سلام ، اینترنت من بسیار کند است.
گمان می کنم من آلوده هستم.
من FRST را اجرا می کنم
این انتخاب می کنم:
نتیجه اسکن ابزار اسکن بازیابی Farbar (FRST) (x64) نسخه: 19-04-2020
Ran by Monster (مدیر ) در FRED-021 (19-04-2020 20:44:02)
در حال اجرا از C: کاربران هیولا بارگیری
پروفایل های بارگیری شده: Monster (پروفایل های موجود: Monster)
بستر های نرم افزاری: ویندوز 10 نسخه حرفه ای 1903 18362.778 (X64) زبان: Anglais (États-Unis)
مرورگر پیش فرض: Chrome
حالت راه انداز: عادی
=============== ====== فرآیندهای (لیست سفید) =================
(اگر یک ورودی در لیست ثابت موجود باشد ، روند بسته می شود. منتقل نمی شود.)
(Adobe Inc. -> Adobe Systems) C: Files Program (x86) Files مشترک Adobe ARM 1.0 armsvc.exe
(دستگاه های پیشرفته ریز ، شرکت -> Advanced Micro Devices، Inc.) C: File Files AMD CNext CNext amdow.exe
(Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc.) C: P پرونده های rogram AMD CNext CNext AMDRSServ.exe
(Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc.) C: File files AMD CNext CNext RadeonSettings.exe
( Advanced Micro Devices، Inc. -> AMD) C: Windows System32 DriverStore FileRepository c0346830.inf_amd64_f723e13ffb3b2652 B345901 atieclxx.exe
(Advanced Micro Devices، Inc. -> AMD) C: Windows System32 DriverStore FileRepository c0346830.inf_amd64_f723e13ffb3b2652 B345901 atiesrxx.exe
(Google LLC ->) C: File Files Google Drive googledrivesync.exe <2>
C: File Files (x86) Google Chrome Application chrome.exe <19>
(Google LLC -> Google LLC) C: Files Program (x86) Google Update 1.3.35.452 GoogleCrashHandler .exe
(Google LLC -> Google LLC) C: Files Program (x86) Google Update 1.3.35.452 GoogleCrashHandler64.exe
(London Trust Media Incorporated ->) C: File Files دسترسی به اینترنت خصوصی pia-service.exe
(میکروسو ft Corporation -> Microsoft Corporation) C: File Files Files Common microsoft shared ClickToRun OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C: Windows System32 WirelessKB850NotificationService.exe
(Microsoft شرکت) C: برنامه های پرونده WindowsApps Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe Calculator.exe
(Microsoft Corporation) C: Files Programs WindowsApps Microsoft.WindowsStore_12004.1001.1.0_x64__8eb 19659002] (Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe
(Microsoft Windows ناشر -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2003.8-0 MsMpEng.exe
(انتشار دهنده Microsoft Windows -> Microsoft Corporation) C: ProgramData Microsoft Windows Defender Platform 4.18.2003.8-0 NisSrv.exe
(Realtek Semicon ductor Corp. -> نیمه هادی Realtek) C: File Files Realtek Audio HDA RtkNGUI64.exe
(Valve -> Valve Corporation) C: Files Program (x86) Files Common Steam SteamService.exe
(Valve -> Valve Corporation) C: Files Program (x86) Steam bin cef cef.win7x64 steamwebhelper.exe <7>
(Valve -> Valve Corporation) C: File Files (x86) Steam steam.exe
====================== رجیستری (لیست سفید) =========== ========
(در صورتی که یک مطلب در لیست فیش موجود باشد ، پرونده رجیستری به صورت پیش فرض باز می شود یا حذف می شود. پرونده منتقل نمی شود.)
HKLM … Run: [RTHDVCPL] => C: File Programs Realtek Audio HDA RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> نیمه هادی Realtek)
HKLM … Run: [Logitech Download Assistant] => C: Windows System32 LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech، Inc)
HKU S- 1-5-21-1396098433-1597704532-639750325-1002 … Run: [GoogleDriveSync] => C: Files Programs Google Drive googledrivesync.exe [48214752 2020-04-06] (Google LLC ->)
HKU S-1-5-21-1396098433-1597704532-639750325-1002 … Run: [Steam] => C: Files Programs (x86) Steam steam.exe [3371296 2020-04-03] (دریچه -> شرکت دریچه)
HKU S-1-5-21-1396098433-1597704532-639750325-1002 … MountPoints2: {22705165-272b-11ea-af0a-2cfda1705a70} – "F: HiSuiteDownLoader.exe"
HKU S-1-5-21-1396098433-1597704532-639750325-1002 Control Panel Desktop \ SCRNSAVE.EXE -> C: WINDOWS system32 Mystify.scr [152576 2019-03-19] (Microsoft Windows -> شرکت مایکروسافت)
HKLM نرم افزار مایکروسافت تنظیمات فعال p اجزای نصب شده: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C: Files Program (x86) Google Chrome Application 80.0.3987.163 Installer chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
[19659002] ====================== وظایف برنامه ریزی شده (لیست سفید) =============
(در صورت ورود در لیست حذف ، از رجیستری حذف می شود. پرونده منتقل نمی شود مگر اینکه به طور جداگانه ذکر شده باشد.)
کار: {08A0A50E-B401-4623-9264-BC98B2E1093B – System32 Tasks GoogleUpdateTaskMachineCore => C: File Files (x86) Google Update GoogleUpdate.exe [153168 2018-08-28] (Google Inc -> Google Inc.)
وظیفه: {0B620FAB-FAC2-4B33-9691-A0ED8A59232D} – System32 Tasks StartDVR => C: Files Programme AMD CNext CNext RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc)
وظیفه: {4BE20F8A-762C-4363-BF9F-A85553A81449} – System32 وظایف مایکروسافت دفتر دفتر ClickToRun Service Monitor => C: File Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [24702832 2020-04-10] (شرکت مایکروسافت -> شرکت مایکروسافت)
کار: {5CC022AC-88F6-4B58-A426-D55B4E32344 System32 وظایف Microsoft Windows Windows Defender Windows Defender Verification => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده Microsoft Windows -> Microsoft Co rporation)
Task: {8698BA4E-9513-455F-AB72-872B3BF72B62} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Scheduled Scan => C: ProgramData Microsoft Windows Defender platform 4.18. 2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده Microsoft Windows -> Microsoft Corporation)
کار: {97CEC45E-100A-4F66-9D7C-F162333103E2} – System32 Tasks KMS_VL_ALL => C: Windows scasas اسکریپت ها KMS_VL_ALL.cmd
کار: {9A2A2AA4-B9FF-427E-8745-AA0801AC228F – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cache Maintenance => C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده Microsoft Windows -> Microsoft Corporation)
کار: {B05A1518-8DC2-47B6-976B-7B940259EA94 – System32 Tasks Adobe Acrobat Update Task => : File Files (x86) Files Common Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
وظیفه: {B17E25F8-CDF0-43A4-8C62-119EBE48C550} – System32 وظایف مایکروسافت fice Office Automatic Updates 2.0 => C: File Files Files Common Microsoft Shared ClickToRun OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
وظیفه: {B2A803A4-7C5B-44F1-B02B- 8FAA794A24BB} – System32 Tasks GoogleUpdateTaskMachineUA => C: Files Program (x86) Google Update GoogleUpdate.exe [153168 2018-08-28] (Google Inc -> Google Inc.)
کار: {D9E2569D-A080-60 B83A-C9667D1B4F84 – System32 وظایف Microsoft Office Office به روزرسانی ویژه ورود به سیستم => C: فایلهای برنامه Microsoft Office root Office16 sdxhelper.exe [158568 2020-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task : {E95DE86F-BB5E-4885-90D5-7D8237BD8218} – System32 Tasks StartCN => C: File Files AMD CNext CNext CNext cncmd.exe [61112 2019-08-16] (Advanced Micro Devices، Inc. -> Advanced Micro Devices ، شرکت.)
کار: {F00F3A83-04EF-443F-9924-D2A0ACC66633} – System32 Tasks Microsoft Office Office Updates Feature => C: File Files Microsoft Office root Office16 sdxhelper.exe [158568 2020-04-18] (میک rosoft Corporation -> Microsoft Corporation)
وظیفه: {F2EB9A88-2DA8-4F4F-ABE2-21AF15F03D2F – System32 Tasks Microsoft Windows Windows Defender Windows Defender Clean = = C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MpCmdRun.exe [480272 2020-03-25] (انتشار دهنده ویندوز مایکروسافت -> شرکت مایکروسافت)
(اگر یک ورودی در لیست ثابت گنجانده شده باشد ، پرونده وظیفه (.job) منتقل می شود. پرونده ای که توسط کار اجرا می شود منتقل نمی شود.)
====================== اینترنت (لیست سفید) === ==================
(اگر یک مورد در لیست ثابت موجود است ، اگر یک مورد از رجیستری باشد ، حذف می شود یا به صورت پیش فرض بازیابی می شود.) [19659002]
Tcpip Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip .. Interfaces {3a6e5735-f878-467c-a483-f67c7ca128b9}: 2020 19659002] Tcpip .. Interfaces {a386f9d6-6a66-471b-9ba7-787a6e50ef0b b: [DhcpNameServer] 192.168.2.1 207.164.234.193
Internet Explorer:
Internet Explorer:
Internet Explorer:
==========
HKU S-1-5-21-1396098433-1597704532-639750325-1002 نرم افزار مایکروسافت اینترنت اکسپلورر اصلی ، صفحه شروع = hxxp: //www.bing .com /؟ pc = COS2 & ptag = D072018-A915F698E57 & form = CONMHP & conlogo = CT3335818
SearchScopes: HKU S-1-5-21-1396098433-1597704532-639750325-1002 -> DefaultScop } URL = hxxp: //www.bing.co m / search؟ pc = COSP & ptag = D072018-A915F698E57 & form = CONBDF & conlogo = CT3335818 & q = {searchTerms}
SearchScopes: HKU S-1-5-21-1396098433-1597704532-639750-4332E325-6397505-63975032 A0FF-E1416B8B2E3A} URL = hxxp: //www.bing.com/search؟ pc = COSP & ptag = D072018-A915F698E57 & form = CONBDF & conlogo = CT3335818 & q = {جستجو شرایط 12F5-4CCE-BE8A-2923E76605DA} -> C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso -minsb-roaming.16 – C 83C25742-A9F7-49FB-9138-434302C88D07} – C: Files Programs Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler -x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C: Files Programs Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] ( شرکت مایکروسافت -> شرکت مایکروسافت rporation)
Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB} – C: Files Programs Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft شرکت)
Handler-x32: mso-minsb.16 – 20 42089D2D-912D-4018-9087-2B87803E93FB} – C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – 20 42089D2D-912D-4018-9087-2B87803E93FB} – C: Files Programs Microsoft Office root Office16 MSOSB.DLL [2020-04-08] (شرکت مایکروسافت -> شرکت مایکروسافت)
Handler-x32: osf-roaming.16 – 20 42089D2D-912D-4018-9087-2B87803E93FB} – C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A} – C: File Files root Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A} – C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: ld1eiud6.default
FF ProfilePath: ج: کاربران هیولا AppData رومینگ موزیلا Firefox پروفایل ld1eiud6.default [2020-04-03]
FF NewTab: Mozilla Firefox پروفایل های ld1eiud6.default -> hxxp: //www.bing.com/ ؟ pc = COS2 & ptag = D072018-N0600A915F698E57 & form = CONMHP & conlogo = CT3335818
پسوند FF: (فرهنگ لغت املائی فرانسه) – C: کاربران هیولا AppData رومینگ موزیلا Firefox پروفایل ld1 @ dictionary.addons.mozilla.org.xpi [2019-09-25]
FF Extension: (بسته زبان Français) – C: کاربران هیولا AppData رومینگ موزیلا Firefox پروفایل ld1eiud6.default پسوند langpack- [email protected] a.org.xpi [2019-11-03]
FF Extension: (FOE Sniffer) – C: کاربران هیولا AppData رومینگ موزیلا Firefox پروفایل ld1eiud6.default پسوند {f2ae370f-95b4-4cd8-b417 -dab5e3bd7148 .xpi [2019-09-25]
FF Plugin: @ microsoft.com / SharePoint، version = 14.0 -> C: File Files Microsoft Office root Office16 NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / SharePoint، version = 14.0 -> C: File Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 NPSPWRAP.DLL [2020-01-10] Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C: Files Program (x86) Adobe Acrobat Reader DC Reader AIR nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
مشخصات CHR: C: کاربران Monster AppData محلی Google Chrome داده های کاربر پیش فرض [2020-04-19]
اطلاعیه های CHR: پیش فرض -> hxxps: //www.adawa re.com؛ hxxps: //www.facebook.com؛ hxxps: //www.leafly.com
CHR صفحه اصلی: پیش فرض -> hxxp: //www.rds.ca/
CHR StartupUrls: Default -> "hxxp: //www.rds.ca/" [19659002] پسوند CHR: (اسلایدها) – C: کاربران هیولا AppData محلی Google Chrome داده های کاربر پیش فرض برنامه های افزودنی aapocclcgogkmnckokdopfmhonfmgoek [2018-07-19]
CHR پسوند: (اسناد) – C: کاربران Monster AppData Local Google Chrome داده های کاربر پیش فرض برنامه های افزودنی aohghmighlieiainnegkcijnfilokake [2018-07-19]
CHR پسوند: (Google Drive) – C: کاربران Monster AppData محلی Google Chrome داده های کاربر پیش فرض برنامه های افزودنی apdfllckaahabafndbhieahigkjlhalf [2018-07-19]
CHR Extension: (FoE – Assistant) – C: Users Monster / AppData Local Google Chrome داده های کاربری پیش فرض الحاقی bkagcmloachflbbkkfpf9 برنامه افزودنی: (YouTube) – C: کاربران Monster AppData Local Google Chrome داده های کاربر پیش فرض برنامه های افزودنی blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-19]
پسوند CHR: (برگه) – C: کاربران هیولا AppData محلی Google Chrome کاربر Da ta پیش فرض برنامه های افزودنی felcaaldnbdncclmgdcncolpebgiejap [2018-07-19]
CHR Extension: (Office Office pour Docs، Sheets and Slides) – C: Users Monster AppData Local Google Chrome داده های کاربر Default extensions gbjjg [2020-03-05]
CHR Extension: (پیوند اسب اسناد گوگل) – C: کاربران هیولا AppData محلی گوگل کروم داده های کاربر پیش فرض برنامه های افزودنی ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-06]
CHR پسوند: – le meilleur bloqueur de pubs) – C: کاربران هیولا AppData محلی Google Chrome داده های کاربر پیش فرض برنامه های افزودنی gighmmpiobklfepjocnamgkkbbllomom [2020-04-14] Monster / AppData Local Google Chrome داده های کاربر پیش فرض پسوند jplnlifepflhkbkgonidnobkakhmpnmh [2019-05-20]
CHR Extension: (پرتاب برنامه برای Drive (توسط Google)) – C: کاربران Monster AppData محلی Google Chrome داده های کاربری پیش فرض برنامه های افزودنی lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-28]
CHR Extensi on: (Paiements via le Web Store Chrome) – C: کاربران Monster AppData محلی Google Chrome داده های کاربر پیش فرض برنامه های افزودنی nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
پسوند CHR: (Gmail) – C: کاربران هیولا AppData محلی Google Chrome داده های کاربر پیش فرض پسوند pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR پسوند: (Chrome Media Router) – C: کاربران Monster AppData محلی Google Chrome اطلاعات کاربر پیش فرض برنامه های افزودنی pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04]
مشخصات CHR: C: کاربران Monster AppData محلی Google Chrome داده های کاربر پروفایل سیستم [2018-10-09]
CHR HKU S-1- 5-21-1396098433-1597704532-639750325-1002 نرم افزار Google Chrome پسوند … Chrome پسوند: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
============== ======== خدمات (لیست سفید) ====================
(اگر یک ورودی در لیست ثابت گنجانده شده باشد ، حذف می شود از رجیستری پرونده منتقل نمی شود مگر اینکه به طور جداگانه ذکر شود.)
R2 AMD برنامه رویدادهای خارجی. C: WINDOWS System32 DriverStore FileRepository c0346830.inf_amd64_f723e13ffb3b2652 B345901 atiesrxx.exe [508008 2019-09-18] (Advanced Micro Devices، Inc. -> AMD)
R2 ClickToRunSv؛ C: File Files Files Common Microsoft Shared ClickToRun OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
R2 PrivateInternetAccessService؛ C: File Files Access Internet Private pia-service.exe [1041920 2019-07-17] (رسانه اعتماد Trust London – -))
S3 Sense؛ C: File Files Windows Defender Advanced Threat Protection MsSense.exe [5930136 2020-04-15] (انتشارات Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc؛ C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 NisSrv.exe [3294680 2020-03-25] (انتشار دهنده Microsoft Windows -> Microsoft Corporation)
R2 WinDefend؛ C: ProgramData Microsoft Windows Defender platform 4.18.2003.8-0 MsMpEng.exe [103168 2020-03-25] (انتشارات Microsoft Windows -> Microsoft Corporation)
R2 WirelessKB850NotificationService؛ C: WINDOWS system32 WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
====================== رانندگان ( Whitelisted) ===================
(در صورتيكه يك مطلب در فهرست اصلي گنجانده شود ، آن را از رجيستري حذف مي كنيد) منتقل شد مگر اینکه به طور جداگانه ذکر شود.)
S0 amdkmafd؛ C: WINDOWS System32 driver amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc)
R3 amdkmdag؛ C: WINDOWS System32 DriverStore FileRepository c0346830.inf_amd64_f723e13ffb3b2652 B345901 atikmdag.sys [55249512 2019-09-18] (Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc)
am3 C: WINDOWS System32 DriverStore FileRepository c0346830.inf_amd64_f723e13ffb3b2652 B345901 atikmpag.sys [595048 2019-09-18] (Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc.)
Rdd C: WINDOWS System32 driver amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices، Inc. -> Advanced Micro Devices، Inc)
R3 AtiHDAudioService؛ C: WINDOWS system32 driver AtihdWT6.sys [110088 2017-04-26] (ناشر سازگاری سخت افزار سخت افزار مایکروسافت ویندوز -> دستگاه های میکرو پیشرفته)
S3 BthA2dp؛ ج: WINDOWS System32 درایور BthA2dp.sys [231936 2019-09-11] (شرکت مایکروسافت) [File not signed]
R3 rt640x64؛ C: WINDOWS System32 driver rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek)
R3 tap-pia-0901؛ C: WINDOWS System32 driver tap-pia-0901.sys [39432 2019-05-30] (ناشر سازگاری سخت افزار مایکروسافت ویندوز -> پروژه OpenVPN)
R3 tap0901؛ C: WINDOWS System32 driver tap0901.sys [27136 2018-01-30] (OpenVPN Technologies، Inc. -> پروژه OpenVPN)
U5 vwifimp؛ C: Windows System32 Drivers vwifimp.sys [50176 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot؛ C: WINDOWS System32 driver wd WdBoot.sys [45960 2020-03-25] (انتشار سریع ضد ویروس مایکروسافت ویندوز مایکروسافت -> Microsoft Corporation)
R0 WdFilter؛ C: WINDOWS System32 driver wd WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv؛ C: WINDOWS System32 driver wd WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
==================== = NetSvcs (Whitelisted) ===================
(اگر مدخل در لیست فهرست گنجانده شده باشد ، از رجیستری حذف می شود) منتقل نمی شود مگر اینکه به طور جداگانه ذکر شود.)
====================== یک ماه (ایجاد شده) ======= =============
(اگر یک ورودی در لیست ثابت گنجانده شود ، پرونده / پوشه منتقل می شود.)
2020-04-19 20: 44 – 2020-04-19 20:45 – 000019058 _____ C: Users Monster / Downloads FRST.txt
2020-04-19 19:33 – 2020-04-19 19:33 – 002281984 _____ (Farbar ) C: کاربران هیولا بارگیری ها عدم تأیید 631651.crdownload
2020-04-19 16:11 – 2020-04-19 16:11 – 002281984 _____ (Farbar) C: Users Monster Downloads بدون تأیید 266621.crdownload
2020-04-19 16:08 – 2020-04-19 20:44 – 000000000 ____D C: FRST
2020-04-19 16:07 – 20 20-04-19 16:07 – 002281984 _____ (Farbar) C: Users Monster / Downloads FRST64 (1) .exe
2020-04-15 02:39 – 2020-04-15 02:39 – 000321536 _____ (شرکت مایکروسافت) C: WINDOWS system32 wbadmin.exe
2020-04-15 02:39 – 2020-04-15 02:39 – 000179200 _____ (شرکت مایکروسافت) C: WINDOWS system32 Windows.UI.XamlHost.dll
2020-04-15 02:39 – 2020-04-15 02:39 – 000135168 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 Windows.UI.XamlHost.dll [19659002] 2020-04-15 02:38 – 2020-04-15 02:38 – 025444352 _____ (شرکت مایکروسافت) C: WINDOWS system32 Hydrogen.dll
2020-04-15 02:38 – 2020-04 -15 02:38 – 022636544 _____ (شرکت مایکروسافت) C: WINDOWS system32 mshtml.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 019850240 _____ (Microsoft Corporation) C : WINDOWS SysWOW64 edgehtml.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 019812864 _____ (شرکت مایکروسافت) C: WINDOWS system32 HologramWorld.dll
2020 -04-15 02:38 – 2020-04-15 02:38 – 01802 7520 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mshtml.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 014818816 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.UI.Xaml.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 008013824 _____ (Microsoft Corporation) C: WINDOWS system32 mstscax.dll
2020-04 -15 02:38 – 2020-04-15 02:38 – 007756800 _____ (Microsoft Corporation) C: WINDOWS system32 Chakra.dll
2020-04-15 02:38 – 2020-04-15 02: 38 – 007017472 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 mstscax.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 006523048 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.Media.Protection.PlayReady.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 005910016 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Chakra.dll [19659002] 2020-04-15 02:38 – 2020-04-15 02:38 – 004611584 _____ (شرکت مایکروسافت) C: WINDOWS system32 msi.dll
2020-04-15 02:38 – 2020-04 -15 02:38 – 004538880 _____ (میکروسوف t Corporation) C: WINDOWS SysWOW64 wininet.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 004129624 _____ (Microsoft Corporation) C: WINDOWS system32 mfcore.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 003753472 _____ (شرکت مایکروسافت) ج: WINDOWS system32 SettingsHandlers_nt.dll
2020-04-15 02:38 – 2020 -04-15 02:38 – 003742544 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 OneCoreUAPCommonProxyStub.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 003512320 _____ (Microsoft Corporation ) C: WINDOWS SysWOW64 msi.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 002951832 _____ (شرکت مایکروسافت) C: WINDOWS system32 mfmp4srcsnk.dll [19659002] 2020-04-15 02:38 – 2020-04-15 02:38 – 002800640 _____ (مایکروسافت شرکت) C: WINDOWS system32 WinSAT.exe
2020-04-15 02:38 – 2020-04 -15 02:38 – 002800128 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 win32kfull.sys
2020-04-15 02:38 – 2020-04-15 02:38 – 002494744 _____ (Microsoft Corporation) C : WINDOWS system32 msmpeg2vdec.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 002369576 _____ (شرکت مایکروسافت) C: WINDOWS system32 Microsoft.Uev.AppAgent.dll [19659002] 2020-04-15 02:38 – 2020-04-15 02:38 – 002188600 _____ (Microsoft Corporation) C: WINDOWS system32 AppVEntSubsystems64.dll
2020-04-15 02:38 – 2020- 04-15 02:38 – 002180408 _____ (Microsoft Corporation) C: WINDOWS system32 workfolderssvc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001870408 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfmp4srcsnk.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001729024 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 InstallService.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001665216 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 user32.dll
2020-04-15 02:38 – 2020-04- 15 02:38 – 001664896 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 ntdll.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001659408 _____ (Microsoft Corporation) C: W INDOWS SysWOW64 Microsoft.Uev.AppAgent.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001610240 _____ (شرکت مایکروسافت) C: WINDOWS system32 HologramCompositor.dll [19659002] 2020-04-15 02:38 – 2020-04-15 02:38 – 001587712 _____ (شرکت مایکروسافت) ج: WINDOWS SysWOW64 aadtb.dll
2020-04-15 02:38 – 2020-04 -15 02:38 – 001545216 _____ (Microsoft Corporation) C: WINDOWS system32 mstsc.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 001495864 _____ (Microsoft Corporation) C : WINDOWS SysWOW64 AppVEntSubsystems32.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001484384 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 WindowsCodecs.dll
2020 -04-15 02:38 – 2020-04-15 02:38 – 001477112 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 dcomp.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001458688 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 GdiPlus.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001413840 _____ (Microsoft Corporation) C: WINDOWS Sys WOW64 gdi32full.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001397576 _____ (Microsoft Corporation) C: WINDOWS system32 hvix64.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 001386296 _____ (Microsoft Corporation) C: WINDOWS system32 AppVEntSubsystemController.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001368576 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Wpc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001368576 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.UI.Input.Inking.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001310720 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 msjet40.dll
2020 -04-15 02:38 – 2020-04-15 02:38 – 001264640 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mstsc.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 001245184 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 TokenBroker.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001151816 _____ (Microsoft Corporation) C: WINDOWS system32 mfmpeg2s rcsnk.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001081856 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 Windows.Networking.Vpn.dll
2020-04 -15 02:38 – 2020-04-15 02:38 – 001077064 _____ (Microsoft Corporation) C: WINDOWS system32 hvax64.exe
2020-04-15 02:38 – 2020-04-15 02: 38 – 001055376 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 msctf.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001013000 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfmpeg2srcsnk.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001009152 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 wpnapps.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 001008128 _____ (Microsoft Corporation) C: WINDOWS system32 StorSvc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000993280 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 TSWorkspace.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000983040 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 mfmkvsrcsnk.dll
202 0-04-15 02:38 – 2020-04-15 02:38 – 000980832 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 webservice.dll
2020-04-15 02:38 – 2020-04- 15 02:38 – 000912896 _____ (Microsoft Corporation) C: WINDOWS system32 rasmans.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000892416 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 MbaeApiPublic.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000868864 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 windowsperformancerecordercontrol.dll
2020- 04-15 02:38 – 2020-04-15 02:38 – 000865280 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.Security.Authentication.Web.Core.dll
2020-04-15 02: 38 – 2020-04-15 02:38 – 000836608 _____ (Microsoft Corporation) C: WINDOWS system32 jscript.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000835584 _____ (شرکت مایکروسافت) C: WINDOWS system32 WorkfoldersControl.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000785920 _____ (Microsoft Corporation) C: WINDOWS S ysWOW64 kerberos.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000783480 _____ (Microsoft Corporation) C: WINDOWS system32 tcblaunch.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000775696 _____ (Microsoft Corporation) C: WINDOWS system32 safekernel.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000768528 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 winhttp.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000744960 _____ (Microsoft Corporation) C: WINDOWS system32 Microsoft.Uev.Office2013CustomActions.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000729600 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 FlightSettings.dll
2020-04 -15 02:38 – 2020-04-15 02:38 – 000701440 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.Mirage.Internal.dll
2020-04-15 02:38 – 2020-04 -15 02:38 – 000701440 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 BTAGService.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000689152 _____ (Microsoft Corporat ion) C: WINDOWS SysWOW64 CPFilters.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000686080 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 jscript.dll [19659002] 2020-04-15 02:38 – 2020-04-15 02:38 – 000673704 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 AppXDeploymentClient.dll
2020-04-15 02:38 – 2020- 04-15 02:38 – 000673464 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 fontdrvhost.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000668672 _____ (Microsoft Corporation) C: WINDOWS system32 wsecedit.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000665088 _____ (شرکت مایکروسافت) C: WINDOWS SysWOW64 netlogon.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000647680 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 Windows.Internal.Management.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000632832 _____ (Microsoft Corporation) C: WINDOWS SysWOW64 WpcWebFilter.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000629760 _____ (مایکروسافت شرکت n) C:WINDOWSsystem32ipnathlp.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000628616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000595968 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000555008 _____ (Microsoft Corporation) C:WINDOWSsystem32appwiz.cpl
2020-04-15 02:38 – 2020-04-15 02:38 – 000538160 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SHCore.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000532480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000529408 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000525312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsecedit.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000514560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Microsoft.Uev.Office201 3CustomActions.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000507152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64taskschd.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000491008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppcext.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000487784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64advapi32.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000456192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appwiz.cpl
2020-04-15 02:38 – 2020-04-15 02:38 – 000452096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpclip.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000444416 _____ (Microsoft Corporation) C:WINDOWSsystem32MSFlacDecoder.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000420152 _____ (Microsoft Corporation) C:WINDOWSsystem32MSAudDecMFT.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000415760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aepic.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000410112 _____ (Microsoft Corporation) C:WINDOWSsystem32rascustom.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000406480 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Enumeration.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000381440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntshrui.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000380416 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MSFlacDecoder.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000353792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msrd3x40.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000341504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msexcl40.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000336384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64es.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000324096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys
2020-04-15 02:38 – 2020-04-15 02:38 – 000277864 _____ (Microsoft Corporation) C:WINDOWSsystem32LsaIso.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000277504 _____ (Microsoft Corporation) C:WINDOWSsystem32scecli.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000268008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Storage.ApplicationData.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000241152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msltus40.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000234496 _____ (Microsoft Corporation) C:WINDOWSsystem32iasrad.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000227840 _____ (Microsoft Corporation) C:WINDOWSsystem32IndexedDbLegacy.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000225792 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFoldersShell.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32srumsvc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000214 016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scecli.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000211256 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000190048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64logoncli.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000187392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasrad.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000185952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64deviceaccess.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000179712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InstallServiceTasks.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000178176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumsvc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000175616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64IndexedDbLegacy.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000163840 _____ (Microsoft C orporation) C:WINDOWSSysWOW64updatepolicy.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000155136 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000139776 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakrathunk.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000138752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64t2embed.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000130560 _____ (Microsoft Corporation) C:WINDOWSsystem32StorageUsage.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000123952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KerbClientShared.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000118272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000117248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000105472 _____ (Microsoft Corporation) C:WINDOWS SysWOW64Chakrathunk.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000105472 _____ (Microsoft Corporation) C:WINDOWSsystem32WorkFolders.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000101888 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sppc.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000099328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontsub.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000093712 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000090624 _____ (Microsoft Corporation) C:WINDOWSsystem32tsgqec.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000089336 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000087552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3api.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000087040 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dot3msm.dll
2020-04-15 02: 38 – 2020-04-15 02:38 – 000087040 _____ (Microsoft Corporation) C:WINDOWSsystem32iasacct.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000084280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys
2020-04-15 02:38 – 2020-04-15 02:38 – 000071680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000070144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tsgqec.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000066624 _____ (Microsoft Corporation) C:WINDOWSsystem32iumcrypt.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000066048 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iasacct.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000063488 _____ (Microsoft Corporation) C:WINDOWSsystem32srumapi.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000050688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64srumapi.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000050544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CloudNotifications.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000050176 _____ (Microsoft Corporation) C:WINDOWSsystem32iaspolcy.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000049152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tbauth.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000046080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mf3216.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32Microsoft.Uev.Office2010CustomActions.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000040448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iaspolcy.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000036352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Microsoft.Uev.Office2010CustomActions.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32ias.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000029696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cmintegrator.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000029184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TokenBrokerCookies.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000026112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimsg.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000026112 _____ (Microsoft Corporation) C:WINDOWSsystem32msimsg.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000023552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ias.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000021520 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000019968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64slcext.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000017920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wksprtPS.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000017920 _____ (M icrosoft Corporation) C:WINDOWSsystem32icsunattend.exe
2020-04-15 02:38 – 2020-04-15 02:38 – 000015872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Custom.ps.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000011776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dciman32.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DMAlertListener.ProxyStub.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000007168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msimg32.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64lpk.dll
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth9.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth8.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth7.bin
2020-04-15 02: 38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth6.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth5.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth4.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth3.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth2.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth12.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth11.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth10.bin
2020-04-15 02:38 – 2020-04-15 02:38 – 000000315 _____ C:WINDOWSsystem32DrtmAuth1.bin
2020-04-15 02:37 – 2020-04-15 02:37 – 017790464 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 009930552 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 007849216 _____ (Microsoft Corporation) C:WINDOWSsystem32OneCoreUAPCommonProxyStub.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 007604584 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 006168064 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 005040640 _____ (Microsoft Corporation) C:WINDOWSsystem32wininet.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 004563200 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 003802624 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 003729408 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys
20 20-04-15 02:37 – 2020-04-15 02:37 – 003708928 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 003587384 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 003547648 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 003109376 _____ (Microsoft Corporation) C:WINDOWSsystem32wuaueng.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 002986808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 002871608 _____ (Microsoft Corporation) C:WINDOWSsystem32aitstatic.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 002767928 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 002717184 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys
2020-04-15 02:3 7 – 2020-04-15 02:37 – 002453504 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallService.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 002131456 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcDesktopMonSvc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 002126144 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 002114560 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.CloudStore.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 002086656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001999960 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001960448 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001945600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcomp.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001942528 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001918976 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001835008 _____ (Microsoft Corporation) C:WINDOWSsystem32enterprisecsps.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001783296 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Input.Inking.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001764336 _____ (Microsoft Corporation) C:WINDOWSsystem32WindowsCodecs.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001762816 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001757096 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2020-04-15 02:37 – 2020-04-15 02:37 – 001726264 _____ (Microsoft Corporation) C:WINDOWSsystem32appraiser.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001719808 _____ (Microsoft Corporation) C:WINDOWSsystem32Wpc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001697792 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001656904 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001646048 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001612800 _____ (Microsoft Corporation) C:WINDOWSsystem32wpncore.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001603584 _____ (Microsoft Corporation) C:WINDOWSsystem32dosvc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001512832 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 001497600 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBroker.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001480192 _____ (Microsoft Corporation) C:WINDOWSsystem32usoco reworker.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 001427456 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Networking.Vpn.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001413704 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001378528 _____ (Microsoft Corporation) C:WINDOWSsystem32webservices.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001318912 _____ (Microsoft Corporation) C:WINDOWSsystem32wpnapps.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001300280 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershttp.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 001263856 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcMon.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 001261808 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001257472 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcss.dll
2020-0 4-15 02:37 – 2020-04-15 02:37 – 001243648 _____ (Microsoft Corporation) C:WINDOWSsystem32TSWorkspace.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001180672 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Security.Authentication.Web.Core.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001153024 _____ (Microsoft Corporation) C:WINDOWSsystem32windowsperformancerecordercontrol.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001136128 _____ (Microsoft Corporation) C:WINDOWSsystem32MbaeApiPublic.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001127424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcRefreshTask.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001083904 _____ (Microsoft Corporation) C:WINDOWSsystem32MusUpdateHandlers.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001071616 _____ (Microsoft Corporation) C:WINDOWSsystem32BTAGService.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 001011200 _____ (Microsoft Corporation) C:WI NDOWSsystem32kerberos.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000982840 _____ (Microsoft Corporation) C:WINDOWSsystem32winhttp.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000974336 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000924672 _____ (Microsoft Corporation) C:WINDOWSsystem32samsrv.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000923136 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Management.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000915192 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000893952 _____ (Microsoft Corporation) C:WINDOWSsystem32FlightSettings.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000879616 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Service.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000874296 _____ (Microsoft Corporatio n) C:WINDOWSsystem32Driversdxgmms2.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000865280 _____ (Microsoft Corporation) C:WINDOWSsystem32netlogon.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000840704 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_Language.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000822208 _____ (Microsoft Corporation) C:WINDOWSsystem32fontdrvhost.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000811320 _____ (Microsoft Corporation) C:WINDOWSsystem32generaltel.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000772096 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssrv2.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000759272 _____ (Microsoft Corporation) C:WINDOWSsystem32taskschd.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000747320 _____ (Microsoft Corporation) C:WINDOWSsystem32aeinv.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000735744 _____ (Microsoft Corporation) C:WIND OWSsystem32AudioEndpointBuilder.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000722072 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000684560 _____ (Microsoft Corporation) C:WINDOWSsystem32SHCore.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000654912 _____ (Microsoft Corporation) C:WINDOWSsystem32advapi32.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000638480 _____ (Microsoft Corporation) C:WINDOWSsystem32devinv.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000637240 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorport.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000618296 _____ (Microsoft Corporation) C:WINDOWSsystem32hal.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000605184 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotification.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000604984 _____ (Microsoft Corporation) C:WINDOWSsystem32pcasvc.dl l
2020-04-15 02:37 – 2020-04-15 02:37 – 000589384 _____ (Microsoft Corporation) C:WINDOWSsystem32audiodg.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000561464 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmrxsmb.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000550400 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000530432 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000524264 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Enumeration.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000516096 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotificationUx.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000515600 _____ (Microsoft Corporation) C:WINDOWSsystem32dcntel.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000513576 _____ (Microsoft Corporation) C:WINDOWSsystem32aepic.dll
2020 -04-15 02:37 – 2020-04-15 02:37 – 000510792 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64win.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000498688 _____ (Microsoft Corporation) C:WINDOWSsystem32ntshrui.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000497152 _____ (Microsoft Corporation) C:WINDOWSsystem32wuuhext.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000477496 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS
2020-04-15 02:37 – 2020-04-15 02:37 – 000469504 _____ (Microsoft Corporation) C:WINDOWSsystem32cloudAP.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000465208 _____ (Microsoft Corporation) C:WINDOWSsystem32invagent.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000459688 _____ (Microsoft Corporation) C:WINDOWSsystem32MusNotifyIcon.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000456504 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000441144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000416016 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000408064 _____ (Microsoft Corporation) C:WINDOWSsystem32domgmt.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000401408 _____ (Microsoft Corporation) C:WINDOWSsystem32es.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000374784 _____ (Microsoft Corporation) C:WINDOWSsystem32ncbservice.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000355840 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicSvc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000355328 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcApi.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000343552 _____ (Microsoft Corporation) C:WINDOWSsystem32wpr.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000339304 _____ (Microsoft Corpor ation) C:WINDOWSsystem32Windows.Storage.ApplicationData.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000330240 _____ (Microsoft Corporation) C:WINDOWSsystem32omadmclient.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000324408 _____ (Microsoft Corporation) C:WINDOWSsystem32acmigration.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000323584 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcommdlg.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000285184 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicCapsule.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000278016 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcTok.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000268288 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3svc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000265216 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000259776 _____ (Microsoft Corporation) C: WINDOWSsystem32logoncli.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000259072 _____ (Microsoft Corporation) C:WINDOWSsystem32VPNv2CSP.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000256000 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateDeploymentProvider.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000251704 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinesam.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000251392 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswinnat.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000241152 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanagerprecheck.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000231936 _____ (Microsoft Corporation) C:WINDOWSsystem32InstallServiceTasks.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000231912 _____ (Microsoft Corporation) C:WINDOWSsystem32deviceaccess.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000203264 _____ (Microsoft Cor poration) C:WINDOWSsystem32LanguageComponentsInstaller.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000200192 _____ (Microsoft Corporation) C:WINDOWSsystem32updatepolicy.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000197632 _____ (Microsoft Corporation) C:WINDOWSsystem32Win32CompatibilityAppraiserCSP.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000179712 _____ (Microsoft Corporation) C:WINDOWSsystem32t2embed.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000178192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspartmgr.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000169472 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000164368 _____ (Microsoft Corporation) C:WINDOWSsystem32CompatTelRunner.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000158720 _____ (Microsoft Corporation) C:WINDOWSsystem32umpo.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 00 0152408 _____ (Microsoft Corporation) C:WINDOWSsystem32KerbClientShared.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000147696 _____ (Microsoft Corporation) C:WINDOWSsystem32smss.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000142544 _____ (Microsoft Corporation) C:WINDOWSsystem32LicensingUI.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000140800 _____ (Microsoft Corporation) C:WINDOWSsystem32slc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000136192 _____ (Microsoft Corporation) C:WINDOWSsystem32sppc.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000129024 _____ (Microsoft Corporation) C:WINDOWSsystem32UtcDecoderHost.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000127280 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000125952 _____ (Microsoft Corporation) C:WINDOWSsystem32fontsub.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000122368 _____ (Microsoft Corporation) C :WINDOWSsystem32samlib.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000115120 _____ (Microsoft Corporation) C:WINDOWSsystem32phoneactivate.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000108032 _____ (Microsoft Corporation) C:WINDOWSsystem32wwanprotdim.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000103936 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3msm.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000102216 _____ (Microsoft Corporation) C:WINDOWSsystem32changepk.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000096768 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000092160 _____ (Microsoft Corporation) C:WINDOWSsystem32dot3api.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000089088 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaS MedicAgent.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000088352 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000076288 _____ (Microsoft Corporation) C:WINDOWSsystem32autopilot.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000071480 _____ (Microsoft Corporation) C:WINDOWSsystem32win32appinventorycsp.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000070656 _____ (Microsoft Corporation) C:WINDOWSsystem32keepaliveprovider.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000064512 _____ (Microsoft Corporation) C:WINDOWSsystem32pcadm.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000064000 _____ (Microsoft Corporation) C:WINDOWSsystem32tbauth.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000060928 _____ (Mic rosoft Corporation) C:WINDOWSsystem32mf3216.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000060416 _____ (Microsoft Corporation) C:WINDOWSsystem32CloudNotifications.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000058880 _____ C:WINDOWSsystem32runexehelper.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000057856 _____ (Microsoft Corporation) C:WINDOWSsystem32wups2.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000057344 _____ (Microsoft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000051200 _____ (Microsoft Corporation) C:WINDOWSsystem32pcalua.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000047000 _____ (Microsoft Corporation) C:WINDOWSsystem32wuauclt.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32cmintegrator.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32 Windows.UI.Xaml.Resources.Common.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32WiredNetworkCSP.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000043008 _____ (Microsoft Corporation) C:WINDOWSsystem32UpgradeResultsUI.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000039424 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcProxyStubs.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32TokenBrokerCookies.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000036152 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceCensus.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000033792 _____ (Microsoft Corporation) C:WINDOWSsystem32sxssrv.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000033080 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershwpolicy.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000031744 _____ (Microsoft Corporati on) C:WINDOWSsystem32wksprtPS.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000030720 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversKNetPwrDepBroker.sys
2020-04-15 02:37 – 2020-04-15 02:37 – 000028672 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicPS.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Custom.ps.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32slcext.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000022528 _____ (Microsoft Corporation) C:WINDOWSsystem32sbservicetrigger.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32dciman32.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000012800 _____ (Microsoft Corporation) C:WINDOWSsystem32pcaevts.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000012288 _____ (Microsoft Corporat ion) C:WINDOWSsystem32pacjsworker.exe
2020-04-15 02:37 – 2020-04-15 02:37 – 000010752 _____ (Microsoft Corporation) C:WINDOWSsystem32DMAlertListener.ProxyStub.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000008192 _____ (Microsoft Corporation) C:WINDOWSsystem32msimg32.dll
2020-04-15 02:37 – 2020-04-15 02:37 – 000003072 _____ (Microsoft Corporation) C:WINDOWSsystem32lpk.dll
2020-04-15 02:36 – 2020-04-15 02:36 – 003980800 _____ (Microsoft Corporation) C:WINDOWSsystem32tellib.dll
2020-04-15 02:36 – 2020-04-15 02:36 – 000437560 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000297272 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssdbus.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000193848 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdumpsd.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000151352 _____ (Microsoft Corporation) C:WINDOW Ssystem32Driversscmbus.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000089912 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvolmgr.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000059192 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstorufs.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000028160 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversflpydisk.sys
2020-04-15 02:36 – 2020-04-15 02:36 – 000018944 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverssfloppy.sys
2020-04-15 02:09 – 2020-04-15 02:10 – 000492544 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe
2020-04-15 02:09 – 2020-04-15 02:10 – 000390656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe
2020-04-01 15:34 – 2020-04-01 15:34 – 000815587 _____ C:UsersMonsterDownloadsdecim5_t3_s3-4_act-suppl_3-4_corr.pdf
2020-04-01 15:34 – 2020-04-01 15:34 – 000793438 _____ C:UsersMonsterDownloadsdecim5 _t3_s3-4_act-suppl_3-4.pdf
2020-04-01 15:34 – 2020-04-01 15:34 – 000778083 _____ C:UsersMonsterDownloadsarobas5_t10_texte_10_corr.pdf
2020-04-01 15:34 – 2020-04-01 15:34 – 000740663 _____ C:UsersMonsterDownloadsarobas5_t10_texte_10.pdf
2020-03-31 12:05 – 2020-03-31 12:05 – 000449256 _____ C:UsersMonsterDownloadscovid_enfant.pdf
2020-03-31 12:04 – 2020-03-31 12:04 – 000146475 _____ C:UsersMonsterDownloads19-00003-Communication_parents_20200330_REV.pdf
2020-03-25 08:25 – 2020-03-25 08:25 – 000588866 _____ C:UsersMonsterDownloadsenCOVIDpatients.pdf
2020-03-25 08:25 – 2020-03-25 08:25 – 000360602 _____ C:UsersMonsterDownloadsfrCOVIDpatients.pdf
2020-03-25 08:24 – 2020-03-25 08:24 – 000083535 _____ C:UsersMonsterDownloadsLettre precisions 20 mars.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/ folder will be moved.)
2020-04-19 20:43 – 2019-03-19 00:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-04-19 19:30 – 2019-08-19 07:56 – 000003186 _____ C:WINDOWSsystem32TasksKMS_VL_ALL
2020-04-19 19:29 – 2018-10-15 17:28 – 000000000 ____D C:Program Files (x86)Steam
2020-04-19 19:29 – 2018-08-28 19:26 – 000000000 ___RD C:UsersMonsterGoogle Drive
2020-04-19 19:27 – 2019-08-19 07:39 – 000000000 ____D C:UsersMonster
2020-04-19 19:27 – 2019-08-19 07:32 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2020-04-19 19:13 – 2019-08-19 07:56 – 000000006 ____H C:WINDOWSTasksSA.DAT
2020-04-18 12:28 – 2019-03-19 00:52 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared
2020-04-18 12:27 – 2018-09-05 19:03 – 000000000 ____D C:Program FilesMicrosoft Office
2020-04-18 02:05 – 2019-03-19 00:52 – 000000000 ___HD C:Program FilesWindowsApps
2020- 04-18 02:05 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSAppReadiness
2020-04-17 17:10 – 2019-03-19 00:37 – 000524288 _____ C:WINDOWSsystem32configBBI
2020-04-17 17:10 – 2018-12-15 15:41 – 000065536 _____ C:WINDOWSsystem32spu_storage.bin
2020-04-17 09:07 – 2019-03-19 00:50 – 000000000 ____D C:WINDOWSINF
2020-04-16 01:43 – 2018-10-03 15:08 – 000000000 ____D C:UsersMonsterAppDataLocalD3DSCache
2020-04-16 01:00 – 2018-08-28 19:23 – 000002073 _____ C:UsersPublicDesktopGoogle Slides.lnk
2020-04-16 01:00 – 2018-08-28 19:23 – 000002073 _____ C:ProgramDataDesktopGoogle Slides.lnk
2020-04-16 01:00 – 2018-08-28 19:23 – 000002071 _____ C:UsersPublicDesktopGoogle Sheets.lnk
2020-04-16 01:00 – 2018-08-28 19:23 – 000002071 _____ C:ProgramDataDesktopGoogle Sheets.lnk
2020-04-16 01:00 – 2018-08-28 19:23 – 000002061 _____ C:UsersPublicDesktopGoogle Docs.lnk
2020-04-16 01:00 – 201 8-08-28 19:23 – 000002061 _____ C:ProgramDataDesktopGoogle Docs.lnk
2020-04-16 01:00 – 2018-08-28 19:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBackup and Sync from Google
2020-04-15 03:24 – 2019-08-19 11:08 – 000788750 _____ C:WINDOWSsystem32perfh00C.dat
2020-04-15 03:24 – 2019-08-19 11:08 – 000147726 _____ C:WINDOWSsystem32perfc00C.dat
2020-04-15 03:24 – 2019-08-19 07:49 – 001768058 _____ C:WINDOWSsystem32PerfStringBackup.INI
2020-04-15 03:18 – 2019-08-19 07:31 – 000438888 _____ C:WINDOWSsystem32FNTCACHE.DAT
2020-04-15 03:16 – 2019-03-19 02:23 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSSystemResources
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSs ystem32migwiz
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSShellExperiences
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSProvisioning
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSPolicyDefinitions
2020-04-15 03:16 – 2019-03-19 00:52 – 000000000 ____D C:WINDOWSbcastdvr
2020-04-15 02:44 – 2019-03-19 00:37 – 000000000 ____D C:WINDOWSCbsTemp
2020-04-15 02:37 – 2018-07-10 23:51 – 000410838 __RSH C:bootmgr
2020-04-14 16:42 – 2018-07-10 22:59 – 000000000 ____D C:UsersMonsterAppDataLocalPackages
2020-04-09 22:50 – 2018-08-12 17:47 – 000000000 ____D C:UsersMonsterAppDataRoamingvlc
2020-04-07 20:18 – 2020-02-14 22:46 – 000000000 ____D C:Program FilesMozilla Firefox
2020-04-07 20:18 – 2018-07-10 23:04 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-04-07 14:58 – 2019-08-25 13:34 – 000002299 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-04-07 14:58 – 2019-08-25 13:34 – 000002258 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2020-04-07 14:58 – 2019-08-25 13:34 – 000002258 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2020-04-04 10:15 – 2018-07-19 22:43 – 000000000 ____D C:UsersMonsterAppDataRoaminguTorrent
2020-04-03 13:29 – 2018-07-10 23:04 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-04-03 13:29 – 2018-07-10 23:04 – 000000000 ____D C:UsersMonsterAppDataLocalLowMozilla
2020-04-02 08:50 – 2018-07-11 10:02 – 000744808 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe
2020-03-25 01:20 – 2018-07-11 10:20 – 000000000 ____D C:WINDOWSsystem32Driverswd
2020-03-20 20:52 – 2019-08-19 07:56 – 000003590 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2020-03-20 20:52 – 2019-08-19 07:56 – 00000 3466 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
.
