 scmbus - ok
12:14:45.0141 12244 [ 200A5398C0E7E78DBDF6C0D9E811F366 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:14:45.0141 12244 SCPolicySvc - ok
12:14:45.0157 12244 [ 0FB6CCFA52FE5AD0B8D86E8AB370EF34 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:14:45.0173 12244 sdbus - ok
12:14:45.0173 12244 [ 6D3853838864886B4F10B074282772E0 ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
12:14:45.0188 12244 SDFRd - ok
12:14:45.0188 12244 [ 368180051766E4289E3D47AF21F2668C ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
12:14:45.0204 12244 SDRSVC - ok
12:14:45.0220 12244 [ E1BD2DCF2018C36E301F67CCB856DB32 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:14:45.0220 12244 sdstor - ok
12:14:45.0235 12244 [ 0356C85312D78F4C7F33C74B6000BB93 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:14:45.0251 12244 seclogon - ok
12:14:45.0251 12244 [ ED53E86AB7138866EDBEE605965D2CC6 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
12:14:45.0266 12244 SecurityHealthService - ok
12:14:45.0282 12244 [ A8A23102301BCB047B269C59167D4B8F ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
12:14:45.0313 12244 SEMgrSvc - ok
12:14:45.0329 12244 [ 62EDAD383010E037C4D3846C7C021A00 ] SENS C:\WINDOWS\System32\sens.dll
12:14:45.0345 12244 SENS - ok
12:14:45.0345 12244 Sense - ok
12:14:45.0360 12244 [ DDBBE9A08C79D3BB50D6053507F7777D ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
12:14:45.0391 12244 SensorDataService - ok
12:14:45.0407 12244 [ F5FF526CCA513387A919B04BAB53E1E9 ] SensorService C:\WINDOWS\system32\SensorService.dll
12:14:45.0423 12244 SensorService - ok
12:14:45.0438 12244 [ 25B028799D43FE6324CC9E79B31E6ACD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:14:45.0454 12244 SensrSvc - ok
12:14:45.0454 12244 [ 75A27472AFD009255DBDE52038E3BDB5 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:14:45.0470 12244 SerCx - ok
12:14:45.0470 12244 [ 84005F54308109A022413D628E966412 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:14:45.0485 12244 SerCx2 - ok
12:14:45.0501 12244 [ 40384793F74CFFA45BCC38DF65E978EC ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:14:45.0516 12244 Serenum - ok
12:14:45.0516 12244 [ 699470AD24D67908991A777716A352FD ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:14:45.0532 12244 Serial - ok
12:14:45.0532 12244 [ 92453F065F52A8EF0328A926B2C9502F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:14:45.0548 12244 sermouse - ok
12:14:45.0563 12244 [ 8958262EA3A871D45B14B7BA00F795C1 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:14:45.0579 12244 SessionEnv - ok
12:14:45.0579 12244 [ 1D8920C40F19B5FBA5F4897779840AD1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:14:45.0595 12244 sfloppy - ok
12:14:45.0595 12244 [ F74C32575862D3F32B21A1A52E7763CA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:14:45.0626 12244 SharedAccess - ok
12:14:45.0626 12244 [ 63377493508564288721EF5421A216F5 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
12:14:45.0657 12244 SharedRealitySvc - ok
12:14:45.0657 12244 [ 887458A234108B5B69038299BE7FAD88 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:14:45.0688 12244 ShellHWDetection - ok
12:14:45.0688 12244 [ 5ED18BE9FE76540A0596BB41C91719C6 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
12:14:45.0704 12244 shpamsvc - ok
12:14:45.0704 12244 [ A871F9CC9CF388DC7193D22EF8D8C8DF ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:14:45.0720 12244 SiSRaid2 - ok
12:14:45.0720 12244 [ D30FC341550CC364880950152AE8B1C5 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:14:45.0735 12244 SiSRaid4 - ok
12:14:45.0735 12244 [ 9CA6E573757C76A515EFD6DD795A3A1E ] smphost C:\WINDOWS\System32\smphost.dll
12:14:45.0751 12244 smphost - ok
12:14:45.0766 12244 [ 1A1AB4F96BEFC19FBF00B527A76490E0 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
12:14:45.0782 12244 SmsRouter - ok
12:14:45.0782 12244 [ FDADDEC855034107E5FAD708B4E2424D ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:14:45.0813 12244 SNMPTRAP - ok
12:14:45.0813 12244 [ B2ABF0F8A49752B5CD9DEE2EADF7416A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:14:45.0845 12244 spaceport - ok
12:14:45.0845 12244 [ CCECE7E96B4F7B0E9F0FC82F6DADA917 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
12:14:45.0860 12244 SpatialGraphFilter - ok
12:14:45.0860 12244 [ 545507AF670BC88B89200A118513ED9A ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:14:45.0876 12244 SpbCx - ok
12:14:45.0891 12244 [ D9D1757C092D2944DB8701414286503E ] spectrum C:\WINDOWS\system32\spectrum.exe
12:14:45.0923 12244 spectrum - ok
12:14:45.0938 12244 [ 2FB3D1A674C3A2A389EBCAFC26213DDC ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:14:45.0954 12244 Spooler - ok
12:14:46.0001 12244 [ CED434DA6E043B450141932D974FF8C1 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:14:46.0110 12244 sppsvc - ok
12:14:46.0110 12244 [ 485BABF47A46EB298AB11E447B0D800C ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:14:46.0141 12244 srv - ok
12:14:46.0141 12244 [ 41181D890542EB0E8D9822F73F9FD5D7 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:14:46.0188 12244 srv2 - ok
12:14:46.0188 12244 [ 43480B3EE4D23F5AA8EE7C6D83B09487 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:14:46.0204 12244 srvnet - ok
12:14:46.0220 12244 [ 5319E85C030CDB3E779D774FEEFF4842 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:14:46.0235 12244 SSDPSRV - ok
12:14:46.0235 12244 [ 3BEF5FAC7F3DA3E25B80CC41B5060616 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:14:46.0251 12244 SstpSvc - ok
12:14:46.0266 12244 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:14:46.0282 12244 ssudmdm - ok
12:14:46.0313 12244 [ 0A86D5AF20A4EF70F7DE0FC9B6DE4D0E ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:14:46.0423 12244 StateRepository - ok
12:14:46.0501 12244 [ 422B6D6EE20E15857A970C7A036C3AC0 ] STCServ C:\Program Files\Intel\STCServ\STCServ.exe
12:14:46.0688 12244 STCServ - ok
12:14:46.0688 12244 [ 162A805E13B3C0DD06AE8B6FC1900156 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:14:46.0704 12244 stexstor - ok
12:14:46.0704 12244 [ A10A6FC3F643F82777345ADDC182799A ] sthid C:\WINDOWS\System32\drivers\sthid.sys
12:14:46.0720 12244 sthid - ok
12:14:46.0720 12244 [ 3B3F5D6BB8A6A6F3630194A471989069 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:14:46.0751 12244 stisvc - ok
12:14:46.0751 12244 [ DD1F00B80DDD12252B7B228ABCE181A9 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:14:46.0767 12244 storahci - ok
12:14:46.0767 12244 [ A12CFAAA0F113A25D8CEFE58B1CBB207 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
12:14:46.0782 12244 storflt - ok
12:14:46.0782 12244 [ B6F8D1FA73F6E102AEA60D2BBD1DDF78 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:14:46.0798 12244 stornvme - ok
12:14:46.0813 12244 [ 57377953F5688158054BC8CB5A243115 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
12:14:46.0829 12244 storqosflt - ok
12:14:46.0829 12244 [ 8BACD30E694640FEA160E76E029AF1F4 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:14:46.0876 12244 StorSvc - ok
12:14:46.0876 12244 [ B59D29E535AF7E82717C2AD2C57EEC67 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
12:14:46.0892 12244 storufs - ok
12:14:46.0892 12244 [ 9B431079624306B5659B3B7208A71C75 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:14:46.0907 12244 storvsc - ok
12:14:46.0907 12244 [ 587854AF01CABE83A62D81FFEEBCD6AA ] svsvc C:\WINDOWS\system32\svsvc.dll
12:14:46.0923 12244 svsvc - ok
12:14:46.0923 12244 [ 027B27E4B9DB3931D64159B81BD915A0 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:14:46.0938 12244 swenum - ok
12:14:46.0938 12244 [ E0915F9B3C154FEF700C34A8E613B945 ] swprv C:\WINDOWS\System32\swprv.dll
12:14:46.0970 12244 swprv - ok
12:14:46.0970 12244 [ AB15F9FDCD11D5283891BC956E8C5C95 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
12:14:46.0985 12244 Synth3dVsc - ok
12:14:47.0001 12244 [ 53104F65EE07B654D59724C616BCE1E3 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:14:47.0032 12244 SysMain - ok
12:14:47.0032 12244 [ 0839E5F9192B050F3B220562FF2C10AF ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:14:47.0063 12244 SystemEventsBroker - ok
12:14:47.0063 12244 [ 73F6476EE9F5448838B2883E0B710CD7 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:14:47.0079 12244 TabletInputService - ok
12:14:47.0079 12244 [ AC1AA61B04116E540C5AFD18F11F2697 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:14:47.0110 12244 TapiSrv - ok
12:14:47.0126 12244 [ CEB50240703E69F552116C7E9F0E0910 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:14:47.0220 12244 Tcpip - ok
12:14:47.0251 12244 [ CEB50240703E69F552116C7E9F0E0910 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
12:14:47.0329 12244 Tcpip6 - ok
12:14:47.0345 12244 [ 74A1BF4093FA7B7D6C9366A39911A78E ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:14:47.0360 12244 tcpipreg - ok
12:14:47.0360 12244 [ 571D82ABAC428D902ACA0CF60373C039 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:14:47.0376 12244 tdx - ok
12:14:47.0470 12244 [ 250B2B5807E2B0642A3E665F692F1811 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
12:14:47.0689 12244 TeamViewer - ok
12:14:47.0689 12244 [ B4B68E1DB59456419D9E49645729502A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:14:47.0704 12244 terminpt - ok
12:14:47.0720 12244 [ 96037700AEE1B4D5A6FFC62861E4FF8C ] TermService C:\WINDOWS\System32\termsrv.dll
12:14:47.0751 12244 TermService - ok
12:14:47.0751 12244 [ E0F78207F33D6C10CBFB23E873837C87 ] Themes C:\WINDOWS\system32\themeservice.dll
12:14:47.0767 12244 Themes - ok
12:14:47.0782 12244 [ B52BA61AB8E4BAA83EA86BAB312EE6ED ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:14:47.0798 12244 TieringEngineService - ok
12:14:47.0814 12244 [ BC834B233125DBB321B809972F2E270E ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
12:14:47.0829 12244 tiledatamodelsvc - ok
12:14:47.0829 12244 [ 9B3AA589825CF90E187DF432D806A316 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
12:14:47.0845 12244 TimeBrokerSvc - ok
12:14:47.0860 12244 [ 5AC485259DA784EDBF63E6D6CFA62D6B ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
12:14:47.0892 12244 TokenBroker - ok
12:14:47.0907 12244 [ 1658D060057C85DEC82BFCB018C4C22F ] TPM C:\WINDOWS\System32\drivers\tpm.sys
12:14:47.0923 12244 TPM - ok
12:14:47.0923 12244 [ 39187852984778424A0EFD6B01FAB272 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:14:47.0939 12244 TrkWks - ok
12:14:47.0939 12244 [ 6E39B63A16B33827B861C56F0E58E021 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:14:47.0954 12244 TrustedInstaller - ok
12:14:47.0954 12244 [ 8D811209E34358EAD3FD8E40F657E59C ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
12:14:47.0985 12244 tsusbflt - ok
12:14:47.0985 12244 [ 68DE1735FB020AE8948BD7B60F2EBD3B ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:14:48.0001 12244 TsUsbGD - ok
12:14:48.0001 12244 [ 32230D3F06B0874DFB727028CA4F6348 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
12:14:48.0017 12244 tsusbhub - ok
12:14:48.0017 12244 [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
12:14:48.0032 12244 tunnel - ok
12:14:48.0048 12244 [ D5E68FCEDE15214BDB5D986D5B50E0BF ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
12:14:48.0064 12244 tzautoupdate - ok
12:14:48.0064 12244 [ 04FC2C7F73AE58BF0DD674164E28A6DF ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:14:48.0079 12244 UASPStor - ok
12:14:48.0079 12244 [ E437FC4B1833F6B745184F78C4921FB8 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
12:14:48.0095 12244 UcmCx0101 - ok
12:14:48.0095 12244 [ 950A3E42167904CAB9AA64863C31CEB5 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
12:14:48.0126 12244 UcmTcpciCx0101 - ok
12:14:48.0126 12244 [ 149CBBB74DFC3E52F242029A27B0F8EB ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
12:14:48.0142 12244 UcmUcsi - ok
12:14:48.0142 12244 [ E6E91B3980A495D2A9D28A09580EA993 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
12:14:48.0157 12244 Ucx01000 - ok
12:14:48.0173 12244 [ DACA289DFFA7658C04FEF6DCFA2AA9CE ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
12:14:48.0189 12244 UdeCx - ok
12:14:48.0189 12244 [ 12383D410AEF99AD6979A8EFD3D61888 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:14:48.0204 12244 udfs - ok
12:14:48.0204 12244 [ AB7FE51D818B6059C2F56FA62268CCAC ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:14:48.0220 12244 UEFI - ok
12:14:48.0220 12244 [ A6134CA92B545353EEB0420F36D39F1C ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
12:14:48.0235 12244 UevAgentDriver - ok
12:14:48.0251 12244 [ 8899E490269C7634368B4FE6E77CFE8D ] UevAgentService C:\WINDOWS\system32\AgentService.exe
12:14:48.0282 12244 UevAgentService - ok
12:14:48.0298 12244 [ 58447F28E697A93521DD20530A8D50ED ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
12:14:48.0314 12244 Ufx01000 - ok
12:14:48.0314 12244 [ 69ED2D00A7787D9D84E6C90CE0B02B2D ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
12:14:48.0329 12244 UfxChipidea - ok
12:14:48.0329 12244 [ F061EC57330FBC597A4E7298BE667780 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:14:48.0345 12244 ufxsynopsys - ok
12:14:48.0360 12244 [ B26729B378282F72241859C13326E3E8 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:14:48.0376 12244 UI0Detect - ok
12:14:48.0376 12244 [ D40BCED160D332005AF612E1228825E6 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:14:48.0392 12244 umbus - ok
12:14:48.0392 12244 [ 64CF24D7B1FA4975C52A31BF4C82EB73 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:14:48.0407 12244 UmPass - ok
12:14:48.0407 12244 [ E6B6BDA0412D3C56275E662A5A1937FD ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:14:48.0423 12244 UmRdpService - ok
12:14:48.0439 12244 [ 46718991BA67AAF624B6B609E0BCACA7 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
12:14:48.0470 12244 UnistoreSvc - ok
12:14:48.0485 12244 [ D2931E3F67A990328DE5CE7E43F4467C ] upnphost C:\WINDOWS\System32\upnphost.dll
12:14:48.0501 12244 upnphost - ok
12:14:48.0517 12244 [ ACE4C3B4C7D17B154FFC5BBE5F7A9835 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
12:14:48.0517 12244 UrsChipidea - ok
12:14:48.0532 12244 [ ECE40EB976A5ACB366808AECF6B235BA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
12:14:48.0548 12244 UrsCx01000 - ok
12:14:48.0548 12244 [ EB738F830D3E7EA62A218F101EF91FD4 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
12:14:48.0564 12244 UrsSynopsys - ok
12:14:48.0564 12244 [ 51A397ECC1AB2BD54C935E74A9543330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:14:48.0579 12244 usbaudio - ok
12:14:48.0579 12244 [ B43E28E5CF868517EEC0923AB2BC366B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:14:48.0595 12244 usbccgp - ok
12:14:48.0611 12244 [ 1080D80B5F6D249F23BAE1C0C36233A4 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:14:48.0626 12244 usbcir - ok
12:14:48.0626 12244 [ EE162DA2C92026A5B96ED89737975AA8 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:14:48.0642 12244 usbehci - ok
12:14:48.0642 12244 [ C27FEE9758E3BEDE4D48B5EDBE1122CF ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:14:48.0673 12244 usbhub - ok
12:14:48.0689 12244 [ 4FA9C956E569D0D380C2859542361780 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:14:48.0720 12244 USBHUB3 - ok
12:14:48.0720 12244 [ 44B954306BB2B311E070EDA276FECAB1 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:14:48.0735 12244 usbohci - ok
12:14:48.0735 12244 [ EEF26F9034F0608B93D4D239534BB0BA ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:14:48.0751 12244 usbprint - ok
12:14:48.0767 12244 [ E55C9AF5EE8905879048118824B06816 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:14:48.0782 12244 usbscan - ok
12:14:48.0782 12244 [ 913CFF365DB1803525DBD2AA8B8188B4 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
12:14:48.0798 12244 usbser - ok
12:14:48.0798 12244 [ 441CAE778B6A1FF6E618E37814A7A52A ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:14:48.0814 12244 USBSTOR - ok
12:14:48.0814 12244 [ 2D6BB2157B37B2D9DABF8C218F2A805B ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:14:48.0829 12244 usbuhci - ok
12:14:48.0845 12244 [ 68788AE61B2E6A7D97CAD73B632F5BF5 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:14:48.0861 12244 usbvideo - ok
12:14:48.0876 12244 [ 41E5A6188180DC72BCECA999ED2532D4 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:14:48.0892 12244 USBXHCI - ok
12:14:48.0907 12244 [ 4C691D958453AF5E849813C56679B2D4 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
12:14:48.0954 12244 UserDataSvc - ok
12:14:48.0970 12244 [ 654051CFF31F12D3048D3E9B9B9BB9C7 ] UserManager C:\WINDOWS\System32\usermgr.dll
12:14:49.0001 12244 UserManager - ok
12:14:49.0017 12244 [ BB749074054073113CA540754C01B1CF ] UsoSvc C:\WINDOWS\system32\usocore.dll
12:14:49.0048 12244 UsoSvc - ok
12:14:49.0048 12244 [ 94E06D509D50807774F35BEE3163E806 ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:14:49.0064 12244 VaultSvc - ok
12:14:49.0064 12244 [ C77C537077822D8EA529AD4EBFD971D6 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:14:49.0079 12244 vdrvroot - ok
12:14:49.0095 12244 [ 07C192BEEA76B1BD9D0310ED20551D54 ] vds C:\WINDOWS\System32\vds.exe
12:14:49.0126 12244 vds - ok
12:14:49.0126 12244 [ 9D4EEE333603F3675685F644053499D5 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:14:49.0142 12244 VerifierExt - ok
12:14:49.0157 12244 [ 58C99FECA2FC016038F63994B2D11133 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:14:49.0189 12244 vhdmp - ok
12:14:49.0204 12244 [ E10FEBB566E1F0A3936AB304F338637E ] vhf C:\WINDOWS\System32\drivers\vhf.sys
12:14:49.0220 12244 vhf - ok
12:14:49.0220 12244 [ CB09581D30179EF1D9CAC51717AFA04F ] vjoy C:\WINDOWS\System32\drivers\vjoy.sys
12:14:49.0236 12244 vjoy - ok
12:14:49.0236 12244 [ 079B4378614A40A308F9C721A50C7B87 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:14:49.0251 12244 vmbus - ok
12:14:49.0251 12244 [ DC9E0600B356258E31403789119C78A9 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:14:49.0267 12244 VMBusHID - ok
12:14:49.0267 12244 [ B24F74B2710B66F647419697BDB9E163 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
12:14:49.0282 12244 vmgid - ok
12:14:49.0298 12244 [ CE70937143DBDB2B4BF3A0310EB9E189 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
12:14:49.0314 12244 vmicguestinterface - ok
12:14:49.0314 12244 [ CE70937143DBDB2B4BF3A0310EB9E189 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
12:14:49.0329 12244 vmicheartbeat - ok
12:14:49.0329 12244 [ CE70937143DBDB2B4BF3A0310EB9E189 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
12:14:49.0345 12244 vmickvpexchange - ok
12:14:49.0361 12244 [ FD73A74D26F5BEC303763FD9CDD2DFB2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
12:14:49.0376 12244 vmicrdv - ok
12:14:49.0376 12244 [ CE70937143DBDB2B4BF3A0310EB9E189 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
12:14:49.0392 12244 vmicshutdown - ok
12:14:49.0392 12244 [ CE70937143DBDB2B4BF3A0310EB9E189 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
12:14:49.0407 12244 vmictimesync - ok
12:14:49.0423 12244 [ CE70937143DBDB2B4BF3A0310EB9E189 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
12:14:49.0439 12244 vmicvmsession - ok
12:14:49.0439 12244 [ FD73A74D26F5BEC303763FD9CDD2DFB2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
12:14:49.0454 12244 vmicvss - ok
12:14:49.0454 12244 [ D81F6B790519A60F3D1788B45D04B749 ] vnvdimm C:\WINDOWS\System32\drivers\vnvdimm.sys
12:14:49.0470 12244 vnvdimm - ok
12:14:49.0470 12244 [ C9052650BBF2124CD525A26D5C2A6671 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:14:49.0486 12244 volmgr - ok
12:14:49.0501 12244 [ 6D6CACED512C1EF1FEAC215E37E3A9BC ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:14:49.0517 12244 volmgrx - ok
12:14:49.0532 12244 [ 5B27846CF4B1C21AFB3A35A8336BA02F ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:14:49.0548 12244 volsnap - ok
12:14:49.0548 12244 [ 72A95A844D6BAF2924A4C15BEDFD6BCA ] volume C:\WINDOWS\system32\drivers\volume.sys
12:14:49.0564 12244 volume - ok
12:14:49.0564 12244 [ 702273C7C1BE9D366BAF1305D382F03C ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:14:49.0579 12244 vpci - ok
12:14:49.0595 12244 [ 075CE3C9E77D2666AFA888951E5F07A9 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:14:49.0611 12244 vsmraid - ok
12:14:49.0626 12244 [ 8718AA2FC64ECAD523D37ED739366025 ] VSS C:\WINDOWS\system32\vssvc.exe
12:14:49.0657 12244 VSS - ok
12:14:49.0673 12244 [ 26D00E85BE4726B114335250FCDEDA89 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:14:49.0689 12244 VSTXRAID - ok
12:14:49.0689 12244 [ 3DFDB573E4D49EA8F416B573525B7A86 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:14:49.0704 12244 vwifibus - ok
12:14:49.0704 12244 [ A40FA64655AB5B8773A96A821616C5FC ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
12:14:49.0720 12244 vwififlt - ok
12:14:49.0736 12244 [ A17A4F2823C5424C9B8B990644817DC0 ] W32Time C:\WINDOWS\system32\w32time.dll
12:14:49.0751 12244 W32Time - ok
12:14:49.0751 12244 [ 2F53E6812AC079CEF7AE7A517953B3E2 ] WacHidRouterPro C:\WINDOWS\System32\drivers\wachidrouter.sys
12:14:49.0767 12244 WacHidRouterPro - ok
12:14:49.0767 12244 [ 5B5430522E0BDF2A753D758710BE7C5E ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:14:49.0782 12244 WacomPen - ok
12:14:49.0782 12244 [ BDFB8DFABCCFBF515D1C9B511F8456D2 ] wacomrouterfilter C:\WINDOWS\System32\drivers\wacomrouterfilter.sys
12:14:49.0798 12244 wacomrouterfilter - ok
12:14:49.0814 12244 [ 451D40C28E7D1CF51A980B83FDEFF498 ] WalletService C:\WINDOWS\system32\WalletService.dll
12:14:49.0829 12244 WalletService - ok
12:14:49.0845 12244 [ 1FC3A8FB032B62A88283BC8113FDF1C5 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:14:49.0861 12244 wanarp - ok
12:14:49.0861 12244 [ 1FC3A8FB032B62A88283BC8113FDF1C5 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:14:49.0876 12244 wanarpv6 - ok
12:14:49.0876 12244 [ E3B4C37F1F3D8078AA2AFBEE7F5468CF ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
12:14:49.0892 12244 WarpJITSvc - ok
12:14:49.0908 12244 [ 1C1EB9C4DAF428B3BFDD58572768182C ] wbengine C:\WINDOWS\system32\wbengine.exe
12:14:49.0954 12244 wbengine - ok
12:14:49.0954 12244 [ A0B4836C489C2535795C4E71E378AD07 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:14:49.0986 12244 WbioSrvc - ok
12:14:50.0001 12244 [ 520E4FD6B5BF5349DD1499F2AEFB7C50 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
12:14:50.0017 12244 wcifs - ok
12:14:50.0017 12244 [ EB1B7609CC9BFA19D81BC0A43CEE067B ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:14:50.0048 12244 Wcmsvc - ok
12:14:50.0048 12244 [ F92970EBB734867AE1D2FA01865E404C ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:14:50.0079 12244 wcncsvc - ok
12:14:50.0079 12244 [ 9DE3FDFF295F2534DF0A8B6FC4F06355 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
12:14:50.0095 12244 wcnfs - ok
12:14:50.0095 12244 [ 16D3F1C6CB3D6BBFDF4893C7A14D6F12 ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
12:14:50.0111 12244 WdBoot - ok
12:14:50.0126 12244 [ FCC960498E3CD899F0A429F7CF9E77AD ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:14:50.0158 12244 Wdf01000 - ok
12:14:50.0173 12244 [ 64EB43131121ADD90A061A75C8ADE9E6 ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
12:14:50.0189 12244 WdFilter - ok
12:14:50.0189 12244 [ AB406F30BE98CDB7AA7171336EF031BA ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:14:50.0204 12244 WdiServiceHost - ok
12:14:50.0220 12244 [ AB406F30BE98CDB7AA7171336EF031BA ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:14:50.0236 12244 WdiSystemHost - ok
12:14:50.0236 12244 [ 2D50C46EFE924BC24F63A45D2DB1AA3A ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:14:50.0267 12244 wdiwifi - ok
12:14:50.0267 12244 [ BE3C9DF77543C78004C400B1CAFCAB49 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
12:14:50.0283 12244 WdNisDrv - ok
12:14:50.0283 12244 [ 3F52178796F4E467D6A32C157F898EAD ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe
12:14:50.0298 12244 WdNisSvc - ok
12:14:50.0314 12244 [ DF58AA71FBA55E15F572C93447696DEC ] wdnsfltr C:\WINDOWS\system32\drivers\wdnsfltr.sys
12:14:50.0329 12244 wdnsfltr - ok
12:14:50.0329 12244 [ A3F1E153B831606E3B9153320F0C7ED1 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:14:50.0345 12244 WebClient - ok
12:14:50.0345 12244 [ 7997BC2386A9976C0645A28FA8A6E7EA ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:14:50.0361 12244 Wecsvc - ok
12:14:50.0376 12244 [ CEA146E0D096A491B265CD2340C2E31D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:14:50.0392 12244 WEPHOSTSVC - ok
12:14:50.0392 12244 [ 40610BA98D5830FB14C3695B3BCA647A ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:14:50.0408 12244 wercplsupport - ok
12:14:50.0408 12244 [ AA2B3154D12ABE34640C866AC3472E33 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:14:50.0439 12244 WerSvc - ok
12:14:50.0439 12244 [ 86B816E9D24625287BDE9784953A5E86 ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
12:14:50.0470 12244 WFDSConMgrSvc - ok
12:14:50.0470 12244 [ 8E101DF42D36E04EC610581BA478B38F ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
12:14:50.0486 12244 WFPLWFS - ok
12:14:50.0486 12244 [ F78A2731EC972312C4C998174A9BB325 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:14:50.0501 12244 WiaRpc - ok
12:14:50.0517 12244 [ C8D3FC38426E990E2787771678B19C6D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:14:50.0517 12244 WIMMount - ok
12:14:50.0533 12244 [ 4D8668B32E5319A5E8852B1564184801 ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe
12:14:50.0533 12244 WinDefend - ok
12:14:50.0533 12244 [ 0484B0D01EA6F7017519EBDDBADE759D ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:14:50.0548 12244 WindowsTrustedRT - ok
12:14:50.0548 12244 [ 813EE0F4D4B8D599DB1968682D080732 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:14:50.0564 12244 WindowsTrustedRTProxy - ok
12:14:50.0579 12244 [ 777D4CE2169B9E014CF912FEE9C40681 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:14:50.0611 12244 WinHttpAutoProxySvc - ok
12:14:50.0611 12244 [ E23475E9150E6A50B12DB176EA5CDD56 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
12:14:50.0626 12244 WinMad - ok
12:14:50.0626 12244 [ 0FBD5D358094E254A1508832D4042FF7 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:14:50.0642 12244 Winmgmt - ok
12:14:50.0658 12244 [ E0551E7838C0D03E1E0FE7BD8CDA8B99 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
12:14:50.0673 12244 WinNat - ok
12:14:50.0704 12244 [ C2A88E382CD48E4772A5570D66BF1A90 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:14:50.0751 12244 WinRM - ok
12:14:50.0767 12244 [ E92F3539C4758F6A9F4B80CBAC75B3E6 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
12:14:50.0783 12244 WINUSB - ok
12:14:50.0783 12244 [ 59126AFCC64270747B5CC9B44A4A48F4 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
12:14:50.0798 12244 WinVerbs - ok
12:14:50.0814 12244 [ 0A3ADAA0EFAFA26CA8570E24A13CE484 ] wisvc C:\WINDOWS\system32\flightsettings.dll
12:14:50.0829 12244 wisvc - ok
12:14:50.0861 12244 [ 6E9FE5A15FFD7680529999D6FBD81F59 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:14:50.0923 12244 WlanSvc - ok
12:14:50.0939 12244 [ 345056CEAC49D289098F7A33A2C7CA2B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:14:50.0986 12244 wlidsvc - ok
12:14:51.0001 12244 [ 56E1A46DD1C5D28B10F02E21D077EBF6 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
12:14:51.0033 12244 wlpasvc - ok
12:14:51.0048 12244 [ E8C793ED028E132771988760819E3754 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:14:51.0048 12244 WmiAcpi - ok
12:14:51.0064 12244 [ 7112092A3C6F41EDBE83636791C774D9 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:14:51.0080 12244 wmiApSrv - ok
12:14:51.0080 12244 WMPNetworkSvc - ok
12:14:51.0080 12244 [ 8D6E6F6C233AF450C50FA615530B44D2 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:14:51.0095 12244 Wof - ok
12:14:51.0126 12244 [ 1431D184691F7FA9AAC2064EB0EC6C96 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:14:51.0173 12244 workfolderssvc - ok
12:14:51.0173 12244 [ AE9793230B219113DE1163138645E5AE ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:14:51.0189 12244 WPDBusEnum - ok
12:14:51.0189 12244 [ 9EAE1EF282864674355B4B81DF6AE935 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:14:51.0205 12244 WpdUpFltr - ok
12:14:51.0205 12244 [ C75B59E441206A572CC64BBB60EE54B3 ] WpnService C:\WINDOWS\system32\WpnService.dll
12:14:51.0220 12244 WpnService - ok
12:14:51.0236 12244 [ 07F4AF1730D55567EACE7ADDEA28FE48 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
12:14:51.0251 12244 WpnUserService - ok
12:14:51.0251 12244 [ 367B3ED0C688AFE28C376B0230814567 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:14:51.0267 12244 ws2ifsl - ok
12:14:51.0267 12244 [ 39DA352FAD220E83CE64DE8DCCB9736B ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:14:51.0283 12244 wscsvc - ok
12:14:51.0298 12244 [ 7B44553610A89F2011CF69BEA9AFD4CB ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
12:14:51.0298 12244 WSDPrintDevice - ok
12:14:51.0314 12244 [ 8068DC839C3729FFC70821FBEF05D5ED ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
12:14:51.0330 12244 WSDScan - ok
12:14:51.0330 12244 WSearch - ok
12:14:51.0345 12244 [ E393124DABBC495C3D0A8F934090F467 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
12:14:51.0361 12244 WTabletServicePro - ok
12:14:51.0392 12244 [ 868520F90F9DA2AA4160BA5A5F412D82 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:14:51.0439 12244 wuauserv - ok
12:14:51.0455 12244 [ BD5E68B369DF3453A0A87663C6C5476D ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:14:51.0470 12244 WudfPf - ok
12:14:51.0470 12244 [ A86A249314FD0A780214028B0C31A386 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:14:51.0501 12244 WUDFRd - ok
12:14:51.0501 12244 [ A86A249314FD0A780214028B0C31A386 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:14:51.0517 12244 WUDFWpdFs - ok
12:14:51.0517 12244 [ A86A249314FD0A780214028B0C31A386 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:14:51.0548 12244 WUDFWpdMtp - ok
12:14:51.0564 12244 [ 9C1EB9F1BC42AA13667FDF8CEF336236 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:14:51.0595 12244 WwanSvc - ok
12:14:51.0611 12244 [ 42C738ED1552FE168F6EE1BAE8ACFCAC ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
12:14:51.0626 12244 xbgm - ok
12:14:51.0626 12244 [ A03C4D4D71304087820A0EF18FCF7582 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
12:14:51.0658 12244 XblAuthManager - ok
12:14:51.0673 12244 [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
12:14:51.0720 12244 XblGameSave - ok
12:14:51.0720 12244 [ 2244A4CEFE8F9C74091369ACE2E9EBC6 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
12:14:51.0751 12244 xboxgip - ok
12:14:51.0751 12244 [ 1A9550D746B8604D37A90436EF686777 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
12:14:51.0767 12244 XboxGipSvc - ok
12:14:51.0783 12244 [ 4951DD543AA2710760D90A58261ED665 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
12:14:51.0814 12244 XboxNetApiSvc - ok
12:14:51.0830 12244 [ 3DE8442D7AA678D9E295B0E15CF7CE15 ] xhunter1 C:\WINDOWS\xhunter1.sys
12:14:51.0830 12244 xhunter1 - ok
12:14:51.0830 12244 [ 4A91B49C6B1E41151D47CB919ADF013A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
12:14:51.0861 12244 xinputhid - ok
12:14:51.0861 12244 [ 377F3E3467A8BFA3CDC921AD6425D513 ] XSplit_Dummy C:\WINDOWS\system32\drivers\xspltspk.sys
12:14:51.0876 12244 XSplit_Dummy - ok
12:14:51.0876 12244 [ F35431F069CA11C0E174AD75DF421CDE ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
12:14:51.0892 12244 xusb22 - ok
12:14:51.0892 12244 ================ Scan global ===============================
12:14:51.0892 12244 [ EB45383BE9D7ECB36D55B262E0D8EB46 ] C:\WINDOWS\system32\basesrv.dll
12:14:51.0908 12244 [ A6B900D517D02A2E353AD693B14E49C3 ] C:\WINDOWS\system32\winsrv.dll
12:14:51.0908 12244 [ 9451BA31B1DC19CED2608D82863C6486 ] C:\WINDOWS\system32\sxssrv.dll
12:14:51.0923 12244 [ AB75687641C9ADBE22336EC3C496909C ] C:\WINDOWS\system32\services.exe
12:14:51.0923 12244 [Global] - ok
12:14:51.0923 12244 ================ Scan MBR ==================================
12:14:51.0923 12244 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:14:51.0970 12244 \Device\Harddisk0\DR0 - ok
12:14:51.0970 12244 ================ Scan VBR ==================================
12:14:51.0970 12244 [ C0680F624F13D8FB91EB916B45606A4A ] \Device\Harddisk0\DR0\Partition1
12:14:51.0986 12244 \Device\Harddisk0\DR0\Partition1 - ok
12:14:51.0986 12244 [ 1875D3423261205F356C10E291258B78 ] \Device\Harddisk0\DR0\Partition2
12:14:51.0986 12244 \Device\Harddisk0\DR0\Partition2 - ok
12:14:51.0986 12244 ============================================================
12:14:51.0986 12244 Scan finished
12:14:51.0986 12244 ============================================================
12:14:51.0986 12236 Detected object count: 3
12:14:51.0986 12236 Actual detected object count: 3
12:15:03.0253 12236 27666012 ( HiddenService.Multi.Generic ) - skipped by user
12:15:03.0253 12236 27666012 ( HiddenService.Multi.Generic ) - User select action: Skip
12:15:03.0253 12236 Intel(R) Security Assist ( HiddenService.Multi.Generic ) - skipped by user
12:15:03.0253 12236 Intel(R) Security Assist ( HiddenService.Multi.Generic ) - User select action: Skip
12:15:03.0253 12236 isaHelperSvc ( HiddenService.Multi.Generic ) - skipped by user
12:15:03.0253 12236 isaHelperSvc ( HiddenService.Multi.Generic ) - User select action: Skip
 

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Questo è RogueKiller, dopo però il virus ha ripreso a accendersi per un paio di volte facendo attivare avast.

RogueKiller V12.12.5.0 (x64) [Feb 19 2018] (Gratuito) di Adlice Software
posta : http://www.adlice.com/contact/
Commenti : https://forum.adlice.com
Sito Web : http://www.adlice.com/download/roguekiller/
Discussione : http://www.adlice.com

Sistema Operativo : Windows 10 (10.0.16299) 64 bits version
Iniziato in : Modalità Normale
Utente : Utente [Amministratore]
Iniziato da : C:\Program Files\RogueKiller\RogueKiller64.exe
Modalità : Cancella -- Data : 02/22/2018 12:21:15 (Durata : 00:24:07)

¤¤¤ Processi : 0 ¤¤¤

¤¤¤ Registro : 2 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3454903148-161096206-1152172953-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Non selezionato
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3454903148-161096206-1152172953-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Non selezionato

¤¤¤ Attività : 0 ¤¤¤

¤¤¤ Archivi : 9 ¤¤¤
[BitMiner.Gen0][Archivio] C:\Disk\securedisk.exe -> Cancellato
[PUP.HackTool][Cartella] C:\Windows\AutoKMS -> Cancellato
[PUP.HackTool][Archivio] C:\Windows\AutoKMS\AutoKMS.log -> Cancellato
[PUP.Gen0][Archivio] C:\Windows\SECOH-QAD.exe -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\10lrndfy.2n2\MouseKeyboardCenter_64bit_ENG_2.8.106.exe -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\10lrndfy.2n2 -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\3iuhdk3k.1gl -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5rndwzzn.g3j\sunrisepoint-h.cat -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5rndwzzn.g3j\sunrisepoint-hsystem.inf -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5rndwzzn.g3j -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\iccwdt.cat -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\iccwdt.inf -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\iccwdt.sys -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\wdfcoinstaller01009.dll -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\x64\iccwdt.sys -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\x64\wdfcoinstaller01009.dll -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4\x64 -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\5uuk2aie.xj4 -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\Drivers.data -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ivavuv00.ggy\iaahcic.cat -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ivavuv00.ggy\iaahcic.inf -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ivavuv00.ggy\iastora.sys -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ivavuv00.ggy\iastorf.sys -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ivavuv00.ggy -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\izmzfz31.d2o\rt640x64.cat -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\izmzfz31.d2o\rt640x64.inf -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\izmzfz31.d2o\rt640x64.sys -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\izmzfz31.d2o\rtnicprop64.dll -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\izmzfz31.d2o -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\nwl04qcg.v1p -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a\heci.cat -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a\heci.inf -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a\x64\teedriverw8x64.sys -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a\x64 -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a\x86\teedriverw8.sys -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a\x86 -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\o22rb5ql.p4a -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ociqx24z.efm\skylake.cat -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ociqx24z.efm\skylakesystem.inf -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\ociqx24z.efm -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\tamybp15.ty2 -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\uz1cldyf.y5z -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\wrii14gu.tz4 -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers\y3tr1nkz.wwh -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\drivers -> Cancellato
[PUP.Gen1][Archivio] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy\settings.dat -> Cancellato
[PUP.Gen1][Cartella] C:\Users\Utente\AppData\Roaming\Easeware\DriverEasy -> Cancellato
[PUP.HackTool][Archivio] C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Recent\Keys.lnk [LNK@] C:\PROGRA~1\KMSpico\TOKENS~1\Keys.txt -> Cancellato
[PUP.HackTool][Archivio] C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Recent\TokensBackup.lnk [LNK@] C:\PROGRA~1\KMSpico\TOKENS~1 -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Utente\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Cancellato
[PUP.uTorrentAds][Archivio] C:\Users\Utente\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe -> Cancellato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico -> Cancellato
[PUP.HackTool][Archivio] C:\Program Files\KMSpico\DM.bin -> Cancellato
[PUP.HackTool][Archivio] C:\Program Files\KMSpico\TokensBackup\Keys.txt -> Cancellato
[PUP.HackTool][Archivio] C:\Program Files\KMSpico\TokensBackup\Windows\cache\cache.dat -> Cancellato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico\TokensBackup\Windows\cache -> Cancellato
[PUP.HackTool][Archivio] C:\Program Files\KMSpico\TokensBackup\Windows\data.dat -> Cancellato
[PUP.HackTool][Archivio] C:\Program Files\KMSpico\TokensBackup\Windows\pkeyconfig.xrm-ms -> Cancellato
[PUP.HackTool][Archivio] C:\Program Files\KMSpico\TokensBackup\Windows\tokens.dat -> Cancellato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico\TokensBackup\Windows -> Cancellato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico\TokensBackup -> Cancellato

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Archivio Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SUV400S37240G +++++
--- User ---
[MBR] f45b8813326c4c52c2b38b9eb91f22ee
[BSP] 10d2861a537dddc691585eeffad2cedd : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 227933 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 467834880 | Size: 499 MB
User = LL1 ... OK
User = LL2 ... OK
 

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Esegui queste scansioni:

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Scarica Adwcleaner sul desktop:
https://www.bleepingcomputer.com/download/adwcleaner/
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc... siano chiusi)
Clicca sul pulsante "Analizza".
Finita la scansione clicca su "Pulisci"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni....
Postalo qui.

Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report

Poi ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Infine scarica frst da quihttps://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

ciao

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.02.2018
Ran by Utente (administrator) on PCGABRI (22-02-2018 13:07:30)
Running from C:\Users\Utente\Desktop
Loaded Profiles: Utente (Available Profiles: Utente & vince)
Platform: Windows 10 Pro Version 1709 16299.248 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel® Corporation) C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2018-02-04] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelConnectCenter] => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [90112 2015-03-16] (Intel® Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [243496 2018-02-18] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646680 2017-12-20] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd)
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2015-01-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1222632 2017-09-22] (Digital Wave Ltd)
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [148480 2017-09-29] (Microsoft Corporation)
ShellExecuteHooks: No Name - {BFD98515-CD74-48A4-98E2-13D209E3EE4F} - C:\Windows\System32\mcicda64.dll [1015808 2018-02-12] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{8b4955eb-c028-49f3-a66a-d8ac3d2eea04}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f6c5cf43-1788-49a9-9bfc-9253d2f164f0}: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{f6c5cf43-1788-49a9-9bfc-9253d2f164f0}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9.0.4\bin\jp2ssv.dll [2018-01-28] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\dtplugin\npDeployJava1.dll [2018-01-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=12.0.4.0 -> C:\Program Files\Java\jre-9.0.4\bin\plugin2\npjp2.dll [2018-01-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.it/
CHR StartupUrls: Default -> "hxxps://www.google.it/"
CHR DefaultSearchURL: Default -> hxxps://ow1.res.office365.com/owamail/20180119.01.02/resources/images/favicons/mail-seen.ico
CHR Profile: C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default [2018-02-22]
CHR Extension: (Google Traduttore) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Presentazioni) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documenti) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-12]
CHR Extension: (YouTube) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-12]
CHR Extension: (Adblock Plus) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Galaxy-View) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2018-02-15]
CHR Extension: (Avast Passwords) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-02-07]
CHR Extension: (Fogli) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Documenti offline) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-12]
CHR Extension: (Avast Online Security) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-02-19]
CHR Extension: (Posta) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhoefeggjmcgagelcbblaeafkojgdl [2018-01-30]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-01]
CHR Extension: (ForumFree) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpaokmjncandjkacmikamfgfpfkgfdb [2016-09-18]
CHR Extension: (Posta) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchkhcnofmbbpoaiganjipbnainpcbni [2018-02-18]
CHR Extension: (Gmail) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-07]
CHR Profile: C:\Users\Utente\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-20]
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7564512 2018-02-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [300600 2018-02-18] (AVAST Software)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-22] (Digital Wave Ltd.)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
S4 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S4 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
S4 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [778696 2017-10-09] (Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2016-11-03] (Windows (R) Win 7 DDK provider)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [192944 2018-02-18] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-02-18] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-02-18] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-02-18] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-02-18] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [190440 2018-02-18] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-02-18] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-02-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-02-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-02-18] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-02-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459952 2018-02-18] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205464 2018-02-18] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2016-08-12] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379448 2018-02-18] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-24] (Disc Soft Ltd)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-06-22] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-18] (REALiX(tm))
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-22] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2018-01-21] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [21216 2016-09-01] (Splashtop Inc.)
R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [57976 2017-04-06] (Shaul Eizikovich)
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [115192 2017-10-08] (Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2017-12-11] (Wellbia.com Co., Ltd.)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-22 13:07 - 2018-02-22 13:07 - 000021946 _____ C:\Users\Utente\Desktop\FRST.txt
2018-02-22 13:07 - 2018-02-22 13:07 - 000000000 ____D C:\FRST
2018-02-22 13:06 - 2018-02-22 13:06 - 002403328 _____ (Farbar) C:\Users\Utente\Desktop\FRST64.exe
2018-02-22 13:02 - 2018-02-22 13:03 - 000016934 _____ C:\Users\Utente\Desktop\rogue.txt
2018-02-22 12:21 - 2018-02-22 12:21 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-02-22 12:20 - 2018-02-22 13:03 - 000000000 ____D C:\ProgramData\RogueKiller
2018-02-22 12:20 - 2018-02-22 12:20 - 000000907 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-02-22 12:20 - 2018-02-22 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-02-22 12:20 - 2018-02-22 12:20 - 000000000 ____D C:\Program Files\RogueKiller
2018-02-22 12:14 - 2018-02-22 12:15 - 000198516 _____ C:\TDSSKiller.2.8.16.0_22.02.2018_12.14.03_log.txt
2018-02-22 12:14 - 2018-02-22 12:14 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\31735035.sys
2018-02-22 12:13 - 2018-02-22 12:13 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-02-22 12:13 - 2018-02-22 12:13 - 000000000 ___HD C:\OneDriveTemp
2018-02-22 12:13 - 2018-02-22 12:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-22 12:09 - 2018-02-22 12:09 - 000000000 ____D C:\TDSSKiller_Quarantine
2018-02-22 12:07 - 2018-02-22 12:07 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\05853279.sys
2018-02-22 12:06 - 2018-02-22 12:12 - 000582362 _____ C:\TDSSKiller.2.8.16.0_22.02.2018_12.06.59_log.txt
2018-02-22 12:06 - 2018-02-22 12:06 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Utente\Downloads\tdsskiller.exe
2018-02-21 23:48 - 2018-02-21 23:58 - 000000000 ____D C:\Users\Utente\Documents\Games U
2018-02-21 23:46 - 2018-02-22 00:03 - 000000000 ____D C:\Users\Utente\AppData\Roaming\USB_HELPER
2018-02-21 23:46 - 2018-02-21 23:46 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WiiU_USB_Helper
2018-02-21 23:46 - 2018-02-21 23:46 - 000000000 ____D C:\Users\Utente\AppData\Local\Hikari06
2018-02-21 23:44 - 2018-02-21 23:46 - 000000000 ____D C:\Users\Utente\Documents\HELPER
2018-02-21 23:44 - 2018-02-21 23:44 - 001537536 _____ (Hikari06) C:\Users\Utente\Downloads\Updater.exe
2018-02-21 18:33 - 2018-02-21 18:33 - 000003488 _____ C:\Users\Utente\Desktop\AdwCleaner[C0].txt
2018-02-21 18:29 - 2018-02-22 12:03 - 000000000 ____D C:\AdwCleaner
2018-02-21 18:27 - 2018-02-21 18:27 - 008222496 _____ (Malwarebytes) C:\Users\Utente\Desktop\AdwCleaner.exe
2018-02-21 18:26 - 2018-02-21 18:26 - 000001428 _____ C:\Users\Utente\Desktop\malwarebytes.txt
2018-02-21 17:45 - 2018-02-21 17:45 - 000003026 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Utente)
2018-02-20 18:16 - 2018-02-20 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-20 16:58 - 2018-02-20 17:40 - 000000000 ____D C:\Users\Utente\Desktop\Chimica
2018-02-20 11:55 - 2018-02-06 03:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-20 11:55 - 2018-02-06 03:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-20 11:42 - 2018-02-20 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-20 11:42 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-02-20 11:41 - 2018-02-20 11:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-19 12:32 - 2018-02-19 12:32 - 000000000 ____D C:\Users\Utente\Documents\Modelli di Office personalizzati
2018-02-19 10:29 - 2018-02-10 07:24 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-19 10:29 - 2018-02-10 07:23 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-19 10:29 - 2018-02-10 07:23 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-19 10:29 - 2018-02-10 07:23 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-19 10:29 - 2018-02-10 07:23 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-19 10:29 - 2018-02-10 07:22 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-19 10:29 - 2018-02-10 07:22 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-19 10:29 - 2018-02-10 07:22 - 000387480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-19 10:29 - 2018-02-10 07:22 - 000272800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-19 10:29 - 2018-02-10 07:22 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-19 10:29 - 2018-02-10 07:20 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-19 10:29 - 2018-02-10 07:20 - 001055640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-19 10:29 - 2018-02-10 07:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-19 10:29 - 2018-02-10 07:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-19 10:29 - 2018-02-10 07:17 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-19 10:29 - 2018-02-10 07:16 - 008603032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-19 10:29 - 2018-02-10 07:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-19 10:29 - 2018-02-10 07:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-19 10:29 - 2018-02-10 07:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-19 10:29 - 2018-02-10 07:15 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-19 10:29 - 2018-02-10 07:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-19 10:29 - 2018-02-10 07:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-19 10:29 - 2018-02-10 07:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-19 10:29 - 2018-02-10 07:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-19 10:29 - 2018-02-10 07:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-02-19 10:29 - 2018-02-10 07:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-19 10:29 - 2018-02-10 07:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-19 10:29 - 2018-02-10 07:12 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-19 10:29 - 2018-02-10 07:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-19 10:29 - 2018-02-10 07:11 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-19 10:29 - 2018-02-10 07:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-19 10:29 - 2018-02-10 07:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-19 10:29 - 2018-02-10 07:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-19 10:29 - 2018-02-10 07:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-19 10:29 - 2018-02-10 07:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-19 10:29 - 2018-02-10 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-19 10:29 - 2018-02-10 07:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-19 10:29 - 2018-02-10 07:08 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-19 10:29 - 2018-02-10 07:08 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-19 10:29 - 2018-02-10 07:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-19 10:29 - 2018-02-10 07:08 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-19 10:29 - 2018-02-10 07:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-19 10:29 - 2018-02-10 07:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-19 10:29 - 2018-02-10 07:07 - 002710728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-19 10:29 - 2018-02-10 07:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-19 10:29 - 2018-02-10 07:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-19 10:29 - 2018-02-10 07:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-19 10:29 - 2018-02-10 07:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-19 10:29 - 2018-02-10 07:06 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-02-19 10:29 - 2018-02-10 07:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-02-19 10:29 - 2018-02-10 07:06 - 000519144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-19 10:29 - 2018-02-10 07:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-19 10:29 - 2018-02-10 07:06 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-19 10:29 - 2018-02-10 07:04 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-02-19 10:29 - 2018-02-10 07:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-19 10:29 - 2018-02-10 07:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-19 10:29 - 2018-02-10 07:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-19 10:29 - 2018-02-10 07:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-02-19 10:29 - 2018-02-10 07:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-19 10:29 - 2018-02-10 07:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-02-19 10:29 - 2018-02-10 07:02 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-02-19 10:29 - 2018-02-10 06:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-19 10:29 - 2018-02-10 06:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-02-19 10:29 - 2018-02-10 06:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-02-19 10:29 - 2018-02-10 06:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-19 10:29 - 2018-02-10 06:17 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-19 10:29 - 2018-02-10 06:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-19 10:29 - 2018-02-10 06:09 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-19 10:29 - 2018-02-10 06:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-19 10:29 - 2018-02-10 06:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-19 10:29 - 2018-02-10 06:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-19 10:29 - 2018-02-10 06:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-02-19 10:29 - 2018-02-10 06:08 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-19 10:29 - 2018-02-10 06:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-19 10:29 - 2018-02-10 06:07 - 025253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-19 10:29 - 2018-02-10 06:07 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-19 10:29 - 2018-02-10 06:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-02-19 10:29 - 2018-02-10 06:06 - 006481640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-19 10:29 - 2018-02-10 06:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-19 10:29 - 2018-02-10 06:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-19 10:29 - 2018-02-10 06:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-19 10:29 - 2018-02-10 06:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-19 10:29 - 2018-02-10 06:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-19 10:29 - 2018-02-10 06:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-19 10:29 - 2018-02-10 06:04 - 001491352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-02-19 10:29 - 2018-02-10 05:50 - 003665408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-19 10:29 - 2018-02-10 05:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-19 10:29 - 2018-02-10 05:50 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-19 10:29 - 2018-02-10 05:49 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-19 10:29 - 2018-02-10 05:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-19 10:29 - 2018-02-10 05:49 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-19 10:29 - 2018-02-10 05:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-19 10:29 - 2018-02-10 05:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-19 10:29 - 2018-02-10 05:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-19 10:29 - 2018-02-10 05:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-19 10:29 - 2018-02-10 05:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-19 10:29 - 2018-02-10 05:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-19 10:29 - 2018-02-10 05:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-19 10:29 - 2018-02-10 05:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-19 10:29 - 2018-02-10 05:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-19 10:29 - 2018-02-10 05:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-19 10:29 - 2018-02-10 05:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-19 10:29 - 2018-02-10 05:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-19 10:29 - 2018-02-10 05:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-19 10:29 - 2018-02-10 05:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-19 10:29 - 2018-02-10 05:44 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-19 10:29 - 2018-02-10 05:44 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-19 10:29 - 2018-02-10 05:43 - 018923008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-19 10:29 - 2018-02-10 05:43 - 008020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-19 10:29 - 2018-02-10 05:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-19 10:29 - 2018-02-10 05:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-19 10:29 - 2018-02-10 05:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-19 10:29 - 2018-02-10 05:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 023671808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-19 10:29 - 2018-02-10 05:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 019352576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-19 10:29 - 2018-02-10 05:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 012831744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 008110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-19 10:29 - 2018-02-10 05:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-19 10:29 - 2018-02-10 05:40 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 011925504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 006567936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-19 10:29 - 2018-02-10 05:38 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-19 10:29 - 2018-02-10 05:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 003678720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-19 10:29 - 2018-02-10 05:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-19 10:29 - 2018-02-10 05:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-19 10:29 - 2018-02-10 05:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-19 10:29 - 2018-02-10 05:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-19 10:29 - 2018-02-10 05:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-19 10:29 - 2018-02-10 05:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-19 10:29 - 2018-02-10 05:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-19 10:29 - 2018-02-10 05:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-19 10:29 - 2018-02-10 05:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-19 10:29 - 2018-02-10 05:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-19 10:29 - 2018-02-10 05:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-19 10:29 - 2018-02-09 04:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-19 10:29 - 2018-02-09 04:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-19 10:29 - 2018-02-02 04:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-19 10:29 - 2018-01-01 18:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-02-19 10:29 - 2018-01-01 13:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-02-19 10:29 - 2018-01-01 13:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-02-19 10:29 - 2018-01-01 13:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-02-19 10:29 - 2018-01-01 13:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-02-19 10:29 - 2018-01-01 13:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-02-19 10:29 - 2018-01-01 13:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-02-19 10:29 - 2018-01-01 13:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-02-19 10:29 - 2018-01-01 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-02-19 10:29 - 2018-01-01 13:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-02-19 10:29 - 2018-01-01 13:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-02-19 10:29 - 2018-01-01 13:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-02-19 10:29 - 2018-01-01 13:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-02-19 10:29 - 2018-01-01 13:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-02-19 10:29 - 2018-01-01 13:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-02-19 10:29 - 2018-01-01 13:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-02-19 10:29 - 2018-01-01 13:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-02-19 10:29 - 2018-01-01 13:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-02-19 10:29 - 2018-01-01 12:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-02-19 10:29 - 2018-01-01 12:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-02-19 10:29 - 2018-01-01 12:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-02-19 10:29 - 2018-01-01 12:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-02-19 10:29 - 2018-01-01 12:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-19 10:29 - 2018-01-01 12:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-02-19 10:29 - 2018-01-01 12:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-02-19 10:29 - 2018-01-01 12:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-02-19 10:29 - 2018-01-01 12:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-02-19 10:29 - 2018-01-01 12:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-02-19 10:29 - 2018-01-01 12:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-02-19 10:29 - 2018-01-01 12:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-02-19 10:29 - 2018-01-01 12:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-02-19 10:29 - 2018-01-01 12:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-02-19 10:29 - 2018-01-01 12:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-02-19 10:29 - 2018-01-01 12:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-19 10:29 - 2018-01-01 12:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-19 10:29 - 2018-01-01 12:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-19 10:29 - 2018-01-01 12:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-02-19 10:29 - 2018-01-01 12:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-02-19 10:29 - 2018-01-01 12:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-02-19 10:29 - 2018-01-01 12:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-02-19 10:29 - 2018-01-01 12:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-02-19 10:29 - 2018-01-01 12:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-02-19 10:29 - 2018-01-01 12:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-02-19 10:29 - 2018-01-01 12:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-02-19 10:29 - 2018-01-01 12:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-19 10:29 - 2018-01-01 12:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-02-19 10:29 - 2018-01-01 12:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-02-19 10:29 - 2018-01-01 12:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-02-19 10:29 - 2018-01-01 12:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-02-19 10:29 - 2018-01-01 12:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-02-19 10:28 - 2018-02-10 07:22 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-19 10:28 - 2018-02-10 07:22 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-19 10:28 - 2018-02-10 07:21 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-19 10:28 - 2018-02-10 07:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-19 10:28 - 2018-02-10 07:21 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-19 10:28 - 2018-02-10 07:20 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-19 10:28 - 2018-02-10 07:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-02-19 10:28 - 2018-02-10 07:20 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-02-19 10:28 - 2018-02-10 07:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-19 10:28 - 2018-02-10 07:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-02-19 10:28 - 2018-02-10 07:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-19 10:28 - 2018-02-10 07:15 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-02-19 10:28 - 2018-02-10 07:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-19 10:28 - 2018-02-10 07:13 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-02-19 10:28 - 2018-02-10 07:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-02-19 10:28 - 2018-02-10 07:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-02-19 10:28 - 2018-02-10 07:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-02-19 10:28 - 2018-02-10 07:11 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-19 10:28 - 2018-02-10 07:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-19 10:28 - 2018-02-10 07:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-02-19 10:28 - 2018-02-10 07:09 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-19 10:28 - 2018-02-10 07:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-19 10:28 - 2018-02-10 07:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-19 10:28 - 2018-02-10 07:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-19 10:28 - 2018-02-10 07:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-02-19 10:28 - 2018-02-10 07:06 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-19 10:28 - 2018-02-10 07:06 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-19 10:28 - 2018-02-10 07:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-19 10:28 - 2018-02-10 07:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-19 10:28 - 2018-02-10 07:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-19 10:28 - 2018-02-10 07:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-19 10:28 - 2018-02-10 07:05 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-02-19 10:28 - 2018-02-10 07:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-19 10:28 - 2018-02-10 07:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-02-19 10:28 - 2018-02-10 07:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-19 10:28 - 2018-02-10 07:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-19 10:28 - 2018-02-10 07:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-19 10:28 - 2018-02-10 07:04 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-19 10:28 - 2018-02-10 07:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-19 10:28 - 2018-02-10 07:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-19 10:28 - 2018-02-10 07:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-19 10:28 - 2018-02-10 07:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-19 10:28 - 2018-02-10 07:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-02-19 10:28 - 2018-02-10 07:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-02-19 10:28 - 2018-02-10 07:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-02-19 10:28 - 2018-02-10 07:02 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-02-19 10:28 - 2018-02-10 07:02 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-02-19 10:28 - 2018-02-10 07:02 - 000231320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-02-19 10:28 - 2018-02-10 07:02 - 000040352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-02-19 10:28 - 2018-02-10 06:22 - 001930224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-02-19 10:28 - 2018-02-10 06:18 - 000022424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-02-19 10:28 - 2018-02-10 06:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-02-19 10:28 - 2018-02-10 06:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-02-19 10:28 - 2018-02-10 06:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-02-19 10:28 - 2018-02-10 06:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-02-19 10:28 - 2018-02-10 06:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-02-19 10:28 - 2018-02-10 06:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-19 10:28 - 2018-02-10 06:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-02-19 10:28 - 2018-02-10 06:07 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-19 10:28 - 2018-02-10 06:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-02-19 10:28 - 2018-02-10 06:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-02-19 10:28 - 2018-02-10 06:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-19 10:28 - 2018-02-10 06:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-02-19 10:28 - 2018-02-10 06:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-02-19 10:28 - 2018-02-10 06:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-02-19 10:28 - 2018-02-10 06:04 - 000027032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2018-02-19 10:28 - 2018-02-10 06:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-02-19 10:28 - 2018-02-10 05:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-02-19 10:28 - 2018-02-10 05:50 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-19 10:28 - 2018-02-10 05:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-19 10:28 - 2018-02-10 05:49 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-19 10:28 - 2018-02-10 05:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-02-19 10:28 - 2018-02-10 05:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-02-19 10:28 - 2018-02-10 05:49 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-19 10:28 - 2018-02-10 05:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-19 10:28 - 2018-02-10 05:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-02-19 10:28 - 2018-02-10 05:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-02-19 10:28 - 2018-02-10 05:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-19 10:28 - 2018-02-10 05:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-02-19 10:28 - 2018-02-10 05:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-02-19 10:28 - 2018-02-10 05:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-19 10:28 - 2018-02-10 05:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-02-19 10:28 - 2018-02-10 05:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-02-19 10:28 - 2018-02-10 05:45 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-02-19 10:28 - 2018-02-10 05:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-02-19 10:28 - 2018-02-10 05:44 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-02-19 10:28 - 2018-02-10 05:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppManagementConfiguration.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-02-19 10:28 - 2018-02-10 05:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-02-19 10:28 - 2018-02-10 05:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-02-19 10:28 - 2018-02-10 05:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-19 10:28 - 2018-02-10 05:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-19 10:28 - 2018-02-10 05:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-02-19 10:28 - 2018-02-10 05:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-02-19 10:28 - 2018-02-10 05:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-02-19 10:28 - 2018-02-10 05:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-19 10:28 - 2018-02-10 05:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppManagementConfiguration.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-02-19 10:28 - 2018-02-10 05:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-02-19 10:28 - 2018-02-10 05:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-02-19 10:28 - 2018-02-10 05:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-02-19 10:28 - 2018-02-10 05:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-02-19 10:28 - 2018-02-10 05:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-02-19 10:28 - 2018-02-10 05:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-02-19 10:28 - 2018-02-10 05:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-02-19 10:28 - 2018-02-10 05:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-02-19 10:28 - 2018-02-10 05:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-19 10:28 - 2018-02-10 05:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-02-19 10:28 - 2018-02-10 05:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-02-19 10:28 - 2018-02-10 05:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-02-19 10:28 - 2018-02-10 05:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-19 10:28 - 2018-02-10 05:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-19 10:28 - 2018-02-10 05:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-19 10:28 - 2018-02-10 05:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-02-19 10:28 - 2018-02-10 05:36 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-19 10:28 - 2018-02-10 05:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-19 10:28 - 2018-02-10 05:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-19 10:28 - 2018-02-10 05:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-19 10:28 - 2018-02-10 05:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-19 10:28 - 2018-02-10 05:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-19 10:28 - 2018-02-10 05:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-19 10:28 - 2018-02-10 05:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-19 10:28 - 2018-02-10 05:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-19 10:28 - 2018-02-10 05:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-19 10:28 - 2018-02-10 05:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-02-19 10:28 - 2018-02-10 05:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-19 10:28 - 2018-02-10 05:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-19 10:28 - 2018-02-10 05:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-19 10:28 - 2018-02-10 05:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-02-19 10:28 - 2018-02-10 05:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-19 10:28 - 2018-02-10 05:32 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-02-19 10:28 - 2018-02-10 05:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-19 10:28 - 2018-02-10 05:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-19 10:28 - 2018-02-10 05:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-19 10:28 - 2018-02-10 05:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-02-19 10:28 - 2018-02-10 05:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-02-19 10:28 - 2018-02-10 03:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-02-19 10:28 - 2018-02-10 03:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-02-19 10:28 - 2018-02-09 04:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-19 10:28 - 2018-02-09 04:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-19 10:28 - 2018-02-09 04:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-19 10:28 - 2018-02-02 04:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-19 10:28 - 2018-02-02 04:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-19 10:28 - 2018-02-02 04:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-19 10:28 - 2018-02-02 04:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-19 10:28 - 2018-01-01 13:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-02-19 10:28 - 2018-01-01 13:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-02-19 10:28 - 2018-01-01 13:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-02-19 10:28 - 2018-01-01 13:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-02-19 10:28 - 2018-01-01 13:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-02-19 10:28 - 2018-01-01 13:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-02-19 10:28 - 2018-01-01 13:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-02-19 10:28 - 2018-01-01 13:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-02-19 10:28 - 2018-01-01 13:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-02-19 10:28 - 2018-01-01 13:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-02-19 10:28 - 2018-01-01 13:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-02-19 10:28 - 2018-01-01 13:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-02-19 10:28 - 2018-01-01 13:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-02-19 10:28 - 2018-01-01 13:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-02-19 10:28 - 2018-01-01 13:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-02-19 10:28 - 2018-01-01 13:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-02-19 10:28 - 2018-01-01 13:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-02-19 10:28 - 2018-01-01 13:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-02-19 10:28 - 2018-01-01 13:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-02-19 10:28 - 2018-01-01 13:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-02-19 10:28 - 2018-01-01 13:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-02-19 10:28 - 2018-01-01 13:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-02-19 10:28 - 2018-01-01 13:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-02-19 10:28 - 2018-01-01 13:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-02-19 10:28 - 2018-01-01 12:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-02-19 10:28 - 2018-01-01 12:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-02-19 10:28 - 2018-01-01 12:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-02-19 10:28 - 2018-01-01 12:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-02-19 10:28 - 2018-01-01 12:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-02-19 10:28 - 2018-01-01 12:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-02-19 10:28 - 2018-01-01 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-02-19 10:28 - 2018-01-01 12:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-02-19 10:28 - 2018-01-01 12:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-02-19 10:28 - 2018-01-01 12:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-02-19 10:28 - 2018-01-01 12:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-02-19 10:28 - 2018-01-01 12:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-02-19 10:28 - 2018-01-01 12:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-02-19 10:28 - 2018-01-01 12:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-02-19 10:28 - 2018-01-01 12:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-19 10:28 - 2018-01-01 12:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-02-19 10:28 - 2018-01-01 12:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-02-19 10:28 - 2018-01-01 12:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-02-19 10:28 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-02-19 10:28 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-02-19 10:28 - 2018-01-01 12:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-02-19 10:28 - 2018-01-01 12:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-02-19 10:28 - 2018-01-01 12:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-02-19 10:28 - 2018-01-01 12:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-02-19 10:28 - 2018-01-01 12:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-02-19 10:28 - 2018-01-01 12:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-02-19 10:28 - 2018-01-01 12:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-02-19 10:28 - 2018-01-01 12:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-19 10:28 - 2018-01-01 12:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-02-19 10:28 - 2018-01-01 12:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-02-19 10:28 - 2018-01-01 12:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-02-19 10:28 - 2018-01-01 12:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-02-19 10:28 - 2018-01-01 12:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-02-19 10:28 - 2018-01-01 12:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-02-19 10:28 - 2018-01-01 12:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-02-19 10:28 - 2018-01-01 12:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-02-19 10:28 - 2018-01-01 12:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-02-19 10:28 - 2018-01-01 12:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-02-19 10:28 - 2018-01-01 12:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-02-19 10:28 - 2018-01-01 12:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-02-19 10:28 - 2018-01-01 12:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-02-19 10:28 - 2018-01-01 12:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-02-19 10:28 - 2018-01-01 12:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-02-19 10:28 - 2018-01-01 12:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-02-19 10:28 - 2018-01-01 12:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-02-19 10:28 - 2018-01-01 12:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-02-19 10:28 - 2018-01-01 12:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-02-19 10:28 - 2018-01-01 12:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-02-19 10:28 - 2018-01-01 12:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-02-19 10:28 - 2018-01-01 12:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-02-19 10:28 - 2018-01-01 12:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-02-19 10:28 - 2018-01-01 12:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-02-19 10:28 - 2018-01-01 12:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-02-19 10:28 - 2018-01-01 12:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-02-18 17:57 - 2018-02-18 17:57 - 000000000 ____D C:\Users\Utente\Documents\Inspector
2018-02-18 14:34 - 2018-02-18 14:34 - 000000000 ____D C:\Users\Utente\AppData\Roaming\AVAST Software
2018-02-18 14:33 - 2018-02-19 10:07 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-02-18 14:33 - 2018-02-18 14:33 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-02-18 14:33 - 2018-02-18 14:33 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-02-18 14:33 - 2018-02-18 14:33 - 000001987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-02-18 14:33 - 2018-02-18 14:33 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-02-18 14:30 - 2018-02-18 14:30 - 007236456 _____ (AVAST Software) C:\Users\Utente\Downloads\avast_free_antivirus_setup_online.exe
2018-02-18 14:30 - 2018-02-18 14:30 - 000000000 ____D C:\Program Files\AVAST Software
2018-02-18 14:21 - 2018-02-18 14:21 - 000000000 ____D C:\ProgramData\USOShared
2018-02-18 14:18 - 2018-02-18 14:18 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-02-18 14:17 - 2018-02-22 12:18 - 002126678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-18 14:16 - 2018-02-18 14:16 - 000000020 ___SH C:\Users\Utente\ntuser.ini
2018-02-18 14:14 - 2018-02-22 12:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-18 14:14 - 2018-02-22 11:54 - 000004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19637F17-3323-4AEE-B469-229196A4AF24}
2018-02-18 14:14 - 2018-02-18 14:14 - 000018270 _____ C:\WINDOWS\System32\Tasks\nqVZgH3yJhcC
2018-02-18 14:14 - 2018-02-18 14:14 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-02-18 14:14 - 2018-02-18 14:14 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-02-18 14:14 - 2018-02-18 14:14 - 000003596 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-18 14:14 - 2018-02-18 14:14 - 000003486 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Update {DBDA0F24-94C2-4308-A6FB-8AC64E589E57}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003486 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Update {77E93B0E-F25A-4472-805B-C871AB5D3D13}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003486 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Update {27EA6135-4C51-4A28-8897-92FC66A05D44}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003486 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Update {0B9E3542-436B-40CB-B714-6EFF13FA0EAF}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003372 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-18 14:14 - 2018-02-18 14:14 - 000003308 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Invitation {DBDA0F24-94C2-4308-A6FB-8AC64E589E57}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003308 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Invitation {77E93B0E-F25A-4472-805B-C871AB5D3D13}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003308 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Invitation {27EA6135-4C51-4A28-8897-92FC66A05D44}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003308 _____ C:\WINDOWS\System32\Tasks\EPSON XP-610 Series Invitation {0B9E3542-436B-40CB-B714-6EFF13FA0EAF}
2018-02-18 14:14 - 2018-02-18 14:14 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002896 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3454903148-161096206-1152172953-1004
2018-02-18 14:14 - 2018-02-18 14:14 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3454903148-161096206-1152172953-1001
2018-02-18 14:14 - 2018-02-18 14:14 - 000002848 _____ C:\WINDOWS\System32\Tasks\JavaUpdateSched
2018-02-18 14:14 - 2018-02-18 14:14 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002770 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-demeo.gabriele@outlook.com
2018-02-18 14:14 - 2018-02-18 14:14 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-18 14:14 - 2018-02-18 14:14 - 000002636 _____ C:\WINDOWS\System32\Tasks\IntelBootstrapCCDashExe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-02-18 14:14 - 2018-02-18 14:14 - 000002444 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002388 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002374 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002370 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2018-02-18 14:14 - 2018-02-18 14:14 - 000002310 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2018-02-18 14:14 - 2018-02-18 14:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-3454903148-161096206-1152172953-1001
2018-02-18 14:14 - 2018-02-18 14:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-02-18 14:11 - 2018-02-18 14:11 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-18 14:11 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-02-18 14:10 - 2018-02-20 11:46 - 000000000 ____D C:\Users\vince
2018-02-18 14:10 - 2018-02-18 14:16 - 000000000 ____D C:\Users\Utente
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Risorse di stampa
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Risorse di rete
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Recenti
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Modelli
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Menu Avvio
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Impostazioni locali
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Documents\Video
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Documents\Musica
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Documents\Immagini
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Documenti
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\Dati applicazioni
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\AppData\Local\Dati applicazioni
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\vince\AppData\Local\Cronologia
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Risorse di stampa
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Risorse di rete
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Recenti
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Modelli
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Menu Avvio
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Impostazioni locali
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Documents\Video
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Documents\Musica
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Documents\Immagini
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Documenti
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\Dati applicazioni
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\AppData\Local\Dati applicazioni
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 _SHDL C:\Users\Utente\AppData\Local\Cronologia
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 ____D C:\Users\vince\AppData\Local\Packages
2018-02-18 14:10 - 2018-02-18 14:10 - 000000000 ____D C:\Users\Utente\AppData\Local\Packages
2018-02-18 14:09 - 2018-02-22 13:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-18 14:09 - 2018-02-20 11:49 - 005067216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-18 14:07 - 2018-02-18 14:15 - 000000000 ____D C:\Windows.old
2018-02-18 14:06 - 2018-02-18 14:06 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-02-18 14:03 - 2018-02-18 14:07 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-02-18 14:02 - 2018-02-18 14:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-02-18 14:01 - 2018-02-18 14:01 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2018-02-18 14:01 - 2018-02-18 14:01 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2018-02-18 14:01 - 2018-02-18 14:01 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2018-02-18 14:01 - 2018-02-18 14:01 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2018-02-18 14:01 - 2018-02-18 14:01 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-02-18 14:01 - 2018-02-18 14:01 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-02-18 14:01 - 2018-02-18 14:01 - 000000000 ____D C:\Program Files\MSBuild
2018-02-18 14:01 - 2018-02-18 14:01 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-02-18 14:01 - 2018-02-18 14:01 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-02-18 14:01 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-02-18 14:01 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-18 14:01 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-02-18 14:01 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-02-18 14:01 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-18 14:01 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-02-18 14:00 - 2017-09-28 19:05 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2018-02-18 14:00 - 2017-09-28 19:05 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2018-02-18 14:00 - 2017-09-28 18:56 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2018-02-18 14:00 - 2017-09-28 18:44 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2018-02-18 14:00 - 2017-09-28 18:38 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2018-02-18 13:56 - 2018-02-18 13:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-02-18 13:04 - 2018-02-20 11:26 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-18 11:48 - 2018-02-18 11:48 - 000000000 ___HD C:\$Windows.~WS
2018-02-18 11:47 - 2018-02-18 11:48 - 018617536 _____ (Microsoft Corporation) C:\Users\Utente\Downloads\MediaCreationTool.exe
2018-02-18 11:07 - 2018-02-18 11:08 - 000000000 ____D C:\Users\Utente\Downloads\Wise Registry Cleaner
2018-02-16 10:29 - 2018-02-16 10:29 - 000002450 _____ C:\Users\vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-16 10:28 - 2018-02-16 10:28 - 000000000 ____D C:\Users\vince\ansel
2018-02-15 22:36 - 2018-02-15 22:36 - 000000000 ___HD C:\$SysReset
2018-02-15 19:17 - 2018-02-15 19:17 - 000002453 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-15 09:54 - 2018-02-18 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2018-02-15 09:32 - 2018-02-22 13:03 - 000000000 ____D C:\Disk
2018-02-15 09:32 - 2018-02-15 09:44 - 000000000 ____D C:\Windat
2018-02-15 09:31 - 2018-02-15 09:46 - 000000000 ____D C:\Users\Utente\AppData\Roaming\yltlv2e1ki3
2018-02-15 09:31 - 2018-02-15 09:46 - 000000000 ____D C:\Users\Utente\AppData\Roaming\3ggzxdslk30
2018-02-15 09:31 - 2018-02-15 09:31 - 000000000 ____D C:\Program Files\My Program
2018-02-15 09:31 - 2018-02-12 21:13 - 001015808 _____ C:\WINDOWS\system32\mcicda64.dll
2018-02-15 09:30 - 2018-02-15 09:46 - 000000000 ____D C:\Program Files (x86)\zAz
2018-02-15 09:30 - 2018-02-15 09:30 - 000140800 _____ C:\Users\Utente\AppData\Local\installer.dat
2018-02-15 09:28 - 2018-02-15 09:45 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.2 Final
2018-02-14 00:03 - 2018-02-14 00:03 - 000038433 _____ C:\WINDOWS\uninstaller.dat
2018-02-11 16:09 - 2018-02-11 16:09 - 000001190 _____ C:\Users\Utente\Desktop\Cemu.lnk
2018-02-10 18:57 - 2018-02-11 11:20 - 000000000 ____D C:\Users\Utente\Documents\Weapons Backup
2018-02-10 13:31 - 2018-02-10 13:31 - 000002280 _____ C:\Users\Utente\Desktop\Atom.lnk
2018-02-08 18:33 - 2018-02-08 18:33 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsignd8ab5bcf626b1e9b
2018-02-08 18:33 - 2018-02-08 18:33 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign9933b153e001c4a7
2018-02-08 18:33 - 2018-02-08 18:33 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign4e84c83f4e74acf2
2018-02-08 18:33 - 2018-02-08 18:33 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign0e721749e287b6d5
2018-02-08 17:10 - 2018-02-08 17:10 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsigncf3b334b577f2918
2018-02-08 17:10 - 2018-02-08 17:10 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign81f502124bb07fa5
2018-02-08 17:10 - 2018-02-08 17:10 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign5252a58225aabe13
2018-02-08 17:10 - 2018-02-08 17:10 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign51c594d6502137f8
2018-02-08 17:08 - 2018-02-11 11:24 - 000000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {DBDA0F24-94C2-4308-A6FB-8AC64E589E57}.job
2018-02-08 17:08 - 2018-02-11 11:24 - 000000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {DBDA0F24-94C2-4308-A6FB-8AC64E589E57}.job
2018-02-08 17:07 - 2018-02-11 11:24 - 000000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {77E93B0E-F25A-4472-805B-C871AB5D3D13}.job
2018-02-08 17:07 - 2018-02-11 11:24 - 000000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {77E93B0E-F25A-4472-805B-C871AB5D3D13}.job
2018-02-08 14:33 - 2018-02-08 14:33 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign1d976ac684d0f95e
2018-02-08 14:24 - 2018-02-08 14:24 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsignda969463b7f9766b
2018-02-08 14:24 - 2018-02-08 14:24 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsignbc4782e8d80e7ac9
2018-02-08 14:24 - 2018-02-08 14:24 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign3600e3fe860ffbb7
2018-02-08 13:27 - 2018-02-08 13:27 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsigne7c3b18f52ed71d4
2018-02-08 13:21 - 2018-02-08 13:21 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsignb403fbbdf639cbbb
2018-02-08 13:16 - 2018-02-08 13:16 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsignc74be97e27e25bba
2018-02-08 13:16 - 2018-02-08 13:16 - 000000000 ____D C:\Users\Utente\AppData\Local\Tempzxpsign58ad0b874cf49a28
2018-02-06 18:32 - 2018-02-18 09:35 - 000000000 ___RD C:\Users\Utente\Documents\cemu_1.11.4
2018-02-06 09:19 - 2018-02-06 09:43 - 000000000 ____D C:\Users\Utente\Documents\Zelda Amiibo
2018-02-04 10:39 - 2018-02-04 10:39 - 072520704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-02-04 10:39 - 2018-02-04 10:39 - 013831786 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-02-04 10:39 - 2018-02-04 10:39 - 007172904 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 006264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 005995944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-02-04 10:39 - 2018-02-04 10:39 - 005804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2018-02-04 10:39 - 2018-02-04 10:39 - 005346992 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-02-04 10:39 - 2018-02-04 10:39 - 003561920 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003509192 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003135776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 003122648 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 002922976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 002444680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 002190976 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001959592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001544248 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001372384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001348160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001337632 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001259720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001159176 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 001016920 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000984904 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000965016 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000877424 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000873456 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000868168 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000866632 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000737960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000691672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000680544 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000526272 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000504296 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000416496 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000406448 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000387304 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000381400 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000378376 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000366112 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000360336 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000321704 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000252864 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000154352 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000118584 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000088336 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000088312 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000083616 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-02-04 10:39 - 2018-02-04 10:39 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-02-03 12:39 - 2018-02-03 12:40 - 000000000 ____D C:\Users\Utente\AppData\Local\MSfree Inc
2018-02-03 12:37 - 2018-02-18 14:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strumenti di Microsoft Office 2016
2018-02-03 12:37 - 2018-02-03 12:37 - 000002692 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002686 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002686 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002686 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002678 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002678 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002678 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002672 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-02-03 12:37 - 2018-02-03 12:37 - 000002658 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-02-03 12:36 - 2018-02-03 12:36 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-02-03 12:36 - 2018-02-03 12:36 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-02-03 12:36 - 2018-02-03 12:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-03 12:36 - 2018-02-03 12:36 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-02-03 12:32 - 2018-02-03 12:36 - 000000000 ____D C:\Program Files\Microsoft Office
2018-02-03 12:32 - 2018-02-03 12:32 - 000000000 __RHD C:\MSOCache
2018-02-03 12:32 - 2018-02-03 12:32 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-02-03 12:32 - 2018-02-03 12:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-02-02 19:01 - 2018-02-02 19:01 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-02 19:01 - 2018-01-23 23:57 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-02-02 19:01 - 2017-11-02 21:15 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-02-02 19:01 - 2017-11-02 21:15 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-02-02 19:01 - 2017-11-02 21:15 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-02-02 19:01 - 2017-11-02 21:14 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-02-02 18:59 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001334808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001049480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000599352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-02-02 18:59 - 2018-01-24 01:23 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-02-02 18:59 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-02 18:59 - 2018-01-24 01:23 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-02-02 18:59 - 2018-01-24 01:23 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-02-02 08:32 - 2017-11-11 13:50 - 002294784 _____ () C:\Users\Utente\Documents\MapleSeed2.exe
2018-01-29 23:42 - 2017-11-06 09:38 - 000000000 ____D C:\Users\Utente\Documents\Controller per cemu
2018-01-29 23:41 - 2018-02-18 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy
2018-01-29 23:41 - 2018-01-29 23:41 - 000000000 ____D C:\Program Files\vJoy
2018-01-29 23:41 - 2017-04-06 09:15 - 000010936 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\hidkmdf.sys
2018-01-29 23:41 - 2017-04-06 09:14 - 000057976 _____ (Shaul Eizikovich) C:\WINDOWS\system32\Drivers\vjoy.sys
2018-01-28 15:44 - 2018-01-23 23:57 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-28 15:43 - 2018-02-18 14:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-01-28 15:42 - 2018-01-04 02:44 - 004580320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SETF753.tmp
2018-01-28 15:42 - 2018-01-04 02:44 - 001975184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439065.dll
2018-01-28 15:42 - 2018-01-04 02:44 - 001674544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439065.dll
2018-01-28 15:39 - 2018-01-10 15:33 - 002425656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-01-28 15:39 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-01-28 12:51 - 2018-01-28 12:45 - 000144448 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-01-28 12:46 - 2018-01-28 12:46 - 000000000 ____D C:\Users\Default\AppData\Roaming\Sun
2018-01-28 12:46 - 2018-01-28 12:46 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2018-01-28 11:23 - 2018-02-02 08:33 - 000000000 ____D C:\Users\Utente\AppData\Roaming\MapleTree
2018-01-27 13:14 - 2018-01-27 13:14 - 000029234 _____ C:\Users\Utente\Downloads\[limetorrents.cc]The.Legend.of.Zelda.Breath.of.the.Wild.v1.1.0.torrent
2018-01-24 10:36 - 2018-01-24 11:06 - 000000000 ____D C:\Users\Utente\AppData\Roaming\XMind ZEN

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-22 13:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-02-22 12:44 - 2017-09-29 14:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-02-22 12:25 - 2017-06-14 00:26 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-22 12:18 - 2017-09-30 15:41 - 000964486 _____ C:\WINDOWS\system32\perfh010.dat
2018-02-22 12:18 - 2017-09-30 15:41 - 000199032 _____ C:\WINDOWS\system32\perfc010.dat
2018-02-22 12:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-22 12:13 - 2016-08-09 16:52 - 000000000 __RDL C:\Users\Utente\OneDrive
2018-02-22 12:12 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-22 00:08 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-21 23:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-21 18:32 - 2018-01-17 16:31 - 000000000 ____D C:\Users\vince\AppData\LocalLow\IObit
2018-02-21 18:32 - 2017-10-29 10:06 - 000000000 ____D C:\Users\vince\AppData\Roaming\IObit
2018-02-21 18:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-21 18:32 - 2017-05-18 15:23 - 000000000 ____D C:\Program Files (x86)\IObit
2018-02-21 18:32 - 2017-05-18 15:22 - 000000000 ____D C:\ProgramData\IObit
2018-02-21 17:51 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-21 17:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-20 17:43 - 2017-05-18 15:22 - 000000000 ____D C:\Users\Utente\AppData\Roaming\IObit
2018-02-20 17:41 - 2017-06-04 11:19 - 000000000 ____D C:\Users\Default\AppData\Roaming\IObit
2018-02-20 17:41 - 2017-06-04 11:19 - 000000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2018-02-20 17:41 - 2017-05-18 15:23 - 000000000 ____D C:\Users\Utente\AppData\LocalLow\IObit
2018-02-20 16:55 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-20 11:55 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-20 11:50 - 2017-06-10 00:26 - 000000000 ___RD C:\Users\Utente\3D Objects
2018-02-20 11:50 - 2016-04-27 06:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-02-20 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-02-20 11:48 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-02-19 17:59 - 2017-02-15 09:31 - 000000000 ____D C:\ESD
2018-02-19 10:11 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-02-18 16:26 - 2016-09-06 07:41 - 000000000 ____D C:\Users\Utente\AppData\Local\ElevatedDiagnostics
2018-02-18 14:49 - 2017-06-14 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\LifeCamTrueColor
2018-02-18 14:49 - 2017-06-14 00:26 - 000000000 ____D C:\WINDOWS\system32\LifeCamTrueColor
2018-02-18 14:30 - 2016-08-12 23:45 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-18 14:28 - 2017-11-17 13:39 - 000000000 ____D C:\Users\Utente\AppData\Local\PlaceholderTileLogoFolder
2018-02-18 14:27 - 2017-03-16 15:58 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-02-18 14:27 - 2016-08-09 11:48 - 000000000 ____D C:\ProgramData\Skype
2018-02-18 14:16 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-02-18 14:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-18 14:15 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-02-18 14:15 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2018-02-18 14:14 - 2016-08-18 16:01 - 000023024 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-02-18 14:13 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2018-02-18 14:13 - 2016-08-09 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-18 14:12 - 2016-09-18 09:20 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome
2018-02-18 14:11 - 2017-10-13 12:01 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-02-18 14:11 - 2017-10-12 19:25 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-02-18 14:11 - 2017-10-10 16:24 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2018-02-18 14:11 - 2016-12-01 11:45 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2018-02-18 14:11 - 2016-08-27 22:11 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2018-02-18 14:10 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-02-18 14:09 - 2017-06-14 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-02-18 14:09 - 2017-06-14 00:26 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-02-18 14:09 - 2017-06-14 00:26 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-02-18 14:09 - 2017-06-14 00:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-18 14:09 - 2017-06-14 00:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-18 14:08 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-02-18 14:07 - 2017-12-11 18:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tavoletta Wacom
2018-02-18 14:07 - 2017-12-07 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2018-02-18 14:07 - 2017-10-27 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2018-02-18 14:07 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2018-02-18 14:07 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-18 14:07 - 2017-06-14 00:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-18 14:07 - 2017-06-08 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2018-02-18 14:07 - 2017-05-31 18:02 - 000000000 ____D C:\Program Files\UNP
2018-02-18 14:07 - 2017-05-27 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017
2018-02-18 14:07 - 2017-04-24 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-02-18 14:07 - 2017-03-02 17:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Connect Center
2018-02-18 14:07 - 2017-01-17 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-18 14:07 - 2016-08-18 15:56 - 000000000 ____D C:\Program Files\Intel
2018-02-18 14:07 - 2016-08-13 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2018-02-18 14:07 - 2016-08-13 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2018-02-18 14:07 - 2016-08-13 13:16 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-02-18 14:07 - 2016-08-13 12:39 - 000000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2018-02-18 14:07 - 2016-08-09 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2018-02-18 14:07 - 2016-08-09 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-18 14:07 - 2016-08-09 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2018-02-18 14:07 - 2016-08-09 11:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-02-18 14:07 - 2016-08-09 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-02-18 14:07 - 2016-08-09 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-02-18 14:07 - 2016-04-27 06:23 - 000000000 ____D C:\WINDOWS\ShellNew
2018-02-18 14:05 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-02-18 14:03 - 2017-06-14 00:26 - 000000000 ____D C:\Program Files\Realtek
2018-02-18 14:03 - 2016-11-12 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2018-02-18 14:03 - 2016-11-12 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2018-02-18 14:03 - 2016-10-18 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-18 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-02-18 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-02-18 14:00 - 2017-09-30 15:42 - 000000000 ____D C:\WINDOWS\OCR
2018-02-18 12:25 - 2016-08-09 17:30 - 000000000 ____D C:\Users\Utente\AppData\Local\NVIDIA Corporation
2018-02-18 09:31 - 2017-10-10 18:45 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-18 09:31 - 2016-08-09 17:33 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-18 09:29 - 2016-08-21 20:12 - 000000000 ____D C:\Users\Utente\AppData\Roaming\WTablet
2018-02-17 16:38 - 2016-08-23 12:16 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Skype
2018-02-16 15:09 - 2017-10-29 10:06 - 000000000 ____D C:\Users\vince\AppData\Roaming\WTablet
2018-02-16 15:07 - 2016-08-18 14:44 - 000000000 ____D C:\Users\Utente\AppData\Local\CrashDumps
2018-02-16 10:29 - 2017-10-29 10:07 - 000000000 ___RD C:\Users\vince\OneDrive
2018-02-16 10:28 - 2017-10-29 10:06 - 000000000 ___RD C:\Users\vince\3D Objects
2018-02-15 23:53 - 2017-01-01 18:02 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2018-02-15 22:50 - 2017-05-18 15:23 - 000000000 ____D C:\ProgramData\ProductData
2018-02-15 09:53 - 2017-12-01 11:17 - 000000000 ____D C:\ProgramData\Foxit Software
2018-02-15 09:50 - 2016-08-09 11:47 - 000000000 ____D C:\Program Files\7-Zip
2018-02-14 19:30 - 2016-08-09 17:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-14 18:47 - 2016-08-09 11:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-10 13:31 - 2016-12-01 11:45 - 000000000 ____D C:\Users\Utente\AppData\Local\atom
2018-02-09 15:44 - 2017-09-05 09:37 - 000184320 ___SH C:\Users\Utente\Desktop\Thumbs.db
2018-02-08 18:48 - 2016-08-18 12:45 - 000000000 ___RD C:\Users\Utente\Documents\Blender project
2018-02-08 18:35 - 2017-02-12 23:17 - 000000000 ____D C:\tmp
2018-02-08 14:38 - 2017-09-06 15:27 - 000230400 ___SH C:\Users\Utente\Downloads\Thumbs.db
2018-02-08 14:30 - 2016-08-17 20:27 - 000000000 ____D C:\Users\Utente\Documents\Adobe
2018-02-08 14:30 - 2016-08-09 16:50 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Adobe
2018-02-05 12:44 - 2016-08-14 17:56 - 000000000 ____D C:\Users\Utente\Documents\Minecraft
2018-02-04 10:48 - 2017-04-02 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-02-03 14:35 - 2016-08-09 17:26 - 000000000 ____D C:\Users\Utente\AppData\Local\NVIDIA
2018-02-03 12:32 - 2015-10-30 08:24 - 000000167 _____ C:\WINDOWS\win.ini
2018-02-03 11:21 - 2016-08-09 17:02 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-02 18:33 - 2017-09-17 09:32 - 000000000 ___RD C:\Program Files (x86)\The Sims 4
2018-02-02 11:27 - 2016-08-19 14:04 - 000007601 _____ C:\Users\Utente\AppData\Local\Resmon.ResmonCfg
2018-01-30 17:43 - 2016-08-09 17:07 - 000000000 ____D C:\Users\Utente\AppData\Local\Comms
2018-01-28 12:51 - 2016-08-09 11:47 - 000000000 ____D C:\Program Files\Java
2018-01-28 12:51 - 2016-08-09 11:46 - 000000000 ____D C:\ProgramData\Oracle
2018-01-28 10:49 - 2017-02-19 01:45 - 000000000 ____D C:\Users\Utente\AppData\Roaming\uTorrent
2018-01-27 11:05 - 2017-12-05 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
2018-01-27 11:05 - 2016-09-29 18:30 - 000000000 ____D C:\Program Files (x86)\Splashtop
2018-01-24 11:56 - 2017-10-13 12:01 - 000000000 ____D C:\Users\Utente\AppData\Roaming\WhatsApp
2018-01-24 09:55 - 2016-08-09 17:35 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 00:11 - 2017-06-14 00:26 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-23 23:57 - 2017-06-14 00:26 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-06-14 00:26 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-06-14 00:26 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-06-14 00:26 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-06-14 00:26 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Files in the root of some directories =======

2016-12-23 22:03 - 2017-06-21 14:51 - 000001456 _____ () C:\Users\Utente\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2018-02-15 09:30 - 2018-02-15 09:30 - 000140800 _____ () C:\Users\Utente\AppData\Local\installer.dat
2016-08-19 14:04 - 2018-02-02 11:27 - 000007601 _____ () C:\Users\Utente\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-02-22 12:12 - 2018-02-22 12:06 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Utente\AppData\Local\Temp\AD537D37-EBC0-4B55-9F64-9D5BED0376CC.exe
2018-02-22 12:20 - 2018-02-10 07:15 - 001954048 _____ (Microsoft Corporation) C:\Users\Utente\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-18 14:09

==================== End of FRST.txt ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by Utente (22-02-2018 13:08:02)
Running from C:\Users\Utente\Desktop
Windows 10 Pro Version 1709 16299.248 (X64) (2018-02-18 13:15:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3454903148-161096206-1152172953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3454903148-161096206-1152172953-503 - Limited - Disabled)
Guest (S-1-5-21-3454903148-161096206-1152172953-501 - Limited - Disabled)
Utente (S-1-5-21-3454903148-161096206-1152172953-1001 - Administrator - Enabled) => C:\Users\Utente
vince (S-1-5-21-3454903148-161096206-1152172953-1004 - Limited - Enabled) => C:\Users\vince
WDAGUtilityAccount (S-1-5-21-3454903148-161096206-1152172953-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_1_0) (Version: 14.1.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_5) (Version: 1.0.5 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_2) (Version: 11.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aggiornamenti NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Assistente aggiornamento Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Atom (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\atom) (Version: 1.23.3 - GitHub Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.1.2326 - AVAST Software)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version: - SEIKO EPSON Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.32.1215 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.59.922 - Digital Wave Ltd)
GeoGebra Graphing (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\GeoGebra_Graphing) (Version: 6.0.387 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\{224B61E6-7E54-3DBA-872B-CCE85072D44D}) (Version: 64.0.3282.167 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® CCF Manager (HKLM-x32\...\{0f3d8dd5-54af-4404-a01c-4967e485a065}) (Version: 3.0.13.2211 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 9.0.4 (64-bit) (HKLM\...\{885A3911-0760-5252-92C2-001B92997DEA}) (Version: 9.0.4.0 - Oracle Corporation)
Java(TM) SE Development Kit 9.0.1 (64-bit) (HKLM\...\{4AC8DBB2-1AE5-5156-83F9-D4E2E6DD564B}) (Version: 9.0.1.0 - Oracle Corporation)
K-Lite Codec Pack 12.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.3.0 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes versione 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.0.337.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA Driver del controller 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Pannello di controllo NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.2 - pdfforge GmbH)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.)
Roblox Player for Utente (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Studio for Utente (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
RogueKiller version 12.12.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.5.0 - Adlice Software)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SketchUp 2017 (HKLM\...\{2DC85974-424C-42F9-B4FB-48984F4FF7B7}) (Version: 17.2.2555 - Trimble Navigation Limited)
Software per periferiche con chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
STCServ (HKLM\...\{A954D353-9DAF-4916-8E71-F1E959EBCD1E}) (Version: 3.0.0.1783 - Intel Corporation) Hidden
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tavoletta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.25-3 - Wacom Technology Corp.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
vJoy Device Driver 2.1.8.38 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.8.38 - Shaul Eizikovich)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\WhatsApp) (Version: 0.2.8000 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\WinDirStat) (Version: - )
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3454903148-161096206-1152172953-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-18] (AVAST Software)
ShellIconOverlayIdentifiers: [{BFD98515-CD74-48A4-98E2-13D209E3EE4F}] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\WINDOWS\system32\mcicda64.dll [2018-02-12] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-18] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-18] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-18] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D805F8-B660-4042-9DB4-07FEFA8603B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {15FB6AAA-8919-410C-8B1F-B58ACCFDD1EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-09] (Google Inc.)
Task: {1BD563A6-5759-4D41-ADFB-14AC209B7D6B} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2017-06-13] (Microsoft)
Task: {258DADB3-0371-4576-95EB-D98BE277C84B} - System32\Tasks\EPSON XP-610 Series Invitation {77E93B0E-F25A-4472-805B-C871AB5D3D13} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {2D11F24A-7BD2-4966-A114-E919C6458215} - System32\Tasks\S-1-5-21-3454903148-161096206-1152172953-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {311400B1-90EF-452E-ACC1-E14C5E4195F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {41C5F7E4-06A9-40A0-B1BE-7ECF928D4ED1} - System32\Tasks\IntelBootstrapCCDashExe => C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe [2015-03-16] (Intel® Corporation)
Task: {603E0A11-10CB-49F5-92FE-6997469E56B4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {60A5F4DB-8143-44E8-8718-FE8962E6CC15} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {6107FFF2-12CD-42EF-9DFF-AB7A090BC170} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {61401A90-17F6-4ADD-A838-82FB07FE9598} - System32\Tasks\EPSON XP-610 Series Update {DBDA0F24-94C2-4308-A6FB-8AC64E589E57} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {6730669B-0CAB-4E6B-98A3-AF1F56AA6C18} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-06-13] (Microsoft Corporation)
Task: {6B9218A6-D8C6-42BD-82BD-1EDD12235835} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {71D2D922-9909-4BFA-9842-8268FC9B1058} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {74027F02-018A-4C1A-A66A-B9831A3853BF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-09] (AVAST Software)
Task: {79801CF3-42EC-41C7-813F-58110129286A} - System32\Tasks\EPSON XP-610 Series Invitation {0B9E3542-436B-40CB-B714-6EFF13FA0EAF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {7AE013E7-990E-4CBA-B845-6244459CD00F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {7B8FCB0A-7525-4CE7-B50C-8DAFB69FD46D} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-demeo.gabriele@outlook.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {895B73C8-A7D1-4FAD-8FB5-95B349C3BE4C} - System32\Tasks\EPSON XP-610 Series Update {27EA6135-4C51-4A28-8897-92FC66A05D44} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {9662A312-91CD-403D-9EE5-1D0157B51E71} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {A1707F53-3EEC-4D60-AD0A-26CA60BD8FF8} - System32\Tasks\EPSON XP-610 Series Invitation {DBDA0F24-94C2-4308-A6FB-8AC64E589E57} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {A1F7CF65-F165-405E-B55F-1B81ACD5940A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-06-13] (Microsoft Corporation)
Task: {A4AA6896-3587-469A-9836-3F5BCE4F0461} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2017-06-13] (Microsoft)
Task: {A62F6C55-016D-4C90-BF00-1707DAD6CD09} - System32\Tasks\EPSON XP-610 Series Update {0B9E3542-436B-40CB-B714-6EFF13FA0EAF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {BC9C319C-8BB9-4C1A-9A19-C5BB39CB07D4} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-20] (Oracle Corporation)
Task: {C109A298-5890-408F-B5B6-EEFF3546C15D} - System32\Tasks\nqVZgH3yJhcC => nqvzgh3yjhcc.exe
Task: {C90A5E7E-EEC3-4A59-B4A4-846E58FB552C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {C92340BC-A15A-4534-9D62-F121565A4ECC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {C9316CDA-FE43-4243-A503-1ECB930D9B06} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-06-13] (Microsoft Corporation)
Task: {CF80F3D6-C9DA-4E5A-8415-0362B9744506} - System32\Tasks\EPSON XP-610 Series Invitation {27EA6135-4C51-4A28-8897-92FC66A05D44} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {CFF41CDA-D59F-46DE-8F02-FBB2C1494901} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-09] (Google Inc.)
Task: {D2A97F9E-1F9E-4905-ABAA-6BDEB8AE0718} - System32\Tasks\EPSON XP-610 Series Update {77E93B0E-F25A-4472-805B-C871AB5D3D13} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2015-01-18] (SEIKO EPSON CORPORATION)
Task: {D4A3E5E4-C5FD-4CC1-9ACA-2D85F16D654C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-02-18] (AVAST Software)
Task: {DC43BA47-DC13-4A3B-85C4-2C5AFFF2C4B5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-06-13] (Microsoft Corporation)
Task: {DD9BB4E7-7066-42FC-9C67-D9BC8C74B5D0} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-03-27] (Adobe Systems Incorporated)
Task: {EA41F2C3-5D08-41A2-9673-0FDE667726AF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {EBA20888-E3EF-46FB-A979-D0430F4648DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {EE4C192E-2EC5-4B9C-8BA7-AD9074C5FAA5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EE873C8D-6D71-410F-B603-CA8D2F4C9964} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {F3B632DA-B086-4B62-B84E-9F7DD91ADAE9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {F895AC9C-D91D-44D1-B6A5-BC3A6BB7BD33} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {F9CABB7A-65E0-4D52-B3A4-76F26A975E20} - System32\Tasks\Driver Booster SkipUAC (Utente) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {FB10A227-6CA0-4837-BCCA-0E156860B381} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {0B9E3542-436B-40CB-B714-6EFF13FA0EAF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {27EA6135-4C51-4A28-8897-92FC66A05D44}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {77E93B0E-F25A-4472-805B-C871AB5D3D13}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {DBDA0F24-94C2-4308-A6FB-8AC64E589E57}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {0B9E3542-436B-40CB-B714-6EFF13FA0EAF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{0B9E3542-436B-40CB-B714-6EFF13FA0EAF} /F:UpdateWORKGROUP\PCGABRI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {27EA6135-4C51-4A28-8897-92FC66A05D44}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{27EA6135-4C51-4A28-8897-92FC66A05D44} /F:UpdateWORKGROUP\PCGABRI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {77E93B0E-F25A-4472-805B-C871AB5D3D13}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{77E93B0E-F25A-4472-805B-C871AB5D3D13} /F:UpdateWORKGROUP\PCGABRI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {DBDA0F24-94C2-4308-A6FB-8AC64E589E57}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{DBDA0F24-94C2-4308-A6FB-8AC64E589E57} /F:UpdateWORKGROUP\PCGABRI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\ForumFree.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=onpaokmjncandjkacmikamfgfpfkgfdb
ShortcutWithArgument: C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Posta (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pchkhcnofmbbpoaiganjipbnainpcbni
ShortcutWithArgument: C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Posta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lcdhoefeggjmcgagelcbblaeafkojgdl
ShortcutWithArgument: C:\Users\Utente\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Posta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=pchkhcnofmbbpoaiganjipbnainpcbni

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-28 15:44 - 2018-01-24 01:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-02-20 11:42 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-10-25 08:57 - 2016-10-25 08:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-02-19 10:29 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-19 10:29 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-18 14:27 - 2018-02-18 14:28 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-02-18 14:27 - 2018-02-18 14:28 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-02-18 14:27 - 2018-02-18 14:28 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-02-18 14:27 - 2018-02-18 14:28 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-18 14:27 - 2018-02-18 14:28 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-02-03 11:22 - 2018-02-03 11:23 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-07 08:37 - 2018-02-07 08:40 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-02-14 18:47 - 2018-02-13 05:25 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libglesv2.dll
2018-02-14 18:47 - 2018-02-13 05:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libegl.dll
2018-02-18 14:33 - 2018-02-18 14:33 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-02-18 14:33 - 2018-02-18 14:33 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-18 14:33 - 2018-02-18 14:33 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-02-18 14:33 - 2018-02-18 14:33 - 000275672 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27666012.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27666012.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2018-02-15 09:30 - 000001320 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 mydownloaddomain.com
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 plugpackdownload.net
127.0.0.1 texttotalk.org
127.0.0.1 gambling577.xyz
127.0.0.1 htagdownload.space
127.0.0.1 mybcnmonetize.com
127.0.0.1 360devtraking.website
127.0.0.1 dscdn.pw
127.0.0.1 bcnmonetize.go2affise.com
127.0.0.1 beautifllink.xyz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3454903148-161096206-1152172953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Utente\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{2b82589f-2d62-4d79-a28d-65e3d32fb5ca}.jpg
DNS Servers: 8.8.8.8 - 8.8.8.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: STCServ => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WTabletServicePro => 2
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "Advanced SystemCare Ultimate"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "Advanced SystemCare 11"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1B7DF742-58ED-4301-A78A-9431AEEEFDBD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6CD43BFB-F574-4BFF-AF95-650EA193C70B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{1A8A9075-3E17-4398-AD49-DBDB0E6FE0BF}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{810E06A8-6895-4D41-8564-36372F81AD7C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{958E550A-003D-4113-8F97-501BB9A8D83C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{192F7D52-B7FF-4AA1-99E7-FCE9B1513F22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1EC3EAC9-181B-4D69-B15F-9C6C62A885E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4CD1DA78-D259-442B-A48C-9BD10658F836}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CE971555-0BA7-4103-BAC4-4B471D58EFBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{40DE8ED4-29F2-4BE7-B367-FF6842688D68}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe
FirewallRules: [{3065FE3D-E100-48AE-9117-0FEAA59DE1B6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe
FirewallRules: [{BFF211C6-CFD3-4922-BA32-D6FFEF7CC196}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe
FirewallRules: [{B23A8530-3D92-4A9E-876D-AF39636116CE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe
FirewallRules: [{7BD469C4-2957-4E44-AEAE-5DB69462CC44}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
FirewallRules: [{D1B4C98B-9983-42E3-A90B-15F563B266D4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
FirewallRules: [UDP Query User{19EE8DA8-6FAF-4163-9DF2-8EE66C6FC668}C:\amazon\lumberyard\1.7.0.1\dev\bin64vc120\assetprocessor_tmp.exe] => (Allow) C:\amazon\lumberyard\1.7.0.1\dev\bin64vc120\assetprocessor_tmp.exe
FirewallRules: [TCP Query User{ACD609F8-4DC9-4BBA-998F-E57D9F25D8E8}C:\amazon\lumberyard\1.7.0.1\dev\bin64vc120\assetprocessor_tmp.exe] => (Allow) C:\amazon\lumberyard\1.7.0.1\dev\bin64vc120\assetprocessor_tmp.exe
FirewallRules: [UDP Query User{CE021704-C061-444B-A565-5277F373FAB4}C:\amazon\lumberyard\1.7.0.1\dev\bin64vc140\assetprocessor_tmp.exe] => (Allow) C:\amazon\lumberyard\1.7.0.1\dev\bin64vc140\assetprocessor_tmp.exe
FirewallRules: [TCP Query User{B3E64BF5-AB20-48F5-8C3E-BFC16C5B9AD7}C:\amazon\lumberyard\1.7.0.1\dev\bin64vc140\assetprocessor_tmp.exe] => (Allow) C:\amazon\lumberyard\1.7.0.1\dev\bin64vc140\assetprocessor_tmp.exe
FirewallRules: [{7BFBC4FB-2447-4A79-A51A-CD0F2E6788DB}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{D7E5DF61-A6AA-4620-AA6A-526EF161E067}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{5E091E6C-74E4-438B-BECF-BFF82487EE28}] => (Allow) C:\Program Files\Intel\STCServ\STCServ.exe
FirewallRules: [{2BE14EBA-EFD5-4401-8D55-193EF08DDB11}] => (Allow) C:\Users\Utente\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7AE11DCE-6F37-43A4-B75D-22798C18012C}] => (Allow) C:\Users\Utente\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{794C0FA9-D8B1-4231-8CEB-297FD5D500C2}] => (Allow) C:\Users\Utente\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0B3CE4B-253D-4DDE-B4AB-481E378D1276}] => (Allow) C:\Users\Utente\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F22B469C-AE12-4443-ADC3-6FF3DBA05E29}] => (Allow) C:\Users\Utente\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2CE24DBF-B601-48E4-B78D-DEF46D2F63EB}] => (Allow) C:\Users\Utente\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{037431BE-C43F-48FD-A6E6-4CA423C25F96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{80E1E31B-8A98-44D5-AF5D-EEC8F214DEBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{85939FE2-CC40-47E7-AD04-B2A8EE408C13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3121B409-6A25-41EA-87FC-A5CA2364AAC9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{7FA59716-83AD-4FDB-88AC-09BC3A9CD62B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{05FB3695-5290-4ABA-90B4-D1A1423F249A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2E7BBAB3-CE58-445D-9E9A-5B5940AE021C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{ED402762-F77D-49CE-823E-6A24E4D34868}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FDA94B3C-8B7F-44F9-A291-A31E504080B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C08C787-1435-4AF0-AFA9-AC0C3C5BF42F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{2D4A0802-55DB-45B5-BAD6-E8DCC5C6611C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{56A9C187-ABF3-435D-9ED8-613BBD28BD65}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{07F68169-1C2B-4376-A161-0CE511FC33AF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{33D2D27E-64B3-490B-B3D4-377F69C132D9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{51E31A90-2A8F-4B6F-9DD8-CFA37D81FE92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{56CBCD7E-DBBF-4AFD-8411-24EAE57D7BEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9935691A-6192-45D0-BCF8-A3280FB3F0EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A2BE8F31-36F5-48EE-A78F-2C12BDE1713D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{596571C4-90AA-441D-9B84-4D296A0BD6B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8BB74D25-EF5E-4B79-AFB2-D33623E4A097}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7F013A29-D926-4FB7-9657-598B1AB1F347}C:\users\utente\documents\helper\wiiu_usb_helper.exe] => (Allow) C:\users\utente\documents\helper\wiiu_usb_helper.exe
FirewallRules: [UDP Query User{5784C0FD-5A72-4491-A27B-93BA016A400D}C:\users\utente\documents\helper\wiiu_usb_helper.exe] => (Allow) C:\users\utente\documents\helper\wiiu_usb_helper.exe

==================== Restore Points =========================

18-02-2018 14:27:03 Removed Skype™ 7.40
20-02-2018 18:16:41 Installed Epson Software Updater

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/22/2018 12:45:17 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (02/22/2018 12:13:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Errore di License Activation (slui.exe). Codice di errore:
hr=0x8007232B
Argomenti della riga di comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/22/2018 12:13:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Errore di License Activation (slui.exe). Codice di errore:
hr=0x8007232B
Argomenti della riga di comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/22/2018 12:13:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Errore di License Activation (slui.exe). Codice di errore:
hr=0x8007232B
Argomenti della riga di comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/22/2018 12:04:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: tdsskiller (1).exe, versione: 3.1.0.16, timestamp: 0x566b123a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000409
Offset errore 0x00eb4c20
ID processo che ha generato l'errore: 0x2ff0
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d3abcce17b7f2f
Percorso dell'applicazione che ha generato l'errore: C:\Users\Utente\Desktop\tdsskiller (1).exe
Percorso del modulo che ha generato l'errore: unknown
ID segnalazione: 5ef985c5-95ad-4d59-9822-b70dd7a07071
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (02/22/2018 12:00:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: tdsskiller (1).exe, versione: 3.1.0.16, timestamp: 0x566b123a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000409
Offset errore 0x00eb4c20
ID processo che ha generato l'errore: 0x2c0
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d3abcc64152ea5
Percorso dell'applicazione che ha generato l'errore: C:\Users\Utente\Desktop\tdsskiller (1).exe
Percorso del modulo che ha generato l'errore: unknown
ID segnalazione: bc7340c5-7994-49d6-8483-f854f20e37dd
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (02/22/2018 11:58:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: tdsskiller (1).exe, versione: 3.1.0.16, timestamp: 0x566b123a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000409
Offset errore 0x00eb4c20
ID processo che ha generato l'errore: 0x2c1c
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d3abcc17c860b2
Percorso dell'applicazione che ha generato l'errore: C:\Users\Utente\Desktop\tdsskiller (1).exe
Percorso del modulo che ha generato l'errore: unknown
ID segnalazione: e9e52650-cba3-4605-991f-0ab21be2afe1
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (02/22/2018 11:51:46 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Errore di License Activation (slui.exe). Codice di errore:
hr=0x8007232B
Argomenti della riga di comando:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (02/22/2018 01:01:40 PM) (Source: DCOM) (EventID: 10016) (User: PCGABRI)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente PCGABRI\SID Utente (S-1-5-21-3454903148-161096206-1152172953-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:15:26 PM) (Source: DCOM) (EventID: 10016) (User: PCGABRI)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente PCGABRI\SID Utente (S-1-5-21-3454903148-161096206-1152172953-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:13:43 PM) (Source: DCOM) (EventID: 10016) (User: PCGABRI)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente PCGABRI\SID Utente (S-1-5-21-3454903148-161096206-1152172953-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:13:26 PM) (Source: DCOM) (EventID: 10016) (User: PCGABRI)
Description: Le impostazioni delle autorizzazioni impostazioni predefinite del computer non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
all'utente PCGABRI\SID Utente (S-1-5-21-3454903148-161096206-1152172953-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:13:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:13:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:13:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (02/22/2018 12:13:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.


CodeIntegrity:
===================================

Date: 2018-02-22 13:06:21.590
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 11:55:32.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 00:18:36.758
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 00:17:52.353
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 00:17:13.725
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 00:17:00.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 00:16:23.174
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-22 00:16:22.445
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 47%
Total physical RAM: 8114.1 MB
Available physical RAM: 4225.47 MB
Total Virtual: 16114.1 MB
Available Virtual: 12735.26 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.59 GB) (Free:68.12 GB) NTFS

\\?\Volume{528a25e3-0000-0000-0000-100000000000}\ (Riservato per il sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{528a25e3-0000-0000-0000-30c537000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 528A25E3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=499 MB) - (Type=27)

==================== End of Addition.txt ============================
 

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Esegui queste scansioni:

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Scarica Adwcleaner sul desktop:
https://www.bleepingcomputer.com/download/adwcleaner/
Chiudi tutti i browser (è importante IE,Firefox Chrome ecc... siano chiusi)
Clicca sul pulsante "Analizza".
Finita la scansione clicca su "Pulisci"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni....
Postalo qui.

Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programmahttp://www.why-tech.it/come-rimuovere-defi...t-dal-pc-1.html
Posta il log report

Poi ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Infine scarica frst da quihttps://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

ciao

Ho un aggiornamento: Ho fatto tutto ciò che mi hai detto e appena ho scaricato delle slide da internet avast ha ricominciato a bloccare xmrig.exe e trz.tmp
 

danilo79

Utente Èlite
1,814
549
Ciao

Esegui i seguenti passaggi in ordine come scritti:

-Poi posiziona sul desktop frst.exe e il file allegato sotto fixlist.txt (mi raccomando sul desktop)
tasto dx sopra frst---->esegui come amministratore
quando si apre clicca su fix
attendi che finisca e che il pc si riavvii ( se non si riavvia fallo te)
posta il fixlog.txt (lo trovi sul desktop)

-Resetta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
dopo questa operazione dovrai reinpostare la pagina iniziale dei browser vedi qui http://it.ccm.net/faq/2175-come-cambiare-la-pagina-iniziale-del-browser

-Fai pulizia con ccleaner sia sistema che registro

-Verifica se il problema persiste....

-Se ancora hai il problema rifai una scansione con frst e riposta i due log frst.txt e addition.txt
 

Allegati

  • fixlist.txt
    3.7 KB · Visualizzazioni: 129
  • Mi piace
Reazioni: Gabdo

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Ciao

Esegui i seguenti passaggi in ordine come scritti:

-Poi posiziona sul desktop frst.exe e il file allegato sotto fixlist.txt (mi raccomando sul desktop)
tasto dx sopra frst---->esegui come amministratore
quando si apre clicca su fix
attendi che finisca e che il pc si riavvii ( se non si riavvia fallo te)
posta il fixlog.txt (lo trovi sul desktop)

-Resetta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
dopo questa operazione dovrai reinpostare la pagina iniziale dei browser vedi qui http://it.ccm.net/faq/2175-come-cambiare-la-pagina-iniziale-del-browser

-Fai pulizia con ccleaner sia sistema che registro

-Verifica se il problema persiste....

-Se ancora hai il problema rifai una scansione con frst e riposta i due log frst.txt e addition.txt

Ho scaricato nuovamente un file per prova e il virus smette i tentativi di avvio appena chiudo Google.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
Ran by Utente (22-02-2018 15:14:02) Run:1
Running from C:\Users\Utente\Desktop
Loaded Profiles: Utente (Available Profiles: Utente & vince)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
ShellExecuteHooks: No Name - {BFD98515-CD74-48A4-98E2-13D209E3EE4F} - C:\Windows\System32\mcicda64.dll [1015808 2018-02-12] ()

Tcpip\..\Interfaces\{8b4955eb-c028-49f3-a66a-d8ac3d2eea04}: [NameServer] 8.8.8.8

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File

CHR DefaultSearchURL: Default -> hxxps://ow1.res.office365.com/owamail/20180119.01.02/resources/images/favicons/mail-seen.ico

S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
C:\WINDOWS\SysWOW64\GameMon.des

2018-02-18 14:14 - 2018-02-18 14:14 - 000018270 _____ C:\WINDOWS\System32\Tasks\nqVZgH3yJhcC
2018-02-15 09:31 - 2018-02-15 09:46 - 000000000 ____D C:\Users\Utente\AppData\Roaming\yltlv2e1ki3
2018-02-15 09:31 - 2018-02-15 09:46 - 000000000 ____D C:\Users\Utente\AppData\Roaming\3ggzxdslk30
2018-02-15 09:30 - 2018-02-15 09:30 - 000140800 _____ C:\Users\Utente\AppData\Local\installer.dat
2018-02-14 00:03 - 2018-02-14 00:03 - 000038433 _____ C:\WINDOWS\uninstaller.dat
2018-02-22 12:12 - 2018-02-22 12:06 - 002237968 _____ (Kaspersky Lab ZAO) C:\Users\Utente\AppData\Local\Temp\AD537D37-EBC0-4B55-9F64-9D5BED0376CC.exe
2018-02-22 12:20 - 2018-02-10 07:15 - 001954048 _____ (Microsoft Corporation) C:\Users\Utente\AppData\Local\Temp\dllnt_dump.dll

C:\Users\Utente\AppData\Local\Tempzxpsign*.*

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File

Task: {71D2D922-9909-4BFA-9842-8268FC9B1058} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {EE4C192E-2EC5-4B9C-8BA7-AD9074C5FAA5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

MSCONFIG\Services: IObitUnSvr => 2
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "Advanced SystemCare 11"
HKU\S-1-5-21-3454903148-161096206-1152172953-1001\...\StartupApproved\Run: => "Advanced SystemCare Ultimate"

HOSTS:
CMD: ipconfig /flushdns
Reboot:

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8b4955eb-c028-49f3-a66a-d8ac3d2eea04}\\NameServer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => removed successfully
"HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found
"Chrome DefaultSearchURL" => removed successfully
"HKLM\System\CurrentControlSet\Services\npggsvc" => removed successfully
npggsvc => service removed successfully
"HKLM\System\CurrentControlSet\Services\IUFileFilter" => removed successfully
IUFileFilter => service removed successfully
C:\WINDOWS\SysWOW64\GameMon.des => moved successfully
C:\WINDOWS\System32\Tasks\nqVZgH3yJhcC => moved successfully
C:\Users\Utente\AppData\Roaming\yltlv2e1ki3 => moved successfully
C:\Users\Utente\AppData\Roaming\3ggzxdslk30 => moved successfully
C:\Users\Utente\AppData\Local\installer.dat => moved successfully
C:\WINDOWS\uninstaller.dat => moved successfully
C:\Users\Utente\AppData\Local\Temp\AD537D37-EBC0-4B55-9F64-9D5BED0376CC.exe => moved successfully
C:\Users\Utente\AppData\Local\Temp\dllnt_dump.dll => moved successfully

=========== "C:\Users\Utente\AppData\Local\Tempzxpsign*.*" ==========

not found

========= End -> "C:\Users\Utente\AppData\Local\Tempzxpsign*.*" ========

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
"HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu)" => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => key not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler" => removed successfully
HKLM\Software\Classes\CLSID\{B19ED566-D419-470b-B111-3C89040BC027} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71D2D922-9909-4BFA-9842-8268FC9B1058} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71D2D922-9909-4BFA-9842-8268FC9B1058} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE4C192E-2EC5-4B9C-8BA7-AD9074C5FAA5} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4C192E-2EC5-4B9C-8BA7-AD9074C5FAA5} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IObitUnSvr" => removed successfully
HKLM\System\CurrentControlSet\Services\IObitUnSvr => key not found
"HKU\S-1-5-21-3454903148-161096206-1152172953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare 11" => removed successfully
"HKU\S-1-5-21-3454903148-161096206-1152172953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 11" => not found
"HKU\S-1-5-21-3454903148-161096206-1152172953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Advanced SystemCare Ultimate" => removed successfully
"HKU\S-1-5-21-3454903148-161096206-1152172953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushdns =========


Configurazione IP di Windows

Cache del resolver DNS svuotata.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23524080 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 6843411 B
Edge => 624000 B
Chrome => 732458176 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9080 B
NetworkService => 42628 B
Utente => 48883257 B
vince => 33772 B

RecycleBin => 0 B
EmptyTemp: => 781.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-02-2018 15:15:30)


Result of scheduled keys to remove after reboot:

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71D2D922-9909-4BFA-9842-8268FC9B1058}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71D2D922-9909-4BFA-9842-8268FC9B1058}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE4C192E-2EC5-4B9C-8BA7-AD9074C5FAA5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4C192E-2EC5-4B9C-8BA7-AD9074C5FAA5}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key removed successfully

==== End of Fixlog 15:15:30 ====
 

Gabdo

Nuovo Utente
35
3
CPU
Intel Core i5
HDD
250 gb
GPU
NVIDIA GeForce GTX 950
Monitor
Samsung T22D390
Case
ThermalTake
OS
Windows 10
Ciao

Esegui i seguenti passaggi in ordine come scritti:

-Poi posiziona sul desktop frst.exe e il file allegato sotto fixlist.txt (mi raccomando sul desktop)
tasto dx sopra frst---->esegui come amministratore
quando si apre clicca su fix
attendi che finisca e che il pc si riavvii ( se non si riavvia fallo te)
posta il fixlog.txt (lo trovi sul desktop)

-Resetta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
dopo questa operazione dovrai reinpostare la pagina iniziale dei browser vedi qui http://it.ccm.net/faq/2175-come-cambiare-la-pagina-iniziale-del-browser

-Fai pulizia con ccleaner sia sistema che registro

-Verifica se il problema persiste....

-Se ancora hai il problema rifai una scansione con frst e riposta i due log frst.txt e addition.txt

Ciao. Il problema sembra essersi risolto in quanto avast non ha più aperto pop-up di avviso ne all'avvio ne al download di ccleaner. Quindi per il momento ti ringrazio tantissimo per la disponibilità e la pazienza!
 

Entra

oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili