Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2019 01 Ran by owner (administrator) on PC (TOSHIBA dynabook R73/PB) (31-07-2019 13:01:50) Running from C:\Users\owner\Desktop Loaded Profiles: owner (Available Profiles: owner & DefaultAppPool) Platform: Windows 10 Pro Version 1903 18362.267 (X64) Language: Japonais (Japon) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe () [File not signed] C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe () [File not signed] C:\Program Files (x86)\Gest\Gest.exe () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe () [File not signed] C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe () [File not signed] C:\Program Files\ImDisk\ImDiskTk-svc.exe () [File not signed] C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe () [File not signed] C:\Programmes Portables\Stick it 1.00.0b\Stick-It!.exe () [File not signed] C:\Programmes Portables\volumouse-x64\volumouse32.exe () [File not signed] C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox - Back and forwards keyboard shortcuts.exe () [File not signed] C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox - Start - Minimized - Restore.exe () [File not signed] C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Météo shortcut - F1.exe () [File not signed] C:\Users\owner\AppData\Roaming\Textify\Textify.exe () [File not signed] C:\Windows\SysWOW64\SMITSC.exe (ALCPU -> ALCPU) C:\Program Files\CoreTemp64\Core Temp.exe (Alexandr Irza) [File not signed] C:\Program Files (x86)\Volume2\Volume2.exe (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe (Antibody Software Limited -> ) C:\Programmes Portables\wizmouse 1.7.0.3\WizMouse.exe (ArcticLine Software -> ArcticLine Software) C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (blackholeearth) [File not signed] C:\Programmes Portables\Windows 10 Brightness Slider.exe (Care Your Eyes) [File not signed] C:\Programmes Portables\CareUEyes\App\ProgramFiles\CareUEyes.exe (Carthago Software) [File not signed] C:\Program Files (x86)\MemInfo\meminfo.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (Core Technologies Consulting, LLC -> Core Technologies Consulting, LLC) C:\Program Files (x86)\ServiceCommander\ServiceCommander.exe (Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\InternetOff.exe (Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\IOffSvc.exe (Crystal Rich Ltd -> Crystal Rich Ltd) [File not signed] C:\Programmes Portables\Zentimo\Zentimo.exe (Crystal Rich Ltd -> Crystal Rich Ltd) C:\Programmes Portables\Zentimo\ZentimoService.exe (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_e3c09117ee62638d\RMService.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (File-New-Project -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.1.4.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe (Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe (Guillaume Ryder (hxxp://utilfr42.free.fr)) [File not signed] C:\Programmes Portables\Clavier+ x64\Clavier.exe (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe (H.D.S. Hungary) [File not signed] C:\Programmes Portables\HardDiskSentinel\HDSentinel.exe (Henry++) [File not signed] C:\Program Files\Mem Reduct\memreduct.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe (Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (My Portable Software) [File not signed] C:\Programmes Portables\My CPU Monitor\My CPU Monitor.exe (navhaxs.au.eu.org) [File not signed] C:\Programmes Portables\BrightnessTray.exe (Nenad Hrg -> Nenad Hrg SoftwareOK) C:\Programmes Portables\DesktopOK\DesktopOK_x64.exe (Nir Sofer -> NirSoft) C:\Programmes Portables\volumouse-x64\volumouse.exe (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] C:\Program Files\Macrium\Common\MacriumService.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] C:\Program Files\Macrium\Common\ReflectUI.exe (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (RaMMicHaeL) [File not signed] C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SFX TEAM) [File not signed] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe (SoftPerfect) [File not signed] C:\Program Files\NetWorx\networx.exe (TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TStationSrv.exe (TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files (x86)\Toshiba\TKRTL\TPCHKarteSVC.exe (uWebb Software) [File not signed] C:\Programmes Portables\Throttle Stop\ThrottleStop.exe (Veeam Software AG -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180448 2019-07-26] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [StartupDelayer] => C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [1254400 2015-12-18] (r2 Studios) [File not signed] HKLM\...\Run: [Malwarebytes Windows Firewall Control] => C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe [646352 2019-03-05] (Malwarebytes Corporation -> Malwarebytes) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [413664 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3943056 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [12937728 2019-06-02] (SoftPerfect) [File not signed] HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5632232 2019-06-10] (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [218624 2019-06-09] (Open-Shell) [File not signed] HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2177160 2019-06-30] (Logitech Inc -> Logitech, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-05-04] (VMware, Inc. -> VMware, Inc.) HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] (Crystal Rich Ltd -> ) HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Winsplit] => C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe [3951616 2011-04-12] () [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [CS Dispatch] => C:\Users\owner\AppData\Roaming\OTi\EASYKMLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\EASYKMLink.exe [576592 2012-10-30] (Ours Technology Inc. -> ) HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Textify] => C:\Users\owner\AppData\Roaming\Textify\Textify.exe [263680 2017-10-05] () [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Win10_BrightnessSlider] => C:\Programmes Portables\Windows 10 Brightness Slider.exe [86016 2018-08-29] (blackholeearth) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Zentimo xStorage Manager] => C:\Programmes Portables\Zentimo\Zentimo.exe [7040608 2019-03-27] (Crystal Rich Ltd -> Crystal Rich Ltd) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [My CPU Monitor] => C:\Programmes Portables\My CPU Monitor\My CPU Monitor.exe [280064 2015-10-20] (My Portable Software) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [DesktopOK] => C:\Programmes Portables\DesktopOK\DesktopOK_x64.exe [990584 2019-07-22] (Nenad Hrg -> Nenad Hrg SoftwareOK) HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Mem Reduct] => C:\Program Files\Mem Reduct\memreduct.exe [309248 2019-02-10] (Henry++) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Clavier+] => C:\Programmes Portables\Clavier+ x64\Clavier.exe [167936 2019-05-11] (Guillaume Ryder (hxxp://utilfr42.free.fr)) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [CareUEyes] => C:\Programmes Portables\CareUEyes\App\ProgramFiles\CareUEyes.exe [1196032 2019-06-20] (Care Your Eyes) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [465920 2019-07-07] (RaMMicHaeL) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [AutoDarkMode] => [X] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe [4798976 2019-07-19] (Alexandr Irza) [File not signed] HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [$Volumouse$] => C:\Programmes Portables\volumouse-x64\volumouse.exe [94816 2014-10-03] (Nir Sofer -> NirSoft) HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [HideSCAVolume] 1 HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [NoLogoff] 1 HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter64.acm [2231296 2013-04-05] () [File not signed] HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-09-29] () [File not signed] HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed] IFEO\taskmgr.exe: [Debugger] C:\Program Files\Task Manager\tm.exe IFEO\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe: [Debugger] %SystemRoot%\system32\systray.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2019-04-09] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gest.lnk [2016-06-09] ShortcutTarget: Gest.lnk -> C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe () [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2016-06-05] ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-06-08] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter) Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2019-06-20] () Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BrightnessTray.lnk [2019-06-18] ShortcutTarget: BrightnessTray.lnk -> C:\Programmes Portables\BrightnessTray.exe (navhaxs.au.eu.org) [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox - Back and forwards keyboard shortcuts.exe [2019-07-28] () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox - Start - Minimized - Restore.exe [2019-07-28] () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gest.lnk [2016-06-09] ShortcutTarget: Gest.lnk -> C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KillProcess.bat [2019-03-09] () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2019-04-06] ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software) [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Météo shortcut - F1.exe [2019-07-29] () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Service Commander - Start.bat [2017-02-24] () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShellFolderFix.lnk [2016-06-09] ShortcutTarget: ShellFolderFix.lnk -> C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe () [File not signed] Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WizMouse.lnk [2019-03-18] ShortcutTarget: WizMouse.lnk -> C:\Programmes Portables\wizmouse 1.7.0.3\WizMouse.exe (Antibody Software Limited -> ) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION GroupPolicyScripts: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05B1C2AE-0D9D-4F86-8AAA-2320BAD93F79} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) "C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start" was unlocked. <==== ATTENTION Task: {14205348-27EF-4E6D-AD82-2614674D41BE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-07-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {15975FEC-F71A-4FF3-9831-53024113DA95} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe [594944 2019-06-25] (Access Denied) [File not signed] "C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\sihpostreboot" was unlocked. <==== ATTENTION Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihpostreboot => C:\WINDOWS\system32\sihclient.exe [299072 2019-03-19] (Access Denied) [File not signed] Task: {1F251333-6AF8-47E6-AF13-FF60CB0DE50E} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {2182A78F-FAFE-4460-A4CF-4842FCC52380} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {324795FF-F3E3-48AD-AB90-40972E9F76C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {33491DD7-0509-48FE-8042-C7A8AE0D8207} - System32\Tasks\Argente Utilities\Finalize => C:\Program Files\Argente Utilities\ATaskFinalizer.exe [146944 2018-07-30] (Raúl Argente) [File not signed] Task: {360C394E-BC21-4BF4-8B4E-11CE7318AE53} - System32\Tasks\Wub_task => C:\Windows Update Minitools avec script Wrapper\Wub.exe [708427 2018-08-13] (www.sordum.org) [File not signed] Task: {3C428666-2A90-42C7-A1B6-617AAE916746} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206352 2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {4918AA2A-FCCE-4A82-9B9F-29C39E4E3C6C} - System32\Tasks\Opera scheduled Autoupdate 1525985527 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-24] (Opera Software AS -> Opera Software) Task: {511B8F79-F3E8-45CA-B9CD-5D0B1CF593D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {56641A8D-BED1-4BB0-9799-5E8D9A77177B} - System32\Tasks\Microsoft\Office\IMESharePointDictionary => c:\Program Files\Common Files\Microsoft Shared\IME16\IMESharePointDictionary.exe [283088 2002-02-01] (Microsoft Corporation -> Microsoft Corporation) Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation) Task: {5BA7C207-60C3-4DFD-8118-7FF70BD45890} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {5D1D6240-2BE6-4E53-952A-B4E862EEC206} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [135504 2015-07-08] (TOSHIBA CORPORATION -> Toshiba Corporation) Task: {63344482-0CCF-4EBC-84DA-C26938622746} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [69120 2019-05-27] (Access Denied) [File not signed] Task: {64B87BE2-7A75-4FB9-89FC-5643C62A6AAB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {64F1C290-1942-4C66-8C17-D247864F1C4E} - System32\Tasks\firefox => "C:\Program Files\Mozilla Firefox\firefox.exe" Task: {672FF295-011C-4D65-AFCD-9BB98D398DEC} - System32\Tasks\CorelUpdateHelperTask-326F6389A987870AF43825481CC51C50 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1656568 2018-06-21] (Corel Corporation -> Corel Corporation) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {700962DA-2422-4FC0-A569-E8CEDA2FA338} - System32\Tasks\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [739792 2017-10-12] (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) Task: {767AB174-0D71-4D6A-8205-C926A6D12224} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {767C062E-FE50-4C4E-8BF8-85C4439635D7} - System32\Tasks\TPIP => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2203888 2016-07-21] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) Task: {7A550ACD-D20D-44ED-B2FA-5CA6FED0BB00} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\WINDOWS\system32\compattelrunner.exe [164152 2019-06-25] (Access Denied) [File not signed] Task: {823F7188-5012-42FC-84D6-FA377D85C79C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask => C:\WINDOWS\system32\usoclient.exe [69120 2019-05-27] (Access Denied) [File not signed] Task: {8294C954-AF28-4726-A6BA-81BECFAA689D} - System32\Tasks\{150FD0FE-9A31-4F2A-8BE1-F923285CBAC6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe" -d "C:\Program Files (x86)\Toshiba\OEM Registration Program" Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {87BBCFC4-05AA-4228-8454-D69C36D22815} - System32\Tasks\Dexpot\3 => C:\Programmes Portables\Dexpot\autodex.exe [159312 2014-01-03] (Dexpot GbR -> Dexpot GbR) <==== ATTENTION Task: {97B0AFC3-3B4D-467E-B7C4-E094AAE206B2} - System32\Tasks\BWMeter => C:\Program Files (x86)\BWMeter\BWMeter.exe [1806304 2019-06-02] (DeskSoft -> DeskSoft) <==== ATTENTION Task: {98C2FB5F-DC21-467F-85C3-E87073B573DA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [594944 2019-06-25] (Access Denied) [File not signed] Task: {9A833388-F67B-4311-A340-F6563B9B2820} - System32\Tasks\UAC pass\Autoruns64 => C:\Programmes Portables\Autoruns\Autoruns64.exe [875592 2019-06-28] (Microsoft Corporation -> Sysinternals - www.sysinternals.com) Task: {9C70CE95-2341-45E9-A7AD-47C185C99F1E} - System32\Tasks\Core Temp Autostart owner => C:\Program Files\CoreTemp64\Core Temp.exe [998488 2019-01-08] (ALCPU -> ALCPU) "C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall" was unlocked. <==== ATTENTION Task: {9DF39293-7B66-419C-B5EB-E5A538CFC5D6} - System32\Tasks\BetterDesktopTool => C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe [396800 2018-04-29] () [File not signed] <==== ATTENTION Task: {A14A7DD5-3033-4BAD-A705-2535E4AA2ADD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206352 2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Task: {A57B479F-C28A-45A7-8634-B4DE6286241D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2016-08-21] (Google Inc -> Google Inc.) Task: {A7380037-08A7-4A11-8666-DE9EF375D9AB} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed] Task: {ACDD1EA5-DEE8-47C8-827D-ABE26F0F3CBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation) Task: {AED7ADCF-E4B4-4EFF-9433-EAAB92CDFB76} - System32\Tasks\Dexpot\2 => C:\Programmes Portables\Dexpot\autodex.exe [159312 2014-01-03] (Dexpot GbR -> Dexpot GbR) <==== ATTENTION "C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network" was unlocked. <==== ATTENTION Task: {BE095BEB-36ED-47DE-8A59-2F0910F1A51E} - System32\Tasks\UAC pass\ServiceCommander => C:\Program Files (x86)\ServiceCommander\ServiceCommander.exe [659776 2011-12-23] (Core Technologies Consulting, LLC -> Core Technologies Consulting, LLC) <==== ATTENTION Task: {BF59FE2A-E5A6-4B6D-951D-060EA75BB17D} - System32\Tasks\ThrottleStop => C:\Programmes Portables\Throttle Stop\ThrottleStop.exe [503296 2018-09-19] (uWebb Software) [File not signed] Task: {C050B599-B839-4E2D-BF9F-ACBF565409E6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe [69120 2019-05-27] (Access Denied) [File not signed] Task: {C36E1A0B-6D30-409C-8FC3-9F80F2F46F1E} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-gokpok@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {CA57C201-7D95-43A9-8B9F-8E436860EB84} - System32\Tasks\WDU => "C:\Windows Update Minitools avec script Wrapper\WDU.cmd" "C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect" was unlocked. <==== ATTENTION Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D6B6B3B0-5971-46A3-932B-CEAD3576353C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\WINDOWS\system32\usoclient.exe [69120 2019-05-27] (Access Denied) [File not signed] Task: {E7048644-EE23-411A-B60E-C5318DA5B4CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2016-08-21] (Google Inc -> Google Inc.) Task: {EAF74F2E-D00A-4EFA-A8E2-EA9E2F469641} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.) "C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall" was unlocked. <==== ATTENTION Task: {F2FCCCBA-0DA2-43B1-8383-00F0D84C51F0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\WINDOWS\system32\compattelrunner.exe [164152 2019-06-25] (Access Denied) [File not signed] Task: {F50C1CB3-609C-4A98-83A9-3E6E7F879CD6} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1656568 2018-06-21] (Corel Corporation -> Corel Corporation) Task: {F8E6D936-2111-422E-BC6B-DAB0FC3E9559} - System32\Tasks\Hard Disk Sentinel => C:\Programmes Portables\HardDiskSentinel\HDSentinel.exe [5715968 2019-07-11] (H.D.S. Hungary) [File not signed] Task: {FBF0C8C1-5D01-4D5C-A639-AEBFA2E38E62} - System32\Tasks\WindowManager => C:\Program Files (x86)\WindowManager\WindowManager.exe [1499624 2019-07-26] (DeskSoft -> DeskSoft) <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 0.0.0.0 cap.cyberlink.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0f6a2937-2f18-449f-87e6-89ef9e7e9581}: [NameServer] 80.67.169.12,80.67.169.40 Tcpip\..\Interfaces\{745091a9-4410-4b5c-b838-0c80d18af88a}: [NameServer] 80.67.169.12,80.67.169.50 Tcpip\..\Interfaces\{745091a9-4410-4b5c-b838-0c80d18af88a}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{a7648d2a-bbaf-47eb-a034-1e84ec773a1c}: [NameServer] 80.67.169.12,80.67.169.40 Tcpip\..\Interfaces\{cbd81dbf-9dce-42fc-92d1-ae8370325fb3}: [NameServer] 80.67.169.12,80.67.169.40,192.168.1.1 Tcpip\..\Interfaces\{cbd81dbf-9dce-42fc-92d1-ae8370325fb3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ec54fa79-9ced-4441-aa34-ab2ddf87a0c7}: [NameServer] 80.67.169.12,80.67.169.40 Tcpip\..\Interfaces\{ec54fa79-9ced-4441-aa34-ab2ddf87a0c7}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP SearchScopes: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com) [File not signed] BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-06-09] (Open-Shell) [File not signed] BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2019-06-09] (Open-Shell) [File not signed] BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Program Files (x86)\OldNewExplorer\OldNewExplorer32.dll [2017-08-16] (www.startisback.com) [File not signed] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2019-06-09] (Open-Shell) [File not signed] BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2019-06-09] (Open-Shell) [File not signed] BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-06-09] (Open-Shell) [File not signed] Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2019-06-09] (Open-Shell) [File not signed] Toolbar: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-30] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: zszg12lr.default FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\rd8n7g6o.default-beta [not found] <==== ATTENTION FF DefaultProfile: 72rxhon0.default FF ProfilePath: C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default [2019-07-31] FF Homepage: Waterfox\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml FF NewTab: Waterfox\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml FF NewTabOverride: Waterfox\Profiles\zszg12lr.default -> Enabled: newtabtools@darktrojan.net FF Extension: (Disconnect) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\2.0@disconnect.me.xpi [2019-04-02] FF Extension: (popup video) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\@popup-video.xpi [2018-07-18] [Legacy] FF Extension: (About config button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\aboutconfigbutton@firefox.xpi [2017-06-19] [Legacy] FF Extension: (Make Address Bar Font Size Bigger) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\addressBarFontSizeBigger@papafresh.com.xpi [2017-11-26] [Legacy] FF Extension: (Roomy Bookmarks Toolbar) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ALone-live@ya.ru.xpi [2017-11-04] [Legacy] FF Extension: (Add-ons Manager Context Menu) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\amcontextmenu@loucypher.xpi [2017-12-30] [Legacy] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\amptra@keepa.com.xpi [2019-05-13] FF Extension: (Better Image Viewer) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\betterimageviewer@darktrojan.net.xpi [2018-05-04] FF Extension: (Biscuit) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\biscuit@nuko.org.xpi [2017-02-16] [Legacy] FF Extension: (CanvasBlocker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2019-07-26] FF Extension: (Classic Theme Restorer) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-07-18] [Legacy] FF Extension: (Suppression automatique des témoins) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2018-05-14] FF Extension: (Don't track me Google) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\dont-track-me-google@robwu.nl.xpi [2018-12-23] FF Extension: (Download Panel Tweaker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\downloadPanelTweaker@infocatcher.xpi [2017-12-10] [Legacy] FF Extension: (Drag To Scroll) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\dragtoscroll@deag1bcc-abec-daec-cdae-aeadedcabebacdad.xpi [2018-05-19] FF Extension: (Easy Screenshot) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2018-02-15] [Legacy] FF Extension: (Enhancer for YouTube™) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-05-31] FF Extension: (Foxtana Pro - Redirect Cortana and Bing) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\extension@foxtana.com.xpi [2018-09-03] FF Extension: (Tampermonkey) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\firefox@tampermonkey.net.xpi [2019-05-16] FF Extension: (FireGestures) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\firegestures@xuldev.org.xpi [2017-06-11] [Legacy] FF Extension: (Dictionnaire français) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2019-07-26] [Legacy] FF Extension: (Emoji copier et coller) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\helper@emoji.org.xpi [2018-09-03] FF Extension: (Hide Caption Titlebar Plus ⁴) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org.xpi [2018-09-07] [Legacy] FF Extension: (HTTPS partout) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\https-everywhere@eff.org.xpi [2019-05-16] FF Extension: (Switchy) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\id@baku.switchy.xpi [2016-06-28] [Legacy] FF Extension: (InstaClick) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\instaclick@leahscape.com.xpi [2017-11-12] [Legacy] FF Extension: (Facebook™ Seen Blocker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-AcfdPqSA2Ugt2vdJh6Kj7IiOp5W@jetpack.xpi [2017-06-26] FF Extension: (Auto Shutdown NG) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2017-06-26] [Legacy] FF Extension: (What about:..) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-IPSuVKD0J7yL1cIBwQAdoHTCWmY@jetpack.xpi [2017-06-19] [Legacy] FF Extension: (fontdpi) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-4ZzxC2kiN3rzJA@jetpack.xpi [2016-06-29] [Legacy] FF Extension: (FoxyAbout) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-d3SwJwS6q9JpMq@jetpack.xpi [2018-01-31] [Legacy] FF Extension: (PDF Mage) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2019-07-26] FF Extension: (Swift Selection Search) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-KdTtiCj6wxVAFA@jetpack.xpi [2019-07-26] FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\marcoagpinto@mail.telepac.pt [2019-07-26] [Legacy] FF Extension: (Maximize Video) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\MaximizeVideo@ettoolong.xpi [2018-08-04] FF Extension: (New Tab Tools) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\newtabtools@darktrojan.net.xpi [2018-05-04] FF Extension: (Open Page in Private Window) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\open-page-in-private-window@cpeterso.com.xpi [2018-09-03] FF Extension: (Playback speed) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\playbackSpeed@waldemar.b.xpi [2018-05-06] FF Extension: (Private Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\privateTab@infocatcher.xpi [2018-05-17] [Legacy] FF Extension: (Rename Tab Title) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\renametabtitle@mozilla.org.xpi [2018-07-17] FF Extension: (Rikaichan Japanese-French Dictionary File) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\rikaichan-jpfr@polarcloud.com [2019-07-26] [Legacy] FF Extension: (Semi-Full Screen) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\SemiFullScreen@Merci.chao.xpi [2017-11-23] [Legacy] FF Extension: (Skip Redirect) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\skipredirect@sblask.xpi [2019-07-26] FF Extension: (SSleuth) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ssleuth@github.xpi [2017-02-16] [Legacy] FF Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\uBlock0@raymondhill.net.xpi [2019-05-27] FF Extension: (Undo Closed Tabs Button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2017-02-26] [Legacy] FF Extension: (Zoom Page) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\zoompage@DW-dev.xpi [2017-11-12] [Legacy] FF Extension: (Disconnect for Facebook™) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{02bf35c3-6f86-4eb4-bea8-e70bc294a7dc}.xpi [2017-11-11] FF Extension: (Rikaichan) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}.xpi [2018-03-08] [Legacy] FF Extension: (Flagfox) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-08-06] [Legacy] [not signed] FF Extension: (Export Tabs URLs) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{17165bd9-9b71-4323-99a5-3d4ce49f3d75}.xpi [2019-07-26] FF Extension: (Undo Close Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{4853d046-c5a3-436b-bc36-220fd935ee1d}.xpi [2018-06-10] FF Extension: (StartupMaster) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2018-03-19] [Legacy] FF Extension: (SmoothWheel (mozdev.org)) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2016-06-28] [Legacy] FF Extension: (User-Agent Switcher) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2019-07-26] FF Extension: (Stylus) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2019-03-25] FF Extension: (Youtube Zen) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{7f5dbd00-a296-4696-aebb-06a992c1b4cf}.xpi [2019-05-01] FF Extension: (Download Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2017-12-10] [Legacy] FF Extension: (Permanent Progress Bar for YouTube) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{af838dcd-be8a-4237-8835-69fca92171d3}.xpi [2019-07-26] FF Extension: (Zoom Image) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{b14f4076-e80d-4baa-8c7d-8c65dfd2519c}.xpi [2019-05-13] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2019-07-26] FF Extension: (Change Referer Button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi [2017-11-12] [Legacy] FF Extension: (BetterPrivacy) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-10-31] [Legacy] FF Extension: (Tab Mix Plus) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2019-04-14] [Legacy] [not signed] FF Extension: (SaveTabs) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{f587d35c-943b-4323-8aee-cd8691df4db0}.xpi [2017-12-10] FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default [2019-07-31] FF user.js: detected! => C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\user.js [2019-07-14] FF Homepage: Mozilla\Firefox\Profiles\72rxhon0.default -> moz-extension://22954b3a-afbb-4dc0-83d0-47e35e90704c/newTab.xhtml FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: newtabtools@darktrojan.net FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: uBlock0@raymondhill.net FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: jid1-BoFifL9Vbdl2zQ@jetpack FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: {506e023c-7f2b-40a3-8066-bc5deb40aebe} FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: {c607c8df-14a7-4f28-894f-29e8722976af} FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: @contain-amzn FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: @contain-facebook FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: CookieAutoDelete@kennydo.com FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: {3579f63b-d8ee-424f-bbb6-6d0ce3285e6a} FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: {1018e4d6-728f-4b20-ad56-37578a4de76b} FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: jid1-KdTtiCj6wxVAFA@jetpack FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: zoompage-we@DW-dev FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: wikipedia@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: qwant@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: ebay@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: ddg@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: amazon@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: bing@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\72rxhon0.default -> Enabled: google@search.mozilla.org FF Extension: (Amazon Container) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\@contain-amzn.xpi [2019-06-04] FF Extension: (Facebook Container) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\@contain-facebook.xpi [2019-07-07] FF Extension: (Firefox DevTools ADB Extension) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\adb@mozilla.org.xpi [2019-06-05] [UpdateUrl:hxxps://ftp.mozilla.org/pub/labs/devtools/adb-extension/win32/update.json] FF Extension: (Close Window Button) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\close-window-button@nanpuyue.com.xpi [2019-06-06] FF Extension: (Cookie AutoDelete) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2019-06-04] FF Extension: (Don't track me Google) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\dont-track-me-google@robwu.nl.xpi [2019-06-04] FF Extension: (Enhancer for YouTube™) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-07-11] FF Extension: (Tampermonkey) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\firefox@tampermonkey.net.xpi [2019-06-03] FF Extension: (Download Notifications) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\gnome-download-notify@ion201.xpi [2019-06-07] FF Extension: (HTTPS partout) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\https-everywhere@eff.org.xpi [2019-07-05] FF Extension: (Facebook™ Seen Blocker) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\jid0-AcfdPqSA2Ugt2vdJh6Kj7IiOp5W@jetpack.xpi [2019-06-03] FF Extension: (Decentraleyes) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2019-06-27] FF Extension: (PDF Mage) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2019-06-14] FF Extension: (Swift Selection Search) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\jid1-KdTtiCj6wxVAFA@jetpack.xpi [2019-07-07] FF Extension: (I don't care about cookies) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2019-07-26] FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2019-06-04] FF Extension: (ScrollAnywhere) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\juraj.masiar@gmail.com_ScrollAnywhere.xpi [2019-07-16] FF Extension: (Maximize/Restore Window Button) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\maximize-window-button@nanpuyue.com.xpi [2019-06-06] FF Extension: (Minimize Window Button) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\minimize-window-button@nanpuyue.com.xpi [2019-06-06] FF Extension: (New Tab Tools) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\newtabtools@darktrojan.net.xpi [2019-06-03] FF Extension: (Playback speed) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\playbackSpeed@waldemar.b.xpi [2019-07-23] FF Extension: (Popup Video(WebExtension)) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\PopupVideoWebExt@ettoolong.xpi [2019-06-07] FF Extension: (Right Click Opens Link New Tab Correct Order) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\rightclicknewtab@bgdam.com.xpi [2019-06-03] FF Extension: (Tab Counter Wide) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\tab-counter-wide@jmmerz.github.xpi [2019-07-18] FF Extension: (Close Tab History Button) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\tb-tab-close-history-single@codefisher.org.xpi [2019-06-07] FF Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\uBlock0@raymondhill.net.xpi [2019-07-26] FF Extension: (Zoom Page WE) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\zoompage-we@DW-dev.xpi [2019-07-07] FF Extension: (Imagus) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2019-07-16] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Disconnect for Facebook™) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{02bf35c3-6f86-4eb4-bea8-e70bc294a7dc}.xpi [2019-06-04] FF Extension: (Reverse Image Search) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{0da2e603-21ba-4422-8049-b6d9e013ed84}.xpi [2019-06-07] FF Extension: (Flagfox) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2019-06-20] FF Extension: (My Simple Classic) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{23f28f6b-644f-46a6-9641-da2b20abc25f}.xpi [2019-07-30] FF Extension: (Chameleon) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{3579f63b-d8ee-424f-bbb6-6d0ce3285e6a}.xpi [2019-07-25] FF Extension: (Open in new tab) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{4a9cf29c-3661-4a7c-8df3-0e046c9660da}.xpi [2019-06-03] FF Extension: (Mac OS X Tiger) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{4efd4111-580f-4d62-9ea7-aa697527d826}.xpi [2019-06-04] FF Extension: (Gesturefy) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2019-07-05] FF Extension: (Save Working Session) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{54dad4a6-bfe8-4170-9c69-0f5be34cb99b}.xpi [2019-07-21] FF Extension: (ContextSearch web-ext) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{5dd73bb9-e728-4d1e-990b-c77d8e03670f}.xpi [2019-07-28] FF Extension: (PopUp) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{7345afcc-32b6-4a3d-8e05-189bc954e9e7}.xpi [2019-06-07] FF Extension: (Stylus) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2019-07-17] FF Extension: (Simple Compact Grey) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{7a83460d-61b6-4e64-8f47-d034db9c0dc1}.xpi [2019-06-11] FF Extension: (MA Full Screen2) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{9d3e517e-8e57-4afe-a77c-5204883101ed}.xpi [2019-07-20] FF Extension: (Permanent Progress Bar for YouTube) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{af838dcd-be8a-4237-8835-69fca92171d3}.xpi [2019-07-22] FF Extension: (Temporary Containers) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{c607c8df-14a7-4f28-894f-29e8722976af}.xpi [2019-07-26] FF Extension: (Mac OS X Matched Grey) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{c78fc450-7ba1-458b-82f2-ca354fcd39bb}.xpi [2019-06-11] FF Extension: (Project Insight) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\72rxhon0.default\Extensions\{ed2ba263-72d9-420b-8422-37210f522948}.xpi [2019-06-28] FF ProfilePath: C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default [2019-07-25] FF Homepage: Avant Profiles\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml FF NewTab: Avant Profiles\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml FF NewTabOverride: Avant Profiles\Profiles\zszg12lr.default -> Enabled: newtabtools@darktrojan.net FF Extension: (Disconnect) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\2.0@disconnect.me.xpi [2019-04-02] FF Extension: (popup video) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\@popup-video.xpi [2018-07-18] [Legacy] FF Extension: (About config button) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\aboutconfigbutton@firefox.xpi [2017-06-19] [Legacy] FF Extension: (Make Address Bar Font Size Bigger) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\addressBarFontSizeBigger@papafresh.com.xpi [2017-11-26] [Legacy] FF Extension: (Roomy Bookmarks Toolbar) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\ALone-live@ya.ru.xpi [2017-11-04] [Legacy] FF Extension: (Add-ons Manager Context Menu) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\amcontextmenu@loucypher.xpi [2017-12-30] [Legacy] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\amptra@keepa.com.xpi [2019-05-13] FF Extension: (Better Image Viewer) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\betterimageviewer@darktrojan.net.xpi [2018-05-04] FF Extension: (Biscuit) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\biscuit@nuko.org.xpi [2017-02-16] [Legacy] FF Extension: (CanvasBlocker) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2019-06-01] FF Extension: (Classic Theme Restorer) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-07-18] [Legacy] FF Extension: (Suppression automatique des témoins) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2018-05-14] FF Extension: (Don't track me Google) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\dont-track-me-google@robwu.nl.xpi [2018-12-23] FF Extension: (Download Panel Tweaker) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\downloadPanelTweaker@infocatcher.xpi [2017-12-10] [Legacy] FF Extension: (Drag To Scroll) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\dragtoscroll@deag1bcc-abec-daec-cdae-aeadedcabebacdad.xpi [2018-05-19] FF Extension: (Easy Screenshot) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2018-02-15] [Legacy] FF Extension: (Enhancer for YouTube™) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-05-31] FF Extension: (Foxtana Pro - Redirect Cortana and Bing) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\extension@foxtana.com.xpi [2018-09-03] FF Extension: (Tampermonkey) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\firefox@tampermonkey.net.xpi [2019-05-16] FF Extension: (FireGestures) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\firegestures@xuldev.org.xpi [2017-06-11] [Legacy] FF Extension: (Dictionnaire français) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2019-07-23] [Legacy] FF Extension: (Emoji copier et coller) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\helper@emoji.org.xpi [2018-09-03] FF Extension: (Hide Caption Titlebar Plus ⁴) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org.xpi [2018-09-07] [Legacy] FF Extension: (HTTPS partout) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\https-everywhere@eff.org.xpi [2019-05-16] FF Extension: (Switchy) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\id@baku.switchy.xpi [2016-06-28] [Legacy] FF Extension: (InstaClick) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\instaclick@leahscape.com.xpi [2017-11-12] [Legacy] FF Extension: (Facebook™ Seen Blocker) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid0-AcfdPqSA2Ugt2vdJh6Kj7IiOp5W@jetpack.xpi [2017-06-26] FF Extension: (Auto Shutdown NG) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2017-06-26] [Legacy] FF Extension: (What about:..) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid0-IPSuVKD0J7yL1cIBwQAdoHTCWmY@jetpack.xpi [2017-06-19] [Legacy] FF Extension: (fontdpi) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid1-4ZzxC2kiN3rzJA@jetpack.xpi [2016-06-29] [Legacy] FF Extension: (FoxyAbout) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid1-d3SwJwS6q9JpMq@jetpack.xpi [2018-01-31] [Legacy] FF Extension: (PDF Mage) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2019-01-01] FF Extension: (Swift Selection Search) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\jid1-KdTtiCj6wxVAFA@jetpack.xpi [2019-05-16] FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\marcoagpinto@mail.telepac.pt [2019-07-23] [Legacy] FF Extension: (Maximize Video) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\MaximizeVideo@ettoolong.xpi [2018-08-04] FF Extension: (New Tab Tools) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\newtabtools@darktrojan.net.xpi [2018-05-04] FF Extension: (Open Page in Private Window) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\open-page-in-private-window@cpeterso.com.xpi [2018-09-03] FF Extension: (Playback speed) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\playbackSpeed@waldemar.b.xpi [2018-05-06] FF Extension: (Private Tab) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\privateTab@infocatcher.xpi [2018-05-17] [Legacy] FF Extension: (Rename Tab Title) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\renametabtitle@mozilla.org.xpi [2018-07-17] FF Extension: (Rikaichan Japanese-French Dictionary File) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\rikaichan-jpfr@polarcloud.com [2019-07-23] [Legacy] FF Extension: (Semi-Full Screen) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\SemiFullScreen@Merci.chao.xpi [2017-11-23] [Legacy] FF Extension: (Skip Redirect) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\skipredirect@sblask.xpi [2018-05-02] FF Extension: (SSleuth) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\ssleuth@github.xpi [2017-02-16] [Legacy] FF Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\uBlock0@raymondhill.net.xpi [2019-05-27] FF Extension: (Undo Closed Tabs Button) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2017-02-26] [Legacy] FF Extension: (Zoom Page) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\zoompage@DW-dev.xpi [2017-11-12] [Legacy] FF Extension: (Disconnect for Facebook™) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{02bf35c3-6f86-4eb4-bea8-e70bc294a7dc}.xpi [2017-11-11] FF Extension: (Rikaichan) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}.xpi [2018-03-08] [Legacy] FF Extension: (Flagfox) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-08-06] [Legacy] [not signed] FF Extension: (Export Tabs URLs) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{17165bd9-9b71-4323-99a5-3d4ce49f3d75}.xpi [2019-05-16] FF Extension: (Undo Close Tab) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{4853d046-c5a3-436b-bc36-220fd935ee1d}.xpi [2018-06-10] FF Extension: (StartupMaster) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2018-03-19] [Legacy] FF Extension: (SmoothWheel (mozdev.org)) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2016-06-28] [Legacy] FF Extension: (User-Agent Switcher) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2019-02-26] FF Extension: (Stylus) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2019-03-25] FF Extension: (Youtube Zen) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{7f5dbd00-a296-4696-aebb-06a992c1b4cf}.xpi [2019-05-01] FF Extension: (Download Tab) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2017-12-10] [Legacy] FF Extension: (Permanent Progress Bar for YouTube) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{af838dcd-be8a-4237-8835-69fca92171d3}.xpi [2018-12-11] FF Extension: (Zoom Image) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{b14f4076-e80d-4baa-8c7d-8c65dfd2519c}.xpi [2019-05-13] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2019-04-27] FF Extension: (Change Referer Button) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi [2017-11-12] [Legacy] FF Extension: (BetterPrivacy) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-10-31] [Legacy] FF Extension: (Tab Mix Plus) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2019-04-14] [Legacy] [not signed] FF Extension: (SaveTabs) - C:\Users\owner\AppData\Roaming\Avant Profiles\Profiles\zszg12lr.default\Extensions\{f587d35c-943b-4323-8aee-cd8691df4db0}.xpi [2017-12-10] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-26] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-26] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2016-08-21] (Google Inc -> Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2016-08-21] (Google Inc -> Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) StartMenuInternet: Firefox-6F940AC27A98DD61 - C:\Program Files\Waterfox\waterfox.exe Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [dljdacfojgikogldjffnkdcielnklkce] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-07-30] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.) S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [115752 2017-05-22] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [483184 2019-03-29] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2019-06-10] (GuinpinSoft inc) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation) S2 CmService; C:\WINDOWS\System32\CmService.dll [818488 2019-07-29] (Microsoft Windows -> Microsoft Corporation) S2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_e3c09117ee62638d\DSDFunctionKeyCtlService.exe [614944 2019-05-22] (Dynabook Inc. -> Dynabook Inc.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-26] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-26] (ESET, spol. s r.o. -> ESET) R2 FileMarkerApplyIconService; C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software -> ArcticLine Software) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-08-02] (FUTUREMARK INC -> Futuremark) S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1381176 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3388928 2019-07-29] (Microsoft Windows -> Microsoft Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529696 2019-04-23] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370848 2019-05-05] (Intel Corporation -> Intel Corporation) S2 ImDiskRD; C:\Program Files\ImDisk\RamDiskUI.exe [66560 2019-06-29] () [File not signed] R2 ImDiskTk-svc; C:\Program Files\ImDisk\ImDiskTk-svc.exe [12288 2019-06-29] () [File not signed] R2 ImDskSvc; C:\WINDOWS\system32\imdsksvc.exe [31544 2018-11-19] (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [743728 2017-11-07] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [720184 2017-11-07] (Intel(R) Trust Services -> Intel(R) Corporation) R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> ) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) S2 LxssManagerUser; C:\WINDOWS\system32\lxss\LxssManager.dll [631808 2019-07-26] (Microsoft Windows -> Microsoft Corporation) R2 LxssManagerUser_aa25d; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) R2 LxssManagerUser_aa25d; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5463376 2019-06-10] (Paramount Software UK Ltd -> Paramount Software UK Ltd) [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-02-28] (Intel Corporation -> ) R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [309664 2019-07-16] (Locktime Software s.r.o. -> Locktime Software) R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [218576 2019-07-30] (TEFINCOM S.A. -> ) R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S4 OEMRegistrationProgram; C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe [16384 2012-12-17] (Toshiba Corporation) [File not signed] R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5775208 2019-07-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [13312 2014-02-27] () [File not signed] R2 TPCHKarteSVC; C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [244144 2013-01-22] (TOSHIBA CORPORATION -> Toshiba Corporation) S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_e3c09117ee62638d\dynabookSystemService.exe [24264200 2019-05-22] (Dynabook Inc. -> Dynabook Inc.) S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_e3c09117ee62638d\TOSTABSYSSVC.exe [254504 2019-05-22] (Dynabook Inc. -> Dynabook Inc.) R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_e3c09117ee62638d\RMService.exe [445920 2019-05-22] (Dynabook Inc. -> Dynabook Inc.) R2 TStationSrv; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TStationSrv.exe [229296 2016-12-14] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [134424 2019-03-15] (Veeam Software AG -> Veeam Software Group GmbH) R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3488568 2019-07-29] (Microsoft Windows -> Microsoft Corporation) R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [532024 2018-05-08] (VMware, Inc. -> VMware, Inc.) R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [532024 2018-05-08] (VMware, Inc. -> VMware, Inc.) R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [532024 2018-05-08] (VMware, Inc. -> VMware, Inc.) S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> ) S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [349184 2019-03-19] (Access Denied) [File not signed] S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) R2 wfcs; C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe [123600 2019-03-05] (Malwarebytes Corporation -> Malwarebytes) S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) R2 ZentimoService; C:\Programmes Portables\Zentimo\ZentimoService.exe [1789024 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd) S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-02-28] (Intel Corporation -> Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ALSysIO; C:\Users\owner\AppData\Local\Temp\ALSysIO64.sys [46384 2019-07-31] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 AWEAlloc; C:\WINDOWS\system32\DRIVERS\awealloc.sys [21048 2018-11-19] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr-x64.sys [84768 2018-05-08] (VMware, Inc. -> VMware, Inc.) S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [284160 2012-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [15360 2011-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) R3 BthA2DPSink; C:\WINDOWS\System32\drivers\BthA2DPSink.sys [50384 2019-05-21] (Dynabook Inc. -> Dynabook Inc. ) R3 BthHFPScoDrv; C:\WINDOWS\System32\drivers\BthHFPScoDrv.sys [44448 2019-05-21] (Dynabook Inc. -> Dynabook Inc. ) R2 CLFCL5.19; C:\WINDOWS\system32\DRIVERS\CLFCL5.19\000.fcl [46824 2019-07-10] (CyberLink Corp. -> CyberLink Corp.) S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Power Technology -> Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131904 2018-12-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 dsnpfd; C:\WINDOWS\system32\DRIVERS\dsnpfd.sys [47976 2018-10-06] (Whimsters Limited -> DeskSoft) R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_c86ba5f6690f5193\e1d68x64.sys [597568 2019-04-16] (Intel(R) INTELND1820 -> Intel Corporation) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-07-26] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-07-26] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-07-26] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-07-26] (ESET, spol. s r.o. -> ESET) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34744 2019-02-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-24] (Martin Malik - REALiX -> REALiX(tm)) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [239392 2019-04-23] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 ImDisk; C:\WINDOWS\system32\DRIVERS\imdisk.sys [48704 2018-11-19] (Lagerkvist Teknisk Radgivning i Boras HB -> Olof Lagerkvist) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit Information Technology -> IObit) R3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [17408 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation -> Microsoft Corporation) R0 mrcbt; C:\WINDOWS\System32\drivers\mrcbt.sys [88248 2019-06-10] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R0 mrigflt; C:\WINDOWS\System32\drivers\mrigflt.sys [75112 2019-04-26] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) S3 MYFAULT; C:\WINDOWS\system32\drivers\myfault.sys [25392 2018-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals) R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3521016 2019-04-30] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R1 networx; C:\WINDOWS\System32\drivers\networx.sys [114144 2018-09-23] (SoftPerfect Pty. Ltd. -> Windows (R) Win 7 DDK provider) R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [178944 2019-07-16] (Locktime Software s.r.o. -> Locktime Software) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [82752 2019-01-13] (Insecure.Com LLC -> Insecure.Com LLC.) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 P9Rdr; C:\WINDOWS\System32\drivers\p9rdr.sys [88888 2019-04-27] (Microsoft Windows -> Microsoft Corporation) S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.) S3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation ) R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [1002920 2019-05-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] (Intel Corporation -> ) S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [190096 2018-11-14] (RH Software -> Ray Hinchliffe) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167232 2018-12-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [File not signed] R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-06-13] (TEFINCOM S.A. -> The OpenVPN Project) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2019-04-30] (Dynabook Inc. -> Dynabook Inc.) R1 TosBTFilter; C:\WINDOWS\system32\drivers\TosBTFilter.sys [28432 2015-06-18] (TOSHIBA CORPORATION -> Toshiba Corporation) R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.) R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_e3c09117ee62638d\TosSrvCtlDrv.sys [26032 2019-05-22] (Dynabook Inc. -> Dynabook Inc.) R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [124544 2015-10-20] (High Criteria Inc -> High Criteria inc.) R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1409024 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-26] (VMware, Inc. -> VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-27] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 WinRing0_1_2_0; C:\Programmes Portables\Throttle Stop\WinRing0x64.sys [14544 2017-11-14] (Noriyuki MIYAZAKI -> OpenLibSys.org) R2 WiseFs; C:\WINDOWS\WiseFs64.sys [66128 2017-12-20] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com) S3 NAL; \??\C:\WINDOWS\system32\Drivers\iqvw64e.sys [X] U4 npcap_wifi; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation) NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-31 13:01 - 2019-07-31 13:02 - 000091357 _____ C:\Users\owner\Desktop\FRST.txt 2019-07-31 13:01 - 2019-07-31 13:01 - 000000000 ____D C:\FRST 2019-07-31 12:35 - 2019-07-31 12:54 - 000000000 ____D C:\Users\owner\Desktop\Nouveau dossier (6) 2019-07-31 12:35 - 2019-07-31 12:35 - 002096128 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe 2019-07-31 10:57 - 2019-07-31 10:57 - 000000000 ____D C:\WINDOWS\LastGood 2019-07-31 09:24 - 2019-07-31 09:24 - 000000000 ____D C:\Users\owner\AppData\Local\Driver Store Explorer 2019-07-31 09:24 - 2019-07-18 18:09 - 003445632 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 003168488 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 001382344 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 001337744 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000873568 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000852240 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000604904 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000541248 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000447280 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000230832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000218376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000175048 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000158800 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll 2019-07-31 09:24 - 2019-07-18 18:09 - 000075648 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 003340512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 001353424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000964912 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000692272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000392976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000343808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000327376 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000327376 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000266656 _____ (TODO: ) C:\WINDOWS\system32\slprp64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000231808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000220496 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000193088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000157448 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000116648 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000094008 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000090808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000090272 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000088424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2019-07-31 09:24 - 2019-07-18 18:08 - 000083728 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 072520816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2019-07-31 09:24 - 2019-07-18 18:07 - 007178360 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 007101640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 003677176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2019-07-31 09:24 - 2019-07-18 18:07 - 003159880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 002992288 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 002930256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 001787848 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 001598288 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 001516160 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000751192 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000734664 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000715544 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000511536 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000453384 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000452632 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000448496 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000332904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000261128 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000261096 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000260104 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000139864 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000122216 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000118696 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2019-07-31 09:24 - 2019-07-18 18:07 - 000105416 _____ C:\WINDOWS\system32\audioLibVc.dll 2019-07-31 09:24 - 2019-07-18 17:27 - 033770484 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2019-07-31 09:22 - 2019-07-31 09:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2019-07-30 21:02 - 2019-07-31 10:59 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16 2019-07-30 13:54 - 2019-07-30 13:54 - 000000000 ____D C:\Program Files (x86)\NordVPN 2019-07-29 22:16 - 2019-07-29 22:16 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 009927176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 007251832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 007174656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 006403072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 004562920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 004481024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 003750912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 003488568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 003388928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostNetSvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 003372744 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002989880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 002771752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002764040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2019-07-29 22:16 - 2019-07-29 22:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2019-07-29 22:16 - 2019-07-29 22:16 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002358584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002147840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002132520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001999648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001840968 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001788944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001754232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-07-29 22:16 - 2019-07-29 22:16 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001661544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001633864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001611576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001510952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001493392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001413120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001408000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001391624 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001383736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001366344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-07-29 22:16 - 2019-07-29 22:16 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001126400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001072144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 001043768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 001020768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000913168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000902456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsSandbox.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000889448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000821904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000818488 _____ (Microsoft Corporation) C:\WINDOWS\system32\CmService.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000816440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls 2019-07-29 22:16 - 2019-07-29 22:16 - 000811160 _____ C:\WINDOWS\system32\locale.nls 2019-07-29 22:16 - 2019-07-29 22:16 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000800568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000751048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000741176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000676664 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000666128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000639608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000613392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000606112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000586760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000544576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000523704 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000511008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\gns.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-07-29 22:16 - 2019-07-29 22:16 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000457528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2019-07-29 22:16 - 2019-07-29 22:16 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000394040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webauthn.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000346936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsmb.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000334728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000300384 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000292056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000283144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000231224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000228664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000202248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmclient.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000181560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000172856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000162384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000145936 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000144376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000137528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000132912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\madrid.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000123944 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000106536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000096032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000093312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000087048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzautoupdate.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000070152 _____ C:\WINDOWS\system32\cmdiag.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000046632 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000037688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe 2019-07-29 22:16 - 2019-07-29 22:16 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000020728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnlsres.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys 2019-07-29 22:16 - 2019-07-29 22:16 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-07-29 22:16 - 2019-07-29 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 017785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 007890792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 007832896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 007277568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 006227072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 006059520 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 004552376 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 003724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 003590664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 003141120 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 003104768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 003084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 002550792 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002448384 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002282496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002249216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002120488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002113536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 002032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001884200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001717800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001654520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 001423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001413904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001364480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001337864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001249920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001084728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 001007120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000977688 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000940736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000876560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000731448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000728576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000706760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000642208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2019-07-29 22:15 - 2019-07-29 22:15 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000512000 _____ C:\WINDOWS\system32\MusNotificationUx.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000441352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000416008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000343104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000283152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000225320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000208400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000201232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000199688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000180240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000157752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000088560 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000088488 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000047200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll 2019-07-29 22:15 - 2019-07-29 22:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe 2019-07-29 22:15 - 2019-07-29 22:15 - 000023352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys 2019-07-29 22:15 - 2019-07-29 22:15 - 000019256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys 2019-07-27 13:36 - 2019-07-27 13:37 - 000000000 ____D C:\AdwCleaner 2019-07-26 21:31 - 2019-07-31 08:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-07-26 20:16 - 2019-07-27 21:08 - 000000000 ____D C:\Users\owner\AppData\Roaming\Deezer 2019-07-26 20:16 - 2019-07-26 20:22 - 000000000 ____D C:\Users\owner\AppData\Local\deezer.desktop-updater 2019-07-26 20:11 - 2019-07-26 20:11 - 000000000 ____D C:\Program Files\Camera Bits 2019-07-26 15:54 - 2019-07-26 15:54 - 000000000 ____D C:\Users\owner\AppData\Local\4kdownload.com 2019-07-26 15:53 - 2019-07-26 15:53 - 000000000 ____D C:\Program Files\Logitech 2019-07-26 13:55 - 2019-07-26 14:11 - 000003422 _____ C:\WINDOWS\System32\Tasks\Hard Disk Sentinel 2019-07-26 13:51 - 2019-07-26 13:51 - 000000000 ____D C:\Users\owner\AppData\Roaming\Hard Disk Sentinel 2019-07-26 13:47 - 2019-07-26 13:48 - 000000000 ____D C:\Program Files (x86)\MakeMKV 2019-07-26 13:44 - 2019-07-26 13:44 - 000000000 ____D C:\Program Files\Locktime Software 2019-07-26 13:11 - 2019-07-26 13:11 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant 2019-07-26 13:11 - 2016-12-27 18:45 - 000035760 _____ C:\WINDOWS\system32\ddmdrv.sys 2019-07-26 13:11 - 2016-12-27 18:45 - 000033200 _____ C:\WINDOWS\SysWOW64\ddmdrv.sys 2019-07-26 13:11 - 2016-09-29 09:44 - 001298584 _____ C:\WINDOWS\ddmmain.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 007758336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-07-26 12:44 - 2019-07-26 12:44 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000166200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys 2019-07-26 12:44 - 2019-07-26 12:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsl.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bash.exe 2019-07-26 12:44 - 2019-07-26 12:44 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2019-07-26 12:44 - 2019-07-26 12:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll 2019-07-26 12:13 - 2019-07-26 12:13 - 000000000 ____D C:\ProgramData\PDVD 2019-07-26 12:10 - 2019-07-26 12:11 - 000005112 _____ C:\WINDOWS\SysWOW64\Upgrade_Saved_Config.txt 2019-07-26 12:10 - 2019-07-26 12:11 - 000000402 _____ C:\WINDOWS\SysWOW64\Saved_StaticIP.txt 2019-07-26 12:04 - 2019-07-31 09:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-07-26 11:56 - 2019-07-26 11:57 - 000000000 ____D C:\Users\owner\AppData\Roaming\Avant Profiles 2019-07-26 11:31 - 2019-07-26 22:14 - 000000000 ____D C:\Firefox - PNG New Tab Tools 2019-07-24 12:44 - 2019-07-24 12:44 - 000808440 _____ (Gracenote) C:\WINDOWS\SysWOW64\CDDBUI.dll 2019-07-24 12:44 - 2019-07-24 12:44 - 000796152 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\CDDBControl.dll 2019-07-16 04:18 - 2019-07-16 04:18 - 000178944 _____ (Locktime Software) C:\WINDOWS\system32\Drivers\nldrv.sys ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-31 13:01 - 2018-08-19 02:21 - 000000000 ____D C:\Users\owner\AppData\LocalLow\Mozilla 2019-07-31 12:51 - 2019-06-17 19:04 - 000000000 ____D C:\Users\owner\AppData\Roaming\foobar2000 2019-07-31 12:40 - 2018-08-11 02:15 - 000000000 ____D C:\Users\owner\AppData\Local\OpenShell 2019-07-31 12:34 - 2019-04-09 14:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-07-31 11:40 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-31 11:05 - 2019-04-09 15:10 - 003321060 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-07-31 11:05 - 2019-04-09 14:13 - 000867358 _____ C:\WINDOWS\system32\perfh00C.dat 2019-07-31 11:05 - 2019-04-09 14:13 - 000178634 _____ C:\WINDOWS\system32\perfc00C.dat 2019-07-31 11:05 - 2019-04-09 14:10 - 000477336 _____ C:\WINDOWS\system32\prfh0404.dat 2019-07-31 11:05 - 2019-04-09 14:10 - 000155728 _____ C:\WINDOWS\system32\prfc0404.dat 2019-07-31 11:05 - 2019-03-19 14:29 - 000516342 _____ C:\WINDOWS\system32\perfh011.dat 2019-07-31 11:05 - 2019-03-19 14:29 - 000155970 _____ C:\WINDOWS\system32\perfc011.dat 2019-07-31 11:05 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2019-07-31 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-31 11:00 - 2017-06-22 21:28 - 000000000 ____D C:\Users\owner\AppData\Roaming\Zentimo 2019-07-31 10:59 - 2019-06-21 16:01 - 000000000 ____D C:\ProgramData\Veeam 2019-07-31 10:59 - 2019-04-09 15:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-07-31 10:59 - 2019-04-01 11:15 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2019-07-31 10:59 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-07-31 10:59 - 2019-03-15 23:08 - 000000728 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2019-07-31 10:59 - 2019-03-15 23:07 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper 2019-07-31 10:59 - 2017-07-28 16:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2019-07-31 10:59 - 2016-03-10 10:25 - 000000000 __SHD C:\Users\owner\IntelGraphicsProfiles 2019-07-31 10:57 - 2018-03-19 17:54 - 000000000 ____D C:\WINDOWS\system32\RTCOM 2019-07-31 10:57 - 2017-07-28 16:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-07-31 10:41 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-07-31 10:41 - 2016-06-13 13:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\The Bat! 2019-07-31 10:39 - 2019-03-16 23:03 - 000000000 ____D C:\Users\owner\AppData\Roaming\eM Client 2019-07-31 10:09 - 2017-11-21 14:18 - 000000000 ____D C:\Program Files\waterfox 2019-07-31 09:25 - 2018-12-27 16:54 - 000000000 ____D C:\Users\owner\AppData\Local\Rapr 2019-07-31 09:23 - 2018-08-18 04:18 - 000000000 ____D C:\Windows Update Minitools avec script Wrapper 2019-07-31 09:22 - 2017-07-28 16:30 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2019-07-31 09:10 - 2019-04-09 15:10 - 000003494 _____ C:\WINDOWS\System32\Tasks\WDU 2019-07-31 09:10 - 2019-04-09 15:10 - 000003268 _____ C:\WINDOWS\System32\Tasks\Wub_task 2019-07-31 08:57 - 2019-03-16 21:25 - 000000000 ____D C:\Users\owner\AppData\Roaming\Yamicsoft 2019-07-31 08:56 - 2016-06-08 20:21 - 000000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet 2019-07-31 08:49 - 2016-06-05 01:17 - 000000000 ____D C:\Users\owner\AppData\Roaming\vlc 2019-07-30 22:02 - 2016-06-12 13:43 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Office 2019 2019-07-30 21:03 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-07-30 21:02 - 2016-06-12 13:17 - 000000000 ____D C:\Program Files\Microsoft Office 2019-07-30 20:43 - 2016-06-08 20:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe 2019-07-30 20:42 - 2016-06-12 11:20 - 000000000 ____D C:\Program Files\Common Files\Adobe 2019-07-30 20:42 - 2016-06-12 10:51 - 000000000 ___RD C:\Users\owner\Creative Cloud Files 2019-07-30 20:42 - 2016-06-12 10:37 - 000000000 ____D C:\Users\owner\AppData\Local\Adobe 2019-07-30 13:57 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-07-30 13:54 - 2017-12-08 03:01 - 000000000 ____D C:\Users\owner\AppData\Local\NordVPN 2019-07-30 13:54 - 2017-12-08 03:00 - 000000000 ____D C:\Users\owner\AppData\Roaming\NordVPN 2019-07-30 11:36 - 2019-04-09 14:16 - 000000000 ____D C:\Users\owner 2019-07-29 23:29 - 2016-06-06 20:32 - 000000000 ____D C:\ProgramData\IOffSvc 2019-07-29 22:55 - 2018-06-27 09:06 - 000000000 ____D C:\Program Files (x86)\Volume2 2019-07-29 22:30 - 2017-10-19 07:09 - 000000000 ___RD C:\Users\owner\3D Objects 2019-07-29 22:30 - 2016-02-13 15:13 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-07-29 22:28 - 2019-06-23 14:30 - 005644800 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-07-29 22:27 - 2019-03-19 14:31 - 000000000 ___SD C:\WINDOWS\system32\AppV 2019-07-29 22:27 - 2019-03-19 14:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-07-29 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-07-29 22:18 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-07-29 13:42 - 2018-11-04 23:15 - 000000428 _____ C:\Users\owner\SciTE.session 2019-07-28 22:57 - 2018-08-15 04:58 - 000000000 ____D C:\Users\owner\AppData\Roaming\AutoSizer 2019-07-28 17:54 - 2019-06-23 16:53 - 000003060 _____ C:\WINDOWS\System32\Tasks\firefox 2019-07-28 09:47 - 2017-02-27 20:28 - 000000000 ____D C:\Users\owner\AppData\Local\Greenshot 2019-07-27 13:43 - 2016-06-08 20:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pilotes 2019-07-27 13:40 - 2016-06-08 20:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom 2019-07-27 13:39 - 2019-03-01 19:26 - 000000000 ____D C:\Programmes Portables 2019-07-27 13:37 - 2019-06-24 15:54 - 000000000 ____D C:\Program Files\Winaero Tweaker 2019-07-27 11:08 - 2019-05-17 04:47 - 000001140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk 2019-07-27 11:08 - 2019-03-16 23:02 - 000000000 ____D C:\Program Files (x86)\eM Client 2019-07-26 22:41 - 2016-06-08 20:24 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Son 2019-07-26 22:39 - 2019-06-17 19:04 - 000000000 ____D C:\Program Files (x86)\foobar2000 2019-07-26 20:32 - 2018-02-27 15:19 - 000000000 ____D C:\Program Files\Argente Utilities 2019-07-26 20:29 - 2018-06-27 10:43 - 000000000 ____D C:\ProgramData\Packages 2019-07-26 20:29 - 2017-11-09 17:22 - 000000000 ____D C:\Users\owner\AppData\Local\PlaceholderTileLogoFolder 2019-07-26 20:29 - 2017-10-19 06:05 - 000000000 ____D C:\Users\owner\AppData\Local\Packages 2019-07-26 16:05 - 2019-04-09 19:07 - 000000000 ____D C:\Program Files\Wireshark 2019-07-26 16:03 - 2018-12-29 17:23 - 000000000 ____D C:\Users\owner\AppData\Local\Auto-Night-Mode 2019-07-26 15:57 - 2016-06-12 19:45 - 000000000 ____D C:\Program Files\LinkShellExtension 2019-07-26 15:53 - 2019-06-22 23:21 - 000000000 ____D C:\Users\owner\AppData\Local\Deployment 2019-07-26 13:50 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-07-26 13:49 - 2016-06-08 20:20 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardware 2019-07-26 13:43 - 2019-04-02 12:23 - 000000000 ____D C:\Users\owner\AppData\Roaming\Locktime Software 2019-07-26 13:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-07-26 13:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-07-26 13:34 - 2018-08-23 12:17 - 000000000 ____D C:\Program Files\SOUND FORGE 2019-07-26 13:32 - 2018-08-23 12:17 - 000000000 ____D C:\ProgramData\MAGIX 2019-07-26 13:32 - 2018-08-23 12:15 - 000000000 ____D C:\Users\owner\AppData\Roaming\Sony 2019-07-26 13:30 - 2018-05-10 22:51 - 000000000 ____D C:\Program Files\Opera 2019-07-26 13:28 - 2019-04-09 15:10 - 000003948 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1525985527 2019-07-26 13:20 - 2019-04-09 15:10 - 000003150 _____ C:\WINDOWS\System32\Tasks\WindowManager 2019-07-26 13:20 - 2018-07-23 13:35 - 000000000 ____D C:\Program Files (x86)\WindowManager 2019-07-26 13:12 - 2016-06-08 20:20 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système 2019-07-26 13:11 - 2019-05-14 09:58 - 000004021 _____ C:\WINDOWS\GA_OF.dat 2019-07-26 12:53 - 2019-04-25 09:51 - 000016760 ____N C:\WINDOWS\system32\SppExtComObjHook.dll 2019-07-26 12:53 - 2019-04-25 09:51 - 000004096 ____N C:\WINDOWS\system32\SppExtComObjPatcher.exe 2019-07-26 12:47 - 2019-04-09 14:07 - 000000000 ___SD C:\WINDOWS\system32\lxss 2019-07-26 12:35 - 2016-06-12 10:46 - 000000000 ____D C:\Program Files (x86)\Adobe 2019-07-26 12:26 - 2016-03-10 10:25 - 000000000 ____D C:\Users\owner\AppData\Roaming\Adobe 2019-07-26 12:24 - 2016-06-12 11:22 - 000000000 ____D C:\Users\owner\Documents\Adobe 2019-07-26 12:23 - 2017-06-13 23:13 - 000000000 ____D C:\Users\Public\Documents\Adobe 2019-07-26 12:18 - 2016-06-10 17:47 - 000000000 ____D C:\ProgramData\SUPPORTDIR 2019-07-26 12:14 - 2016-06-08 20:21 - 000000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vidéo 2019-07-26 12:13 - 2019-05-31 08:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.19 2019-07-26 12:13 - 2019-01-01 15:32 - 000000000 ____D C:\Program Files\CyberLink 2019-07-26 12:13 - 2018-11-20 11:25 - 000000000 ____D C:\ProgramData\install_backup 2019-07-26 12:13 - 2018-02-25 17:26 - 000000000 ___HD C:\ProgramData\CyberLink 2019-07-26 12:13 - 2016-06-10 17:48 - 000000000 ____D C:\Users\owner\AppData\Local\CyberLink 2019-07-26 12:13 - 2016-06-10 17:48 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information 2019-07-26 12:13 - 2016-06-10 17:47 - 000000000 ____D C:\ProgramData\install_clap 2019-07-26 12:13 - 2014-12-10 19:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-07-26 12:11 - 2017-07-28 16:30 - 000000000 ____D C:\Program Files\Intel 2019-07-26 12:07 - 2017-11-12 13:59 - 000000000 ____D C:\Users\owner\AppData\Roaming\Waterfox 2019-07-26 12:01 - 2018-07-12 08:22 - 000102464 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2019-07-26 12:01 - 2018-04-30 20:34 - 000189232 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2019-07-26 12:01 - 2018-04-30 20:34 - 000149144 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2019-07-26 12:01 - 2018-04-30 20:34 - 000113336 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2019-07-26 11:58 - 2017-03-01 09:49 - 000000000 ____D C:\Corbeille 2019-07-26 11:37 - 2017-03-10 18:56 - 000000000 ____D C:\Users\owner\Documents\Programmes Windows 10 2019-07-26 11:27 - 2016-06-12 20:43 - 000000000 ____D C:\Users\owner\Documents\Virtual Machines 2019-07-18 18:08 - 2019-03-29 15:21 - 003753264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2019-07-18 18:08 - 2019-03-29 15:21 - 001110064 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2019-07-18 18:07 - 2019-03-29 15:21 - 006931752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2019-07-18 18:07 - 2019-03-29 15:21 - 000023800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2019-07-17 18:52 - 2015-04-11 01:51 - 000000000 ____D C:\TOSHIBA 2019-07-02 19:05 - 2019-05-10 14:15 - 000000000 ____D C:\WINDOWS\Minidump 2019-07-02 19:02 - 2017-03-11 19:38 - 000000000 ____D C:\Program Files (x86)\Steam 2019-07-02 16:35 - 2016-06-10 22:21 - 000000000 ____D C:\Users\owner\.MakeMKV 2019-07-02 13:31 - 2019-03-22 13:32 - 000005632 _____ C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-07-02 13:31 - 2017-02-19 13:45 - 000000000 ____D C:\Users\owner\AppData\Roaming\IrfanView 2019-07-01 12:20 - 2019-06-22 14:31 - 000000000 ____D C:\Users\owner\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me ==================== Files in the root of some directories ================ 2017-12-01 07:07 - 2018-11-15 14:44 - 003287424 _____ () C:\Users\owner\ZHPCleaner.exe 2018-04-15 12:43 - 2018-11-15 14:45 - 003177344 _____ () C:\Users\owner\ZHPDiag3.exe 2018-01-29 13:52 - 2018-08-18 06:02 - 001559936 _____ () C:\Users\owner\ZHPLite.exe 2018-10-26 07:08 - 2018-10-26 07:08 - 000000171 _____ () C:\Users\owner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0 2018-10-26 07:08 - 2018-10-26 07:08 - 000001057 _____ () C:\Users\owner\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265 2017-01-21 13:43 - 2018-04-06 19:43 - 000000033 _____ () C:\Users\owner\AppData\Roaming\AdobeWLCMCache.dat 2018-03-23 23:46 - 2018-03-23 23:46 - 000000212 _____ () C:\Users\owner\AppData\Roaming\ex_log.txt 2018-03-23 23:46 - 2018-03-23 23:46 - 000001884 _____ () C:\Users\owner\AppData\Roaming\thebat64_Exceptions.log 2019-03-22 13:32 - 2019-07-02 13:31 - 000005632 _____ () C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-04-11 21:55 - 2019-06-12 23:05 - 000000081 _____ () C:\Users\owner\AppData\Local\FILM_AE_LogFile.txt 2018-10-07 04:07 - 2019-02-22 00:06 - 000000205 _____ () C:\Users\owner\AppData\Local\oobelibMkey.log 2019-03-20 23:49 - 2019-03-20 23:49 - 000000218 _____ () C:\Users\owner\AppData\Local\recently-used.xbel 2017-02-18 20:37 - 2018-10-19 14:57 - 000007608 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg 2018-04-01 14:29 - 2018-04-01 14:29 - 000000000 _____ () C:\Users\owner\AppData\Local\zenmap.exe.log ==================== FLock ================ 2019-03-29 10:31 C:\Program Files\rempl 2018-12-31 17:34 C:\WINDOWS\UpdateAssistant 2018-12-31 17:34 C:\WINDOWS\UpdateAssistantV2 2019-06-25 10:47 C:\WINDOWS\system32\CompatTelRunner.exe 2019-06-25 10:47 C:\WINDOWS\system32\MusNotification.exe 2019-07-29 22:15 C:\WINDOWS\system32\MusNotificationUx.exe 2019-03-19 06:45 C:\WINDOWS\system32\SIHClient.exe 2019-05-27 15:18 C:\WINDOWS\system32\UsoClient.exe 2019-03-19 06:44 C:\WINDOWS\system32\WaaSAssessment.dll 2019-03-19 06:44 C:\WINDOWS\system32\WaaSMedicPS.dll 2019-03-19 06:44 C:\WINDOWS\system32\WaaSMedicSvc.dll ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================