Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-04-2022 Uruchomiony przez Stasiu (administrator) STASUSEK (09-04-2022 22:22:40) Uruchomiony z C:\Users\Stasiu\Downloads Załadowane profile: Stasiu Platform: Microsoft Windows 11 Pro Wersja 22H2 22593.1 (X64) Język: Polski (Polska) Domyślna przeglądarka: Brave Tryb startu: Normal ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler64.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.194.0.16\OverwolfHelper.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.194.0.16\OverwolfHelper64.exe (C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.194.0.16\OverwolfBrowser.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe (explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <14> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0e10764edf6df74c\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe <6> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Softdeluxe) [Brak podpisu cyfrowego] C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [881440 2020-07-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [14824272 2021-12-16] (SteelSeries ApS -> SteelSeries ApS) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-04-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-04-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1099986154-233269724-4142777660-1001\...\Run: [Discord] => C:\Users\Stasiu\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-1099986154-233269724-4142777660-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1099986154-233269724-4142777660-1001\...\Run: [Free Download Manager] => C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe [5222400 2021-09-03] (Softdeluxe) [Brak podpisu cyfrowego] HKU\S-1-5-21-1099986154-233269724-4142777660-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-04-02] (Overwolf Ltd -> Overwolf Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\100.1.37.111\Installer\chrmstp.exe [2022-04-05] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-04-03] (Microsoft Windows -> Microsoft Corporation) Startup: C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nano.lnk [2022-03-22] ShortcutTarget: nano.lnk -> C:\Users\Stasiu\AppData\Roaming\MicrosoftWindowsFirewall\nano.vbs () [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {10BE8A87-EDFB-4A33-B28D-E3A2E3C77E88} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-04-03] (Microsoft Windows -> Microsoft Corporation) Task: {1137F580-1F8B-49E3-AD5E-7E83558E2728} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1EF0093B-7C6E-41B3-9FC1-92F0EDFFDDD0} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Brak pliku) "C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" nie został odblokowany. <==== UWAGA Task: {234F2D10-C2A8-48EF-9069-9D49481B44BD} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask Task: {24C9C2D1-776B-4336-B3F3-4FA5E0717B57} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {2D310BAF-6CCE-45E9-A3BD-190F1C7497B7} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [212992 2022-04-03] (Microsoft Windows -> Microsoft Corporation) Task: {365BEEC9-D156-4AAB-B632-6FD9580E0F18} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2540888 2022-04-02] (Overwolf Ltd -> Overwolf LTD) Task: {53DA5411-57A6-41AD-A513-968599296234} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {55425174-3087-46AC-8D58-4F9A9326BAD7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {5FB9E65A-F6D4-4E56-BBE6-0E3EBE5638FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {67BC3D0F-AE3B-4AD4-AFD8-1C67E9D13D75} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-10-06] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {6C5A8233-6A62-4F69-BCD8-41BEA59BDC6E} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [233472 2022-04-03] (Microsoft Windows -> Microsoft Corporation) Task: {6E1CDC54-D04E-487B-B8B2-4B7FB7504372} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {87AB0BB9-4CC3-42D5-B689-BB8872F1DBDB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8C5D38BD-591D-4FF1-91E8-4308625478DD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Brak pliku) Task: {8EC93E43-3762-4CA0-AF77-77FEE52E4AA0} - System32\Tasks\Microsoft\Windows\Clip\LicenseImdsIntegration => C:\WINDOWS\system32\fclip.exe [446624 2022-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9862FE19-0FBD-4DBB-B9D6-8A2CCFC95AAC} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [212992 2022-04-03] (Microsoft Windows -> Microsoft Corporation) Task: {A3E883D0-0A5F-42A7-BE4E-B39EBD32DE8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AB485F79-3C62-41EB-9F5E-81F3F5D20D62} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {B0E980E9-1753-4B8E-BBD3-5517B83DBCAF} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [144896 2021-09-03] (Softdeluxe) [Brak podpisu cyfrowego] Task: {BA6EF7E1-5F94-492F-AF15-BF0DC6E200EF} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-04-03] (Microsoft Windows -> ) Task: {D58CEBC7-945D-482A-9AF7-B68492FC1F59} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {D5AFF30D-8A4F-4A58-B14D-D03725D53106} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-10-06] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {D92B46CB-AE6F-494E-BC9E-DA7128CA78B9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {E1D01188-D1F7-4AE1-AFA2-8D48095E83FD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {E69A4E2E-0FAF-4E39-92B9-CD43E696DB7B} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {F839E627-DEC5-46E3-A6E6-E919D14F7692} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.21.99.94 62.21.99.95 Tcpip\..\Interfaces\{b9294a30-dd2a-4f8a-bb7f-737795647c2d}: [DhcpNameServer] 62.21.99.94 62.21.99.95 Edge: ======= Edge Profile: C:\Users\Stasiu\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-06] Edge Notifications: Default -> hxxps://meet.google.com FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-10-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-10-06] (Oracle America, Inc. -> Oracle Corporation) Brave: ======= BRA Profile: C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-04-09] BRA Notifications: Default -> hxxps://a.captcha-smart.top; hxxps://meet.google.com BRA DefaultSearchKeyword: Default -> :g BRA Session Restore: Default -> [funkcja włączona] BRA Extension: (Tłumacz Google) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09] BRA Extension: (Anti Testportal) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpgfbfopkfdfmlfdpmoanamopdnibhkl [2021-12-10] BRA Extension: (Dokumenty Google offline) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-09] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-04-09] BRA Extension: (Brave NTP background images) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-03-10] BRA Extension: (Wallet Data Files Updater) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-03-09] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-09] BRA Extension: (Brave Ads Resources) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\fojhemdeemkcacelmecilmibcjallejo [2021-10-13] BRA Extension: (Brave NTP sponsored images) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodhafecfemgejckecbnmpobnhmoaoag [2022-04-09] BRA Extension: (Brave SpeedReader Updater) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10] BRA Extension: (Crypto Wallets) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-10-19] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-04-06] BRA Extension: (Brave Ad Block Updater (Oficjalne Polskie Filtry do AdBlocka, uBlocka Origin i AdGuarda)) - C:\Users\Stasiu\AppData\Local\BraveSoftware\Brave-Browser\User Data\paoecjnjjbclkgbempaeemcbeldldlbo [2022-04-09] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-10-06] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-10-06] (Brave Software, Inc. -> BraveSoftware Inc.) S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [794624 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-06] (Epic Games Inc. -> Epic Games, Inc.) S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [295200 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2540888 2022-04-02] (Overwolf Ltd -> Overwolf LTD) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2406192 2021-11-11] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [244160 2022-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [409448 2022-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [31568 2021-12-15] (SteelSeries ApS -> ) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2021-11-22] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-04-03] (Microsoft Windows -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0e10764edf6df74c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0e10764edf6df74c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AsrDrv103; C:\WINDOWS\SysWOW64\Drivers\AsrDrv103.sys [34568 2021-10-06] (ASROCK Incorporation -> ASRock Incorporation) [Brak podpisu cyfrowego] S3 AsrDrv104; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-10-06] (ASROCK Incorporation -> ASRock Incorporation) [Brak podpisu cyfrowego] S3 AsrDrv104n; C:\WINDOWS\SysWOW64\Drivers\AsrDrv104n.sys [33000 2021-10-06] (ASROCK Incorporation -> ASRock Incorporation) [Brak podpisu cyfrowego] R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [78112 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_c6cad405a6e4f1f8\genpass.sys [49440 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [114976 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S3 MSIO; C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\msio64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [40224 2022-04-03] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [94208 2022-04-03] (Microsoft Windows -> ) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_b5f9322caa48de2b\rtcx21x64.sys [616472 2022-02-17] (Realtek Semiconductor Corp. -> Realtek) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [47784 2021-09-03] (SteelSeries ApS -> SteelSeries ApS) S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47760 2021-09-01] (SteelSeries ApS -> SteelSeries ApS) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries.sonar.vad.inf_amd64_991d9c8eaf1c6f0e\SteelSeries.Sonar.VAD.sys [77200 2021-11-22] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2022-01-07] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-01-07] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [239672 2021-11-22] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249584 2021-11-22] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-06] (Microsoft Windows -> Microsoft Corporation) R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-04-03] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Trzy miesiące (utworzone) (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-04-09 22:22 - 2022-04-09 22:22 - 000023187 _____ C:\Users\Stasiu\Downloads\FRST.txt 2022-04-09 22:14 - 2022-04-09 22:14 - 000798244 _____ C:\WINDOWS\system32\perfh015.dat 2022-04-09 22:14 - 2022-04-09 22:14 - 000158294 _____ C:\WINDOWS\system32\perfc015.dat 2022-04-09 21:57 - 2022-04-09 22:22 - 000000000 ____D C:\FRST 2022-04-09 21:57 - 2022-04-09 21:57 - 002365440 _____ (Farbar) C:\Users\Stasiu\Downloads\FRST64.exe 2022-04-09 21:42 - 2022-04-09 21:42 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-04-09 21:41 - 2022-04-09 22:14 - 001797768 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-09 21:40 - 2022-04-09 22:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-09 21:40 - 2022-04-09 21:40 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2022-04-09 21:40 - 2022-04-09 21:40 - 000011433 _____ C:\WINDOWS\diagerr.xml 2022-04-09 21:40 - 2022-04-09 21:40 - 000003520 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA 2022-04-09 21:40 - 2022-04-09 21:40 - 000003438 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-09 21:40 - 2022-04-09 21:40 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000003296 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore 2022-04-09 21:40 - 2022-04-09 21:40 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task 2022-04-09 21:40 - 2022-04-09 21:40 - 000003244 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8404560965f43 2022-04-09 21:40 - 2022-04-09 21:40 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-09 21:40 - 2022-04-09 21:40 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-04-09 21:40 - 2022-04-09 21:40 - 000001916 _____ C:\WINDOWS\system32\Tasks\FreeDownloadManagerHelperService 2022-04-09 21:40 - 2022-04-09 21:40 - 000000020 ___SH C:\Users\Stasiu\ntuser.ini 2022-04-09 21:40 - 2022-04-09 21:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-04-09 21:38 - 2022-04-09 21:40 - 000000000 ____D C:\Windows.old 2022-04-09 21:38 - 2022-04-09 21:38 - 000493264 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-04-09 21:38 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-04-09 19:00 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2022-04-09 18:58 - 2022-04-09 21:40 - 000000000 ____D C:\Users\Stasiu 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Ustawienia lokalne 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Szablony 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Moje dokumenty 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Menu Start 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Documents\Moje wideo 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Documents\Moje obrazy 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Documents\Moja muzyka 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\Dane aplikacji 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\AppData\Local\Tymczasowe pliki internetowe 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\AppData\Local\Historia 2022-04-09 18:58 - 2022-04-09 18:58 - 000000000 _SHDL C:\Users\Stasiu\AppData\Local\Dane aplikacji 2022-04-09 18:58 - 2022-04-03 06:55 - 000001281 _____ C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2022-04-09 18:58 - 2022-04-03 06:55 - 000000407 _____ C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2022-04-09 18:57 - 2022-04-09 18:57 - 000000000 ____D C:\WINDOWS\system32\SteelSeries 2022-04-09 18:53 - 2022-04-09 18:53 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2022-04-09 18:53 - 2022-04-09 18:53 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-04-09 18:53 - 2022-04-09 18:53 - 000000000 ____D C:\WINDOWS\addins 2022-04-09 18:52 - 2022-04-09 18:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-04-09 18:52 - 2022-04-09 18:52 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-04-09 18:52 - 2022-04-09 18:52 - 000000000 ____D C:\Program Files\MSBuild 2022-04-09 18:52 - 2022-04-09 18:52 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-04-09 18:52 - 2022-04-09 18:52 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-04-09 18:41 - 2022-04-09 18:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-04-08 20:18 - 2022-04-09 21:40 - 000000000 ___DC C:\WINDOWS\Panther 2022-04-03 12:30 - 2022-04-09 18:51 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-04-03 12:30 - 2022-04-09 18:51 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-04-03 12:30 - 2022-04-09 18:51 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-04-03 12:30 - 2022-04-03 12:30 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2022-04-03 12:30 - 2022-04-03 12:30 - 000000000 ___SD C:\WINDOWS\system32\AppV 2022-04-03 12:30 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2022-04-03 12:30 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\RemotePackages 2022-04-03 12:30 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\InboxApps 2022-04-03 12:30 - 2022-04-03 12:30 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2022-04-03 12:30 - 2022-04-03 12:29 - 000023649 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2022-04-03 12:30 - 2022-04-03 06:56 - 000024935 _____ C:\WINDOWS\Professional.xml 2022-04-03 12:29 - 2022-04-03 12:29 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2022-04-03 12:29 - 2022-04-03 12:29 - 000000000 ____D C:\ProgramData\ssh 2022-04-03 12:29 - 2022-04-02 14:21 - 001780224 _____ C:\WINDOWS\system32\libcrypto.dll 2022-04-03 12:29 - 2021-08-19 19:32 - 000146389 _____ C:\WINDOWS\system32\printmanagement.msc 2022-04-03 12:28 - 2022-04-02 18:54 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll 2022-04-03 12:20 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2022-04-03 12:20 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\winrm 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\WCN 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\slmgr 2022-04-03 12:19 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2022-04-03 12:19 - 2022-04-03 12:19 - 000343212 _____ C:\WINDOWS\system32\perfi015.dat 2022-04-03 12:19 - 2022-04-03 12:19 - 000041370 _____ C:\WINDOWS\system32\perfd015.dat 2022-04-03 12:19 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2022-04-03 12:19 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pl 2022-04-03 12:19 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2022-04-03 12:19 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\system32\pl 2022-04-03 12:19 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\system32\0409 2022-04-03 12:19 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\DigitalLocker 2022-04-03 07:12 - 2022-04-03 07:12 - 000000000 _SHDL C:\Users\Default User 2022-04-03 07:12 - 2022-04-03 07:12 - 000000000 _SHDL C:\Users\All Users 2022-04-03 07:02 - 2022-04-09 19:07 - 000000000 ____D C:\WINDOWS\Setup 2022-04-03 07:00 - 2022-04-09 21:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2022-04-03 07:00 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\system32\Pbr 2022-04-03 07:00 - 2022-04-03 06:58 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2022-04-03 07:00 - 2022-04-03 06:58 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2022-04-03 07:00 - 2022-04-03 06:58 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2022-04-03 07:00 - 2022-04-03 06:58 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2022-04-03 07:00 - 2022-04-03 06:58 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2022-04-03 07:00 - 2022-04-03 06:58 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2022-04-03 06:59 - 2022-04-09 22:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-04-03 06:59 - 2022-04-09 22:07 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-04-03 06:59 - 2022-04-09 21:57 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-04-03 06:59 - 2022-04-09 21:57 - 000000000 ___HD C:\Program Files\WindowsApps 2022-04-03 06:59 - 2022-04-09 21:57 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-04-03 06:59 - 2022-04-09 21:42 - 000000000 ____D C:\WINDOWS\appcompat 2022-04-03 06:59 - 2022-04-09 21:40 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-04-03 06:59 - 2022-04-09 21:40 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-04-03 06:59 - 2022-04-09 21:40 - 000000000 ____D C:\Program Files\Windows NT 2022-04-03 06:59 - 2022-04-09 21:40 - 000000000 ____D C:\Program Files\Windows Defender 2022-04-03 06:59 - 2022-04-09 21:39 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2022-04-03 06:59 - 2022-04-09 21:38 - 000000000 ___RD C:\Program Files (x86) 2022-04-03 06:59 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2022-04-03 06:59 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\system32\spool 2022-04-03 06:59 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\ServiceState 2022-04-03 06:59 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-04-03 06:59 - 2022-04-09 19:04 - 000000000 __RHD C:\Users\Public\Libraries 2022-04-03 06:59 - 2022-04-09 19:04 - 000000000 ____D C:\ProgramData\USOPrivate 2022-04-03 06:59 - 2022-04-09 19:00 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-04-03 06:59 - 2022-04-09 18:54 - 000000000 ____D C:\WINDOWS\OCR 2022-04-03 06:59 - 2022-04-09 18:53 - 000000000 ____D C:\WINDOWS\system32\setup 2022-04-03 06:59 - 2022-04-09 18:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2022-04-03 06:59 - 2022-04-09 18:52 - 000000000 ____D C:\WINDOWS\system32\MUI 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ___SD C:\WINDOWS\system32\F12 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-04-03 06:59 - 2022-04-09 18:51 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2022-04-03 06:59 - 2022-04-03 12:31 - 000000000 ____D C:\WINDOWS\Containers 2022-04-03 06:59 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\SystemResources 2022-04-03 06:59 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\SystemApps 2022-04-03 06:59 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-04-03 06:59 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\security 2022-04-03 06:59 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\schemas 2022-04-03 06:59 - 2022-04-03 12:30 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\system32\id-ID 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2022-04-03 06:59 - 2022-04-03 12:20 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ___SD C:\WINDOWS\system32\dsc 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\system32\Com 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\IME 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\Help 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\WINDOWS\BrowserCore 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\Program Files\Common Files\System 2022-04-03 06:59 - 2022-04-03 12:19 - 000000000 ____D C:\Program Files (x86)\Windows NT 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 __SHD C:\Program Files\Windows Sidebar 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\Web 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\system32\winevt 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\system32\ras 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\SKB 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\Resources 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\Registration 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\Provisioning 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\PLA 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\Media 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\InputMethod 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\IdentityCRL 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\Globalization 2022-04-03 06:59 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\DiagTrack 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ___SD C:\WINDOWS\system32\Nui 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ___SD C:\WINDOWS\system32\lxss 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\WUModels 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\UUS 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\Keywords 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\icsxml 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\ias 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\downlevel 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-04-03 06:59 - 2022-04-03 07:00 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\WaaS 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\Vss 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\tracing 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\TAPI 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\IME 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\DriverState 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\System 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\SchCache 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\rescache 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\Performance 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\ModemLogs 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\L2Schemas 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\Cursors 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\Branding 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\ProgramData\USOShared 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2022-04-03 06:59 - 2022-04-03 06:59 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-04-03 06:59 - 2022-04-03 06:58 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2022-04-03 06:59 - 2022-04-03 06:58 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2022-04-03 06:58 - 2022-04-09 22:14 - 000000000 ____D C:\WINDOWS\INF 2022-04-03 06:56 - 2022-04-03 12:29 - 000569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2022-04-03 06:56 - 2022-04-03 12:29 - 000524288 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2022-04-03 06:56 - 2022-04-03 12:29 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2022-04-03 06:56 - 2022-04-03 12:29 - 000316640 _____ C:\WINDOWS\WMSysPr9.prx 2022-04-03 06:56 - 2022-04-03 12:29 - 000208896 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codecp.acm 2022-04-03 06:56 - 2022-04-03 12:29 - 000196608 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codecp.acm 2022-04-03 06:56 - 2022-04-03 12:29 - 000172032 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll 2022-04-03 06:56 - 2022-04-03 12:29 - 000151840 _____ C:\WINDOWS\system32\HvsiManagementApi.dll 2022-04-03 06:56 - 2022-04-03 12:29 - 000147439 _____ C:\WINDOWS\SysWOW64\gpedit.msc 2022-04-03 06:56 - 2022-04-03 12:29 - 000147439 _____ C:\WINDOWS\system32\gpedit.msc 2022-04-03 06:56 - 2022-04-03 12:29 - 000120458 _____ C:\WINDOWS\system32\secpol.msc 2022-04-03 06:56 - 2022-04-03 12:29 - 000114688 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codeca.acm 2022-04-03 06:56 - 2022-04-03 12:29 - 000100128 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll 2022-04-03 06:56 - 2022-04-03 12:29 - 000073728 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codeca.acm 2022-04-03 06:56 - 2022-04-03 12:29 - 000057344 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2022-04-03 06:56 - 2022-04-03 12:29 - 000043566 _____ C:\WINDOWS\SysWOW64\rsop.msc 2022-04-03 06:56 - 2022-04-03 12:29 - 000043566 _____ C:\WINDOWS\system32\rsop.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 004149536 _____ C:\WINDOWS\system32\rdpnanoTransport.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 003309056 _____ C:\WINDOWS\system32\CloudRecoveryDownloadTool.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000839680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir41_32original.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr 2022-04-03 06:56 - 2022-04-03 06:56 - 000746496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir50_32original.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-04-03 06:56 - 2022-04-03 06:56 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2022-04-03 06:56 - 2022-04-03 06:56 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2022-04-03 06:56 - 2022-04-03 06:56 - 000338432 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir41_qcxoriginal.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr 2022-04-03 06:56 - 2022-04-03 06:56 - 000211938 _____ C:\WINDOWS\SysWOW64\lcphrase.tbl 2022-04-03 06:56 - 2022-04-03 06:56 - 000211938 _____ C:\WINDOWS\system32\lcphrase.tbl 2022-04-03 06:56 - 2022-04-03 06:56 - 000200704 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000200192 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir50_qcoriginal.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000197632 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\ir32_32original.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000197632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iac25_32.ax 2022-04-03 06:56 - 2022-04-03 06:56 - 000195618 _____ C:\WINDOWS\system32\C_10002.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000183808 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir50_qcxoriginal.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mystify.scr 2022-04-03 06:56 - 2022-04-03 06:56 - 000177698 _____ C:\WINDOWS\system32\C_10003.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Ribbons.scr 2022-04-03 06:56 - 2022-04-03 06:56 - 000173602 _____ C:\WINDOWS\system32\C_10008.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000162850 _____ C:\WINDOWS\system32\C_10001.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000146944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ivfsrc.ax 2022-04-03 06:56 - 2022-04-03 06:56 - 000145519 _____ C:\WINDOWS\SysWOW64\perfmon.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000145519 _____ C:\WINDOWS\system32\perfmon.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000145127 _____ C:\WINDOWS\SysWOW64\eventvwr.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000145127 _____ C:\WINDOWS\system32\eventvwr.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000144384 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe 2022-04-03 06:56 - 2022-04-03 06:56 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotesp.tsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000120320 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir41_qcoriginal.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000113256 _____ C:\WINDOWS\SysWOW64\compmgmt.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlsrv32.rll 2022-04-03 06:56 - 2022-04-03 06:56 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlsrv32.rll 2022-04-03 06:56 - 2022-04-03 06:56 - 000093702 _____ C:\WINDOWS\SysWOW64\SubRange.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000093702 _____ C:\WINDOWS\system32\SubRange.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000092746 _____ C:\WINDOWS\SysWOW64\services.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000092746 _____ C:\WINDOWS\system32\services.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000090624 _____ (Radius Inc.) C:\WINDOWS\SysWOW64\iccvid.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remotesp.tsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000074016 _____ C:\WINDOWS\system32\Drivers\NDKPerf.sys 2022-04-03 06:56 - 2022-04-03 06:56 - 000069120 _____ (Twain Working Group) C:\WINDOWS\twain_32.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_875.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_870.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_500.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_21027.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_21025.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20924.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20905.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20880.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20871.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20838.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20833.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20424.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20423.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20420.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20297.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20290.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20285.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20284.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20280.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20278.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20277.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20273.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20269.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20108.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20107.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20106.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_20105.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1149.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1148.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1147.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1146.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1145.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1144.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1143.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1142.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1141.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1140.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1047.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_1026.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10082.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10081.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10079.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10029.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10021.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10017.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10010.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10007.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10006.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10005.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10004.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_10000.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000066082 _____ C:\WINDOWS\system32\C_037.NLS 2022-04-03 06:56 - 2022-04-03 06:56 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidphone.tsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000063081 _____ C:\WINDOWS\SysWOW64\certlm.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000063081 _____ C:\WINDOWS\system32\certlm.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000063070 _____ C:\WINDOWS\SysWOW64\certmgr.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000063070 _____ C:\WINDOWS\system32\certmgr.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000061440 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000060458 _____ C:\WINDOWS\SysWOW64\ideograf.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000060458 _____ C:\WINDOWS\system32\ideograf.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000060267 _____ C:\WINDOWS\system32\srms.dat 2022-04-03 06:56 - 2022-04-03 06:56 - 000057856 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2022-04-03 06:56 - 2022-04-03 06:56 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\format.com 2022-04-03 06:56 - 2022-04-03 06:56 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\cliconfg.rll 2022-04-03 06:56 - 2022-04-03 06:56 - 000041587 _____ C:\WINDOWS\SysWOW64\azman.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000041587 _____ C:\WINDOWS\system32\azman.msc 2022-04-03 06:56 - 2022-04-03 06:56 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cliconfg.rll 2022-04-03 06:56 - 2022-04-03 06:56 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hidphone.tsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-04-03 06:56 - 2022-04-03 06:56 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\more.com 2022-04-03 06:56 - 2022-04-03 06:56 - 000024114 _____ C:\WINDOWS\SysWOW64\lcptr.tbl 2022-04-03 06:56 - 2022-04-03 06:56 - 000024114 _____ C:\WINDOWS\system32\lcptr.tbl 2022-04-03 06:56 - 2022-04-03 06:56 - 000024006 _____ C:\WINDOWS\SysWOW64\gb2312.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000024006 _____ C:\WINDOWS\system32\gb2312.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000022984 _____ C:\WINDOWS\SysWOW64\bopomofo.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000022984 _____ C:\WINDOWS\system32\bopomofo.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000019485 _____ C:\WINDOWS\SysWOW64\srms-apr.dat 2022-04-03 06:56 - 2022-04-03 06:56 - 000019485 _____ C:\WINDOWS\system32\srms-apr.dat 2022-04-03 06:56 - 2022-04-03 06:56 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-04-03 06:56 - 2022-04-03 06:56 - 000017363 _____ C:\WINDOWS\SysWOW64\EventViewer_EventDetails.xsl 2022-04-03 06:56 - 2022-04-03 06:56 - 000017363 _____ C:\WINDOWS\system32\EventViewer_EventDetails.xsl 2022-04-03 06:56 - 2022-04-03 06:56 - 000016740 _____ C:\WINDOWS\SysWOW64\ShiftJIS.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000016740 _____ C:\WINDOWS\system32\ShiftJIS.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000012876 _____ C:\WINDOWS\SysWOW64\korean.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000012876 _____ C:\WINDOWS\system32\korean.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-04-03 06:56 - 2022-04-03 06:56 - 000011292 _____ C:\WINDOWS\SysWOW64\srms-apr-v.dat 2022-04-03 06:56 - 2022-04-03 06:56 - 000011292 _____ C:\WINDOWS\system32\srms-apr-v.dat 2022-04-03 06:56 - 2022-04-03 06:56 - 000008484 _____ C:\WINDOWS\SysWOW64\kanji_2.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000008484 _____ C:\WINDOWS\system32\kanji_2.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000008279 _____ C:\WINDOWS\system32\ResPriUHMImageList 2022-04-03 06:56 - 2022-04-03 06:56 - 000008279 _____ C:\WINDOWS\system32\ResPriImageList 2022-04-03 06:56 - 2022-04-03 06:56 - 000008279 _____ C:\WINDOWS\system32\ResPriHMImageList 2022-04-03 06:56 - 2022-04-03 06:56 - 000008145 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost 2022-04-03 06:56 - 2022-04-03 06:56 - 000007898 _____ C:\WINDOWS\system32\ResPriLMImageList 2022-04-03 06:56 - 2022-04-03 06:56 - 000007787 _____ C:\WINDOWS\system32\ResPriImageListLowCost 2022-04-03 06:56 - 2022-04-03 06:56 - 000006948 _____ C:\WINDOWS\SysWOW64\kanji_1.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000006948 _____ C:\WINDOWS\system32\kanji_1.uce 2022-04-03 06:56 - 2022-04-03 06:56 - 000004453 _____ C:\WINDOWS\SysWOW64\odbcconf.rsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000004014 _____ C:\WINDOWS\SysWOW64\xwizard.dtd 2022-04-03 06:56 - 2022-04-03 06:56 - 000004014 _____ C:\WINDOWS\system32\xwizard.dtd 2022-04-03 06:56 - 2022-04-03 06:56 - 000003789 _____ C:\WINDOWS\SysWOW64\WwanFeatureTests.xml 2022-04-03 06:56 - 2022-04-03 06:56 - 000003420 _____ C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb 2022-04-03 06:56 - 2022-04-03 06:56 - 000003420 _____ C:\WINDOWS\system32\UevCustomActionTypes.tlb 2022-04-03 06:56 - 2022-04-03 06:56 - 000002233 _____ C:\WINDOWS\SysWOW64\12520850.cpx 2022-04-03 06:56 - 2022-04-03 06:56 - 000002151 _____ C:\WINDOWS\SysWOW64\12520437.cpx 2022-04-03 06:56 - 2022-04-03 06:56 - 000001720 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.vbs 2022-04-03 06:56 - 2022-04-03 06:56 - 000000874 _____ C:\WINDOWS\system32\manage-bde.wsf 2022-04-03 06:56 - 2022-04-03 06:56 - 000000565 _____ C:\WINDOWS\SysWOW64\NdfEventView.xml 2022-04-03 06:56 - 2022-04-03 06:56 - 000000565 _____ C:\WINDOWS\system32\NdfEventView.xml 2022-04-03 06:56 - 2022-04-03 06:56 - 000000263 _____ C:\WINDOWS\system32\odbcconf.rsp 2022-04-03 06:56 - 2022-04-03 06:56 - 000000146 _____ C:\WINDOWS\system32\UevAppMonitor.exe.config 2022-04-03 06:56 - 2022-04-03 06:56 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json 2022-04-03 06:56 - 2022-04-03 06:56 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json 2022-04-03 06:55 - 2022-04-03 06:55 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 004355072 _____ C:\WINDOWS\system32\Windows.UI.Input.Inking.Analysis.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 003635200 _____ C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.Analysis.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 003440660 _____ C:\WINDOWS\SysWOW64\Drivers\gm.dls 2022-04-03 06:55 - 2022-04-03 06:55 - 003440660 _____ C:\WINDOWS\system32\Drivers\gm.dls 2022-04-03 06:55 - 2022-04-03 06:55 - 003436320 _____ (Marvell Semiconductor Inc.) C:\WINDOWS\system32\Drivers\evbda.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 003418912 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\evbd0a.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 003170304 _____ C:\WINDOWS\SysWOW64\boot.sdi 2022-04-03 06:55 - 2022-04-03 06:55 - 003170304 _____ C:\WINDOWS\system32\boot.sdi 2022-04-03 06:55 - 2022-04-03 06:55 - 002570448 ____R (The ICU Project) C:\WINDOWS\system32\icu.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 002318336 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 002126336 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 002083568 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 002074608 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 001849632 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4vx64.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 001317024 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 001219976 _____ C:\WINDOWS\system32\HrtfDspCpu.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 001131296 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 001127200 _____ (Mellanox) C:\WINDOWS\system32\Drivers\mlx4_bus.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000987512 _____ C:\WINDOWS\SysWOW64\HrtfDspCpu.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000931736 _____ (SQLite Development Team) C:\WINDOWS\system32\winsqlite3.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000880416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAVC.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000841544 _____ C:\WINDOWS\SysWOW64\locale.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000841544 _____ C:\WINDOWS\system32\locale.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000745552 _____ C:\WINDOWS\system32\DynamicLong.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000704440 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\winsqlite3.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000673088 _____ C:\WINDOWS\SysWOW64\mlang.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000673088 _____ C:\WINDOWS\system32\mlang.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000571680 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000554784 _____ (Mellanox) C:\WINDOWS\system32\Drivers\ibbus.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000529696 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000515152 _____ C:\WINDOWS\system32\DynamicMedium.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000407840 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000385024 _____ C:\WINDOWS\system32\hwreqchk.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000323152 _____ C:\WINDOWS\system32\DynamicShort.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000315680 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4sx64.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000301344 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS 2022-04-03 06:55 - 2022-04-03 06:55 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000270336 _____ C:\WINDOWS\system32\CoreMas.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000264704 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000262432 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000255264 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000217088 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000205600 _____ (Microsemi Corportation) C:\WINDOWS\system32\Drivers\SmartSAMD.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000204074 _____ C:\WINDOWS\SysWOW64\winrm.vbs 2022-04-03 06:55 - 2022-04-03 06:55 - 000204074 _____ C:\WINDOWS\system32\winrm.vbs 2022-04-03 06:55 - 2022-04-03 06:55 - 000196642 _____ C:\WINDOWS\system32\C_950.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000196642 _____ C:\WINDOWS\system32\C_949.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000196642 _____ C:\WINDOWS\system32\C_936.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000189986 _____ C:\WINDOWS\system32\C_1361.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000187938 _____ C:\WINDOWS\system32\C_20005.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000186402 _____ C:\WINDOWS\system32\C_20001.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000185378 _____ C:\WINDOWS\system32\C_20003.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000182048 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\ItSas35i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000180770 _____ C:\WINDOWS\system32\C_20932.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000180258 _____ C:\WINDOWS\system32\C_20004.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000180258 _____ C:\WINDOWS\system32\C_20000.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000177698 _____ C:\WINDOWS\system32\C_20949.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000177664 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_GLK.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000177152 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_CNL.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000175104 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_BXT_P.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000173602 _____ C:\WINDOWS\system32\C_20936.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000173602 _____ C:\WINDOWS\system32\C_20002.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000171520 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000167640 _____ C:\WINDOWS\SysWOW64\chs_singlechar_pinyin.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000167640 _____ C:\WINDOWS\system32\chs_singlechar_pinyin.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000162850 _____ C:\WINDOWS\system32\C_932.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000162592 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000162080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000151552 _____ C:\WINDOWS\system32\CodeIntegrityAggregator.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000149056 _____ C:\WINDOWS\system32\LargeRoom.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000147456 _____ C:\WINDOWS\system32\MediaFoundationAggregator.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000146208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000145622 _____ C:\WINDOWS\SysWOW64\devmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000145622 _____ C:\WINDOWS\system32\devmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000145059 _____ C:\WINDOWS\SysWOW64\taskschd.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000145059 _____ C:\WINDOWS\system32\taskschd.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144998 _____ C:\WINDOWS\SysWOW64\lusrmgr.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144998 _____ C:\WINDOWS\system32\lusrmgr.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144909 _____ C:\WINDOWS\SysWOW64\fsmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144909 _____ C:\WINDOWS\system32\fsmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144862 _____ C:\WINDOWS\SysWOW64\tpm.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144862 _____ C:\WINDOWS\system32\tpm.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000144673 _____ C:\WINDOWS\system32\WmiMgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000142904 _____ C:\WINDOWS\SysWOW64\slmgr.vbs 2022-04-03 06:55 - 2022-04-03 06:55 - 000142904 _____ C:\WINDOWS\system32\slmgr.vbs 2022-04-03 06:55 - 2022-04-03 06:55 - 000142112 _____ (Mellanox) C:\WINDOWS\system32\Drivers\ndfltr.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000140064 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4dx64.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000139810 _____ C:\WINDOWS\system32\C_20261.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000138092 _____ C:\WINDOWS\system32\AverageRoom.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000133408 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\lsi_sas3i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000127776 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000124118 _____ C:\WINDOWS\SysWOW64\comexp.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000124118 _____ C:\WINDOWS\system32\comexp.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000120096 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000115109 _____ C:\WINDOWS\SysWOW64\WF.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000115109 _____ C:\WINDOWS\system32\WF.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000114688 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000114688 _____ C:\WINDOWS\system32\ThreatResponseEngine.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000113256 _____ C:\WINDOWS\system32\compmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000113152 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000112128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_CNL.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000110036 _____ C:\WINDOWS\system32\MediumRoom.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000108320 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleSSD.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000104736 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000103200 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000098304 _____ C:\WINDOWS\system32\CompatAggregator.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000096256 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_GLK.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000096032 _____ (Broadcom Inc) C:\WINDOWS\system32\Drivers\megasas35i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000095408 _____ C:\WINDOWS\system32\wow64con.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000094208 _____ C:\WINDOWS\system32\Drivers\RoutePolicy.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000093184 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_BXT_P.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000091136 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\iai2c.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000090704 _____ C:\WINDOWS\system32\gatherNetworkInfo.vbs 2022-04-03 06:55 - 2022-04-03 06:55 - 000090112 _____ C:\WINDOWS\system32\Windows.Internal.WaaSMedicDocked.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000090112 _____ C:\WINDOWS\system32\BWContextHandler.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000089761 _____ C:\WINDOWS\system32\DiskSnapshot.conf 2022-04-03 06:55 - 2022-04-03 06:55 - 000085280 _____ (Broadcom Limited) C:\WINDOWS\system32\Drivers\mpi3drvi.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000081920 ____R (Realtek) C:\WINDOWS\system32\Drivers\rteth.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000081870 _____ C:\WINDOWS\system32\normidna.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000079360 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000079348 _____ C:\WINDOWS\system32\normnfkc.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000079136 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000077600 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000076576 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000073728 _____ C:\WINDOWS\system32\PrintNotification.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000073114 _____ C:\WINDOWS\system32\normnfkd.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000072704 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000069788 _____ C:\WINDOWS\system32\SmallRoom.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000069632 _____ C:\WINDOWS\system32\pospaymentsworker.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp 2022-04-03 06:55 - 2022-04-03 06:55 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000068896 _____ (Mellanox) C:\WINDOWS\system32\Drivers\winverbs.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_874.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_869.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_866.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_865.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_864.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_863.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_862.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_861.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_860.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_858.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_857.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_855.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_852.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_850.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_775.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_737.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_720.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066594 _____ C:\WINDOWS\system32\C_437.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_708.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28605.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\c_28603.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28599.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28598.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28597.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28596.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28595.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28594.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28593.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28592.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_28591.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_21866.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_20866.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_20127.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1258.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1257.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1256.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1255.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1254.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1253.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1252.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1251.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000066082 _____ C:\WINDOWS\system32\C_1250.NLS 2022-04-03 06:55 - 2022-04-03 06:55 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\format.com 2022-04-03 06:55 - 2022-04-03 06:55 - 000064288 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\percsas3i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000062328 _____ (Microsoft Corporation) C:\WINDOWS\system32\msgsm32.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr 2022-04-03 06:55 - 2022-04-03 06:55 - 000060192 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000060124 _____ C:\WINDOWS\system32\tcpmon.ini 2022-04-03 06:55 - 2022-04-03 06:55 - 000059680 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000058192 _____ (Microsoft Corporation) C:\WINDOWS\system32\imaadp32.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000057632 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000057344 _____ C:\WINDOWS\system32\deploymentcsphelper.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000057136 _____ C:\WINDOWS\system32\normnfc.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000054560 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\percsas2i.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000054064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msadp32.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000053536 _____ C:\WINDOWS\system32\esimtool.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-04-03 06:55 - 2022-04-03 06:55 - 000050442 _____ C:\WINDOWS\system32\normnfd.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000049952 _____ C:\WINDOWS\system32\SFAPE.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000049152 _____ C:\WINDOWS\system32\SecureBootEncodeUEFI.exe 2022-04-03 06:55 - 2022-04-03 06:55 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\more.com 2022-04-03 06:55 - 2022-04-03 06:55 - 000047682 _____ C:\WINDOWS\SysWOW64\diskmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000047682 _____ C:\WINDOWS\system32\diskmgmt.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000046645 _____ C:\WINDOWS\SysWOW64\ctac.json 2022-04-03 06:55 - 2022-04-03 06:55 - 000046645 _____ C:\WINDOWS\system32\ctac.json 2022-04-03 06:55 - 2022-04-03 06:55 - 000045800 _____ C:\WINDOWS\system32\camext.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000045800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg711.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000045568 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdi2c.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000043131 _____ C:\WINDOWS\mib.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000041688 _____ C:\WINDOWS\system32\wow64base.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cero.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-04-03 06:55 - 2022-04-03 06:55 - 000040784 _____ C:\WINDOWS\system32\OutdoorAudioEnvironment.bin 2022-04-03 06:55 - 2022-04-03 06:55 - 000040736 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000040448 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000040224 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\pvscsii.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp 2022-04-03 06:55 - 2022-04-03 06:55 - 000038400 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000037888 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000036864 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\usk.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000036864 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-04-03 06:55 - 2022-04-03 06:55 - 000036352 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\iagpio.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msgsm32.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000033424 _____ C:\WINDOWS\system32\tprtdll.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000033280 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr 2022-04-03 06:55 - 2022-04-03 06:55 - 000032768 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000032032 _____ (Mellanox) C:\WINDOWS\system32\Drivers\winmad.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000031252 _____ C:\WINDOWS\system32\NarratorControlTemplates.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000030208 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000029184 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imaadp32.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime 2022-04-03 06:55 - 2022-04-03 06:55 - 000028672 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4vfx.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000028392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msadp32.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000027648 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000026912 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000024576 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000022816 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000021656 _____ C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000021152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msg711.acm 2022-04-03 06:55 - 2022-04-03 06:55 - 000020268 _____ C:\WINDOWS\system32\DeliveryOptimizationMIProv.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000017920 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000017528 _____ C:\WINDOWS\SysWOW64\camext.dll 2022-04-03 06:55 - 2022-04-03 06:55 - 000016384 _____ C:\WINDOWS\SysWOW64\BrokerFileDialog.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000016384 _____ C:\WINDOWS\system32\BrokerFileDialog.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000014843 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-04-03 06:55 - 2022-04-03 06:55 - 000014336 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000013824 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000013091 _____ C:\WINDOWS\system32\DevModeRunAsUserConfig.msc 2022-04-03 06:55 - 2022-04-03 06:55 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt 2022-04-03 06:55 - 2022-04-03 06:55 - 000010429 _____ C:\WINDOWS\system32\ScavengeSpace.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000009926 _____ C:\WINDOWS\SysWOW64\l_intl.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000009926 _____ C:\WINDOWS\system32\l_intl.nls 2022-04-03 06:55 - 2022-04-03 06:55 - 000009728 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys 2022-04-03 06:55 - 2022-04-03 06:55 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfime.ime 2022-04-03 06:55 - 2022-04-03 06:55 - 000008192 _____ C:\WINDOWS\system32\settings.dat 2022-04-03 06:55 - 2022-04-03 06:55 - 000004675 _____ C:\WINDOWS\SysWOW64\wsmanconfig_schema.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000004675 _____ C:\WINDOWS\system32\wsmanconfig_schema.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs 2022-04-03 06:55 - 2022-04-03 06:55 - 000004148 _____ C:\WINDOWS\system32\psmodulediscoveryprovider.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000003944 _____ C:\WINDOWS\system32\DetailedReading-Default.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000003789 _____ C:\WINDOWS\system32\WwanFeatureTests.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000003666 _____ C:\WINDOWS\SysWOW64\sysprtj.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000003666 _____ C:\WINDOWS\system32\sysprtj.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000003317 _____ C:\WINDOWS\SysWOW64\sysprint.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000003317 _____ C:\WINDOWS\system32\sysprint.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000002426 _____ C:\WINDOWS\SysWOW64\WsmTxt.xsl 2022-04-03 06:55 - 2022-04-03 06:55 - 000002426 _____ C:\WINDOWS\system32\WsmTxt.xsl 2022-04-03 06:55 - 2022-04-03 06:55 - 000002404 _____ C:\WINDOWS\SysWOW64\WimBootCompress.ini 2022-04-03 06:55 - 2022-04-03 06:55 - 000002404 _____ C:\WINDOWS\system32\WimBootCompress.ini 2022-04-03 06:55 - 2022-04-03 06:55 - 000002044 _____ C:\WINDOWS\system32\DeliveryOptimizationMIProvUninstall.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h 2022-04-03 06:55 - 2022-04-03 06:55 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h 2022-04-03 06:55 - 2022-04-03 06:55 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt 2022-04-03 06:55 - 2022-04-03 06:55 - 000001673 _____ C:\WINDOWS\SysWOW64\tcpbidi.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000001673 _____ C:\WINDOWS\system32\tcpbidi.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000001559 _____ C:\WINDOWS\SysWOW64\WsmPty.xsl 2022-04-03 06:55 - 2022-04-03 06:55 - 000001559 _____ C:\WINDOWS\system32\WsmPty.xsl 2022-04-03 06:55 - 2022-04-03 06:55 - 000001369 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2022-04-03 06:55 - 2022-04-03 06:55 - 000001281 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2022-04-03 06:55 - 2022-04-03 06:55 - 000000724 _____ C:\WINDOWS\system32\wpr.config.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000000714 _____ C:\WINDOWS\SysWOW64\RestartManager.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000000714 _____ C:\WINDOWS\system32\RestartManager.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest 2022-04-03 06:55 - 2022-04-03 06:55 - 000000646 _____ C:\WINDOWS\SysWOW64\Drivers\gmreadme.txt 2022-04-03 06:55 - 2022-04-03 06:55 - 000000646 _____ C:\WINDOWS\system32\Drivers\gmreadme.txt 2022-04-03 06:55 - 2022-04-03 06:55 - 000000614 _____ C:\WINDOWS\system32\WdsUnattendTemplate.xml 2022-04-03 06:55 - 2022-04-03 06:55 - 000000407 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2022-04-03 06:55 - 2022-04-03 06:55 - 000000176 _____ C:\WINDOWS\SysWOW64\RestartManagerUninstall.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000000176 _____ C:\WINDOWS\system32\RestartManagerUninstall.mof 2022-04-03 06:55 - 2022-04-03 06:55 - 000000150 _____ C:\WINDOWS\SysWOW64\pcl.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000000150 _____ C:\WINDOWS\system32\pcl.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000000051 _____ C:\WINDOWS\SysWOW64\pscript.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000000051 _____ C:\WINDOWS\system32\pscript.sep 2022-04-03 06:55 - 2022-04-03 06:55 - 000000033 _____ C:\WINDOWS\SysWOW64\winrm.cmd 2022-04-03 06:55 - 2022-04-03 06:55 - 000000033 _____ C:\WINDOWS\system32\winrm.cmd 2022-04-03 06:54 - 2022-04-03 06:54 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-04-03 06:53 - 2022-04-09 22:06 - 083886080 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-04-03 06:53 - 2022-04-09 22:06 - 016252928 _____ C:\WINDOWS\system32\config\SYSTEM 2022-04-03 06:53 - 2022-04-09 22:06 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT 2022-04-03 06:53 - 2022-04-09 22:06 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2022-04-03 06:53 - 2022-04-09 22:06 - 000131072 _____ C:\WINDOWS\system32\config\SAM 2022-04-03 06:53 - 2022-04-09 22:06 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY 2022-04-03 06:53 - 2022-04-09 21:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-04-03 06:53 - 2022-04-09 18:55 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-04-03 06:53 - 2022-04-09 18:51 - 000000000 ____D C:\WINDOWS\servicing 2022-04-03 06:53 - 2022-04-03 07:13 - 000000000 ____D C:\WINDOWS\system32\SMI 2022-03-30 13:43 - 2022-03-30 13:43 - 000000000 ___HD C:\$WinREAgent 2022-03-21 18:54 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2022-03-21 18:53 - 2022-03-21 18:53 - 000000000 ___HD C:\$AV_ASW 2022-03-21 18:51 - 2022-03-24 00:46 - 000000000 ____D C:\ProgramData\Avast Software 2022-03-21 18:51 - 2022-03-21 18:51 - 000259872 _____ (AVAST Software) C:\Users\Stasiu\Downloads\avast_free_antivirus_setup_online.exe 2022-03-21 18:48 - 2022-03-21 18:50 - 000000000 ____D C:\ProgramData\HitmanPro 2022-03-21 18:41 - 2022-03-21 18:41 - 000000000 ____D C:\Users\Stasiu\AppData\Local\mbam 2022-03-21 11:19 - 2022-03-24 00:46 - 1740203919 _____ C:\WINDOWS\MEMORY.DMP 2022-03-20 19:04 - 2022-03-14 15:03 - 001906536 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-03-20 19:04 - 2022-03-14 15:03 - 001906536 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-03-20 19:04 - 2022-03-14 15:03 - 001479016 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-03-20 19:04 - 2022-03-14 15:03 - 001479016 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-03-20 19:04 - 2022-03-14 15:03 - 001470664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2022-03-20 19:04 - 2022-03-14 15:03 - 001432952 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-03-20 19:04 - 2022-03-14 15:03 - 001432952 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-03-20 19:04 - 2022-03-14 15:03 - 001213920 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2022-03-20 19:04 - 2022-03-14 15:03 - 001146216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-03-20 19:04 - 2022-03-14 15:03 - 001146216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-03-20 19:04 - 2022-03-14 15:00 - 000866296 _____ C:\WINDOWS\system32\nvofapi64.dll 2022-03-20 19:04 - 2022-03-14 15:00 - 000688120 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2022-03-20 19:04 - 2022-03-14 14:59 - 002125488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2022-03-20 19:04 - 2022-03-14 14:59 - 001533104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2022-03-20 19:04 - 2022-03-14 14:59 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2022-03-20 19:04 - 2022-03-14 14:59 - 000762872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2022-03-20 19:04 - 2022-03-14 14:59 - 000712904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2022-03-20 19:04 - 2022-03-14 14:59 - 000138256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2022-03-20 19:04 - 2022-03-14 14:59 - 000051216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 010268336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 008803808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 005361352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 003067384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 001605296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 001059832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 000845792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2022-03-20 19:04 - 2022-03-14 14:58 - 000289480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2022-03-20 19:04 - 2022-03-14 14:57 - 005730272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2022-03-20 19:04 - 2022-03-14 14:57 - 000851656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2022-03-20 19:04 - 2022-03-14 14:55 - 007449768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2022-03-20 19:04 - 2022-03-14 14:55 - 006331736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2022-03-20 19:04 - 2022-03-11 16:44 - 000092551 _____ C:\WINDOWS\system32\nvinfo.pb 2022-03-20 15:34 - 2022-03-20 15:35 - 000000000 ____D C:\Users\Stasiu\AppData\Local\luminati 2022-03-20 15:04 - 2022-03-20 15:35 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Hola 2022-03-20 15:04 - 2022-03-20 15:04 - 000000000 ____D C:\Program Files\Hola 2022-03-20 14:58 - 2022-03-22 18:13 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\MicrosoftWindowsFirewall 2022-03-20 14:12 - 2022-03-20 14:12 - 000000000 ____D C:\Users\Stasiu\Documents\SkidRow 2022-03-20 14:12 - 2022-03-20 14:12 - 000000000 ____D C:\Users\Stasiu\AppData\LocalLow\SKS 2022-03-19 13:00 - 2022-04-09 21:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2022-03-12 23:25 - 2022-04-09 22:07 - 000002325 _____ C:\Users\Stasiu\Desktop\Porofessor.gg.lnk 2022-03-12 23:25 - 2022-04-09 21:38 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2022-03-12 23:25 - 2022-04-07 18:16 - 000000000 ____D C:\Program Files (x86)\Overwolf 2022-03-12 23:25 - 2022-03-12 23:25 - 000000000 ____D C:\ProgramData\Overwolf 2022-03-07 00:10 - 2022-03-20 15:07 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Postal 2 PL 2022-03-07 00:00 - 2022-03-07 22:23 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2022-03-07 00:00 - 2022-03-07 00:00 - 000000000 ____D C:\Users\Stasiu\AppData\Local\VALORANT 2022-01-17 17:48 - 2022-03-12 13:29 - 000000032 _____ C:\Users\Stasiu\AppData\Roaming\.machineId 2022-01-17 17:46 - 2022-04-09 22:07 - 000000000 ____D C:\Users\Stasiu\AppData\Local\Overwolf ==================== Trzy miesiące (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2022-04-09 22:07 - 2021-10-06 17:27 - 000000000 ____D C:\ProgramData\NVIDIA 2022-04-09 22:07 - 2020-07-30 15:59 - 000012288 ___SH C:\DumpStack.log.tmp 2022-04-09 22:05 - 2020-11-04 20:21 - 000000000 ____D C:\Users\Stasiu\AppData\LocalLow\Temp 2022-04-09 22:04 - 2021-10-06 18:19 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-04-09 21:50 - 2021-10-06 19:14 - 000000000 ____D C:\Users\Stasiu\AppData\Local\D3DSCache 2022-04-09 21:40 - 2021-10-06 17:50 - 000002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-04-09 21:40 - 2020-07-30 16:07 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-04-09 21:39 - 2021-12-18 20:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2022-04-09 21:38 - 2022-01-05 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher 2022-04-09 21:38 - 2021-12-29 17:11 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2022-04-09 21:38 - 2021-11-18 15:48 - 000000000 ____D C:\WINDOWS\system32\DTS 2022-04-09 21:38 - 2021-10-28 20:19 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2022-04-09 21:38 - 2021-10-09 14:22 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2022-04-09 21:38 - 2021-10-06 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2022-04-09 21:38 - 2021-10-06 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2 2022-04-09 21:38 - 2021-10-06 18:19 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2022-04-09 21:38 - 2021-10-06 18:19 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2022-04-09 21:38 - 2021-10-06 18:19 - 000000000 ____D C:\WINDOWS\system32\Macromed 2022-04-09 21:38 - 2021-10-05 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2022-04-09 21:38 - 2021-09-30 16:44 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2022-04-09 21:38 - 2021-03-14 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-04-09 21:38 - 2021-03-14 12:05 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-09 21:38 - 2020-12-25 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DM1 FPS 2022-04-09 21:38 - 2020-07-31 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-04-09 21:38 - 2020-07-31 00:11 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2022-04-09 21:38 - 2020-07-31 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2022-04-09 21:38 - 2020-07-30 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher 2022-04-09 21:38 - 2020-07-30 21:42 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-04-09 21:38 - 2020-07-30 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2022-04-09 20:56 - 2021-10-06 19:40 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\discord 2022-04-09 20:30 - 2021-10-06 19:40 - 000000000 ____D C:\Users\Stasiu\AppData\Local\Discord 2022-04-09 19:00 - 2021-03-17 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility 2022-04-09 19:00 - 2020-07-30 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2022-04-09 19:00 - 2020-07-30 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries 2022-04-09 18:58 - 2021-10-06 17:47 - 000000000 ____D C:\Users\Stasiu\AppData\Local\Packages 2022-04-09 16:52 - 2021-10-06 21:41 - 000000000 ____D C:\ProgramData\Riot Games 2022-04-07 22:34 - 2021-10-06 21:34 - 000000000 ____D C:\Users\Stasiu\AppData\Roaming\.minecraft 2022-04-07 22:20 - 2021-10-06 21:34 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher 2022-04-06 18:33 - 2021-10-06 17:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-03-29 16:58 - 2021-10-06 21:21 - 000000000 ____D C:\Users\Stasiu\AppData\Local\CrashDumps 2022-03-24 19:21 - 2021-10-06 20:42 - 000000000 ____D C:\Program Files (x86)\Steam 2022-03-12 01:39 - 2021-10-06 22:52 - 000000000 ____D C:\Users\Stasiu\AppData\Local\ElevatedDiagnostics 2022-03-11 18:13 - 2021-10-06 17:47 - 000000000 ____D C:\ProgramData\Packages ==================== Pliki w katalogu głównym wybranych folderów ======== 2022-01-17 17:48 - 2022-03-12 13:29 - 000000032 _____ () C:\Users\Stasiu\AppData\Roaming\.machineId 2022-01-07 16:30 - 2022-01-07 16:30 - 000007379 _____ () C:\Users\Stasiu\AppData\Roaming\VoiceMeeterDefault.xml ==================== SigCheckExt ========================= 2022-04-09 21:57 - 2022-04-09 21:57 - 002365440 _____ (Farbar) C:\Users\Stasiu\Downloads\FRST64.exe ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {abdf1e97-d274-11ea-aab8-85e6c26c33c3} timeout 1 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale pl-PL inherit {globalsettings} flightsigning Yes default {current} resumeobject {bd56ea12-6057-11ec-98dc-985d02afab46} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {abdf1e97-d274-11ea-aab8-85e6c26c33c3} description Hard Drive Windows Setup ------------- identifier {7254a080-1510-4e85-ac0f-e7fb3d444736} device ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{bd56ea14-6057-11ec-98dc-985d02afab46} bootstatdevice partition=C: custom:11000083 partition=C: path \windows\system32\winload.efi description Windows Rollback locale pl-PL bootstatfilepath \$WINDOWS.~BT\Sources\SafeOS\bootstat.dat inherit {bootloadersettings} restartonfailure No osdevice ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{bd56ea14-6057-11ec-98dc-985d02afab46} custom:21000152 partition=C: systemroot \windows nx OptIn bootmenupolicy Standard bootstatuspolicy AlwaysDisplayStartupFailures winpe Yes Windows Boot Loader ------------------- identifier {bd56e9fc-6057-11ec-98dc-985d02afab46} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{bd56e9fd-6057-11ec-98dc-985d02afab46} path \windows\system32\winload.efi description Windows Recovery Environment locale pl-PL inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{bd56e9fd-6057-11ec-98dc-985d02afab46} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {bd56ea10-6057-11ec-98dc-985d02afab46} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{bd56ea11-6057-11ec-98dc-985d02afab46} path \windows\system32\winload.efi description Windows Recovery Environment locale pl-PL inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{bd56ea11-6057-11ec-98dc-985d02afab46} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale pl-PL inherit {bootloadersettings} recoverysequence {bd56ea15-6057-11ec-98dc-985d02afab46} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes flightsigning Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {bd56ea12-6057-11ec-98dc-985d02afab46} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {bd56ea15-6057-11ec-98dc-985d02afab46} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{bd56ea16-6057-11ec-98dc-985d02afab46} path \windows\system32\winload.efi description Windows Recovery Environment locale pl-PL inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{bd56ea16-6057-11ec-98dc-985d02afab46} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {bd56ea0d-6057-11ec-98dc-985d02afab46} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale pl-PL inherit {resumeloadersettings} recoverysequence {bd56ea10-6057-11ec-98dc-985d02afab46} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Resume from Hibernate --------------------- identifier {bd56ea12-6057-11ec-98dc-985d02afab46} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale pl-PL inherit {resumeloadersettings} recoverysequence {bd56ea15-6057-11ec-98dc-985d02afab46} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostyka pami©ci systemu Windows locale pl-PL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {bd56ea11-6057-11ec-98dc-985d02afab46} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi Device options -------------- identifier {bd56ea14-6057-11ec-98dc-985d02afab46} description Windows Setup ramdisksdidevice partition=C: ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi Device options -------------- identifier {bd56ea16-6057-11ec-98dc-985d02afab46} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Koniec FRST.txt ========================