Jump to content

joczr2

Members
  • Content Count

    13
  • Joined

  • Last visited

About joczr2

  • Rank
    New Member

Recent Profile Visitors

647 profile views
  1. As requested I am pasting the results from three programs....BTW there seemed to be a second FRST. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/21/19 Protection Event Time: 7:12 PM Log File: 436cc035-6493-11e9-bfe1-14dda98e8c55.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.563 Update Package Version: 1.0.10266 License: Trial -System Information- OS: Windows 10 (Build 17763.437) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Internet Explorer (and add-ons) Protection Layer: Application Hardening Protection Technique: Attempt to execute VBScript blocked File Name: C:\Windows\SysWOW64\vbscript.dll URL: (end) -------------------------------------------------------- FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01 Ran by joczr (administrator) on DESKTOP-NHMCQU2 (ASUSTeK COMPUTER INC. G751JL) (21-04-2019 23:16:09) Running from C:\Users\joczr\Desktop\New folder (2) Loaded Profiles: joczr (Available Profiles: joczr) Platform: Windows 10 Home Version 1809 17763.437 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Ivaylo Beltchev -> IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.714.0_x64__8wekyb3d8bbwe\YourPhone.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe () [File not signed] C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Windows Third Party Application Component -> Adobe) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1902.42.0_x64__8wekyb3d8bbwe\Calculator.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2015-09-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1674048 2019-03-25] (Digital Wave Ltd -> Digital Wave Ltd) HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64" HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\19.033.0218.0011" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FASUSBAudio Control Panel Autostart.lnk [2019-03-19] ShortcutTarget: FASUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe () [File not signed] ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D784AF9-97A3-4401-8C0B-FD482533AD06} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {62320766-51F8-419F-8651-48D0A1528EE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BB6F5198-C461-4652-873F-B5F3BAF87661} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BDD83F52-A7D2-4F65-96E3-065FA8E2C188} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {D6CAF0FC-AA50-4AE7-8317-00D79A9C1938} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {D89C62C0-784B-4A9B-901F-F18E37C03250} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {EC883B8C-C1DA-4A10-AB6A-3A2031000F5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c900e84e-a19f-47ae-ba8a-9c434c6d2155}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-1303080539-3523170087-648723016-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-07] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-07] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-03-25] (Digital Wave Ltd -> Digital Wave Ltd.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 axefx2load; C:\Windows\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) S3 fasusbaudio; C:\Windows\System32\drivers\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> ) S3 fasusbaudioks; C:\Windows\system32\DRIVERS\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> ) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34216 2018-11-05] (ASUSTek Computer Inc. -> ASUS) R3 ibtusb; C:\Windows\System32\drivers\ibtusb.sys [258832 2015-07-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-10] (Intel(R) Software -> Intel Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-12] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7708160 2018-09-15] (Microsoft Windows -> Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_45d4f41b93b9677a\nvlddmkm.sys [14461344 2017-06-15] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 usbaudio2; C:\Windows\system32\DRIVERS\usbaudio2.sys [235520 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [343520 2019-04-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-21 23:16 - 2019-04-21 23:16 - 000000000 ____D C:\FRST 2019-04-21 23:03 - 2019-04-21 23:16 - 000000000 ____D C:\Users\joczr\Desktop\New folder (2) 2019-04-21 19:12 - 2019-04-21 19:12 - 000000000 ____D C:\Users\joczr\AppData\Local\mbam 2019-04-15 22:55 - 2019-04-15 22:55 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-04-15 22:55 - 2019-04-15 22:55 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-04-15 22:55 - 2019-04-15 22:55 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-04-15 22:55 - 2019-04-15 22:55 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-04-14 20:44 - 2019-04-14 20:45 - 000000000 ____D C:\Users\joczr\Desktop\MetalFiles 2019-04-13 21:14 - 2019-04-13 21:14 - 000000080 ___SH C:\bootTel.dat 2019-04-12 17:46 - 2019-04-12 17:46 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-04-12 17:46 - 2019-04-12 17:46 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\Users\joczr\AppData\Local\mbamtray 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\Program Files\Malwarebytes 2019-04-12 17:46 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2019-04-12 17:46 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 026810368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 023440896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 020815360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 019025408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 017513472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 015223296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 012843520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 012139008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 008898048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007919104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007877120 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007645608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006925824 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006544824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006071296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 005765120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 005436904 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 005205448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004991112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004704272 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004660224 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004588536 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 004527624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004304896 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003982848 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003904512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003690496 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 003657728 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003557888 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003551112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003496448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003421696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 003384832 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003377976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 003334496 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002995712 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002925880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002871304 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 002842624 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002777224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002720256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002701304 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002689024 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002627384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002592816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002469376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002438368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002275896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002073960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002042368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002022304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002017792 _____ C:\Windows\system32\rdpnano.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001994768 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001892864 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001860096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001856000 ____R (The ICU Project) C:\Windows\system32\icuin.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001697752 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-04-12 17:43 - 2019-04-12 17:43 - 001687552 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001671352 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001647632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001615872 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001590064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001567232 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001506304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001478968 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001468952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001467344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001459080 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001458056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001395056 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001370624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001360184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001342400 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-04-12 17:43 - 2019-04-12 17:43 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001311232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001297120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001294520 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2019-04-12 17:43 - 2019-04-12 17:43 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001213752 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001191728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001179680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001155072 ____R (The ICU Project) C:\Windows\SysWOW64\icuuc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001145856 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001072424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2019-04-12 17:43 - 2019-04-12 17:43 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001053192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001047552 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001044280 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001035776 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001026792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001019392 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001001472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000998712 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000984888 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000982880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000982528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000981816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000976896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000974352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000964096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000948224 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000909840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000897536 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000882176 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2019-04-12 17:43 - 2019-04-12 17:43 - 000877056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000865784 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000855040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000845824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000828728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000822272 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000821048 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000809784 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000807424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000793832 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000766480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000761280 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000737080 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000730936 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000725928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000676352 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000675096 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000672256 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000660480 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000653040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000649064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000620560 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000617784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000611840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000609792 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000604008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000598544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000568632 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000556544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000552448 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-04-12 17:43 - 2019-04-12 17:43 - 000540448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000513040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000508208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000506168 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_PCDisplay.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000485192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000474928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2019-04-12 17:43 - 2019-04-12 17:43 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000454144 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000447488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000421392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2019-04-12 17:43 - 2019-04-12 17:43 - 000408528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000407504 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000386872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000386360 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000385024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000384312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000343984 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000322568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000316416 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000312632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000306488 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000300344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000283032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WiFiCloudStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000263600 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000257696 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000255128 _____ (Microsoft Corporation) C:\Windows\system32\SgrmBroker.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000234808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.SharedPC.CredentialProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000159272 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000159112 _____ (Microsoft Corporation) C:\Windows\system32\winquic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000157496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winquic.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000147496 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000143880 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000134456 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000131384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000115360 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\negoexts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\drvsetup.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000107832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\negoexts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000098664 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000097808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\EduPrintProv.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\KdsCli.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000071208 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\RDSPnf.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000039736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WppRecorder.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2019-04-10 23:09 - 2019-04-10 23:09 - 000000365 _____ C:\Users\joczr\Desktop\How To Play Motley Crue 'Kickstart My Heart' Guitar Lesson - YouTube.website 2019-04-09 19:48 - 2019-04-09 21:45 - 000000000 ____D C:\Users\joczr\Desktop\Frac adds 2019-04-02 20:09 - 2019-04-02 20:09 - 000001246 _____ C:\Users\Public\Desktop\Axe-Edit.lnk 2019-04-02 20:09 - 2019-04-02 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fractal Audio 2019-04-02 19:48 - 2019-04-02 19:48 - 009109104 _____ (Fractal Audio ) C:\Users\joczr\Desktop\Axe-Edit-Win-v3p14p5.exe 2019-03-30 01:15 - 2019-04-14 22:28 - 000000568 _____ C:\Users\joczr\Desktop\Shredding the Pentatonic Scale with Stephanie Pickard Guitar Control - YouTube.website 2019-03-28 22:41 - 2019-03-28 23:16 - 000000000 ____D C:\Users\joczr\AppData\Roaming\DVDVideoSoft 2019-03-28 22:41 - 2019-03-28 22:41 - 000001408 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2019-03-28 22:41 - 2019-03-28 22:41 - 000001375 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-21 23:15 - 2019-03-11 21:17 - 000000000 ____D C:\Users\joczr\AppData\Local\ClassicShell 2019-04-21 23:02 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-04-21 22:25 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\AppReadiness 2019-04-21 20:55 - 2019-03-10 00:15 - 000000000 ____D C:\Windows\system32\SleepStudy 2019-04-21 18:56 - 2019-03-09 17:08 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1303080539-3523170087-648723016-1002 2019-04-21 18:56 - 2019-03-09 17:08 - 000000000 ___RD C:\Users\joczr\OneDrive 2019-04-21 18:56 - 2019-03-09 17:05 - 000002363 _____ C:\Users\joczr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-04-21 18:56 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-04-21 18:55 - 2018-09-15 02:31 - 000000000 ____D C:\Windows\INF 2019-04-17 19:14 - 2019-03-09 16:23 - 000000000 ____D C:\ProgramData\NVIDIA 2019-04-15 23:00 - 2019-03-09 16:23 - 000795988 _____ C:\Windows\system32\PerfStringBackup.INI 2019-04-15 22:55 - 2019-03-10 00:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-04-15 22:44 - 2018-09-15 01:09 - 000786432 _____ C:\Windows\system32\config\BBI 2019-04-13 21:16 - 2019-03-10 00:15 - 000437632 _____ C:\Windows\system32\FNTCACHE.DAT 2019-04-13 21:16 - 2019-03-09 17:05 - 000000000 ____D C:\Users\joczr 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\oobe 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\bcastdvr 2019-04-13 00:28 - 2018-09-15 01:09 - 000000000 ____D C:\Windows\system32\Dism 2019-04-12 19:01 - 2019-03-09 17:05 - 000000000 ____D C:\Users\joczr\AppData\Local\Packages 2019-04-12 17:46 - 2018-09-15 02:33 - 000000000 ___HD C:\Windows\ELAMBKUP 2019-04-12 17:44 - 2018-09-15 02:23 - 000000000 ____D C:\Windows\CbsTemp 2019-04-10 18:49 - 2019-03-17 19:20 - 000000000 ____D C:\Windows\system32\MRT 2019-04-10 18:49 - 2019-03-11 21:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2019-04-10 18:48 - 2019-03-17 19:20 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-04-09 19:50 - 2018-09-15 02:31 - 000000167 _____ C:\Windows\win.ini 2019-04-07 20:52 - 2019-03-10 00:15 - 000000000 ____D C:\Windows\system32\Drivers\wd 2019-04-02 20:07 - 2019-03-17 19:21 - 000000542 _____ C:\Users\joczr\Desktop\Axe Change -The Official Site for Fractal Audio Presets, Cabs and More.website 2019-04-02 20:05 - 2019-03-17 19:17 - 000000551 _____ C:\Users\joczr\Desktop\Search Results for Query metallica Fractal Audio Systems Forum.website 2019-04-01 13:02 - 2018-09-15 02:36 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-04-01 13:02 - 2018-09-15 02:36 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01 Ran by joczr (administrator) on DESKTOP-NHMCQU2 (ASUSTeK COMPUTER INC. G751JL) (21-04-2019 23:16:09) Running from C:\Users\joczr\Desktop\New folder (2) Loaded Profiles: joczr (Available Profiles: joczr) Platform: Windows 10 Home Version 1809 17763.437 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Ivaylo Beltchev -> IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.714.0_x64__8wekyb3d8bbwe\YourPhone.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe () [File not signed] C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Windows Third Party Application Component -> Adobe) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1902.42.0_x64__8wekyb3d8bbwe\Calculator.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350232 2015-09-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1674048 2019-03-25] (Digital Wave Ltd -> Digital Wave Ltd) HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64" HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\joczr\AppData\Local\Microsoft\OneDrive\19.033.0218.0011" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FASUSBAudio Control Panel Autostart.lnk [2019-03-19] ShortcutTarget: FASUSBAudio Control Panel Autostart.lnk -> C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe () [File not signed] ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D784AF9-97A3-4401-8C0B-FD482533AD06} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {62320766-51F8-419F-8651-48D0A1528EE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BB6F5198-C461-4652-873F-B5F3BAF87661} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BDD83F52-A7D2-4F65-96E3-065FA8E2C188} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {D6CAF0FC-AA50-4AE7-8317-00D79A9C1938} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {D89C62C0-784B-4A9B-901F-F18E37C03250} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) Task: {EC883B8C-C1DA-4A10-AB6A-3A2031000F5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c900e84e-a19f-47ae-ba8a-9c434c6d2155}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-1303080539-3523170087-648723016-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/ BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) FireFox: ======== FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-07] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-07] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-03-25] (Digital Wave Ltd -> Digital Wave Ltd.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 axefx2load; C:\Windows\System32\Drivers\axefx2load.sys [55600 2013-07-12] (Fractal Audio Systems -> Cypress Semiconductor) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) S3 fasusbaudio; C:\Windows\System32\drivers\fasusbaudio_x64.sys [254464 2014-05-16] (Fractal Audio Systems -> ) S3 fasusbaudioks; C:\Windows\system32\DRIVERS\fasusbaudioks_x64.sys [46080 2014-05-16] (Fractal Audio Systems -> ) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34216 2018-11-05] (ASUSTek Computer Inc. -> ASUS) R3 ibtusb; C:\Windows\System32\drivers\ibtusb.sys [258832 2015-07-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-10] (Intel(R) Software -> Intel Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-12] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-04-15] (Malwarebytes Corporation -> Malwarebytes) R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7708160 2018-09-15] (Microsoft Windows -> Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_45d4f41b93b9677a\nvlddmkm.sys [14461344 2017-06-15] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 usbaudio2; C:\Windows\system32\DRIVERS\usbaudio2.sys [235520 2018-09-15] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [343520 2019-04-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-21 23:16 - 2019-04-21 23:16 - 000000000 ____D C:\FRST 2019-04-21 23:03 - 2019-04-21 23:16 - 000000000 ____D C:\Users\joczr\Desktop\New folder (2) 2019-04-21 19:12 - 2019-04-21 19:12 - 000000000 ____D C:\Users\joczr\AppData\Local\mbam 2019-04-15 22:55 - 2019-04-15 22:55 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-04-15 22:55 - 2019-04-15 22:55 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-04-15 22:55 - 2019-04-15 22:55 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-04-15 22:55 - 2019-04-15 22:55 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-04-14 20:44 - 2019-04-14 20:45 - 000000000 ____D C:\Users\joczr\Desktop\MetalFiles 2019-04-13 21:14 - 2019-04-13 21:14 - 000000080 ___SH C:\bootTel.dat 2019-04-12 17:46 - 2019-04-12 17:46 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-04-12 17:46 - 2019-04-12 17:46 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\Users\joczr\AppData\Local\mbamtray 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-04-12 17:46 - 2019-04-12 17:46 - 000000000 ____D C:\Program Files\Malwarebytes 2019-04-12 17:46 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2019-04-12 17:46 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 026810368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 023440896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 020815360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 019025408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 017513472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 015223296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 012843520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 012139008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 008898048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007919104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007877120 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 007645608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006925824 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006544824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 006071296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 005765120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 005436904 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 005205448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004991112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004866560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004704272 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004660224 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004588536 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 004527624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 004304896 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003982848 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003904512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003690496 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 003657728 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003557888 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003551112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003496448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003421696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 003384832 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003377976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 003334496 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002995712 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002925880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002871304 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 002842624 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002777224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002720256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002701304 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002689024 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002627384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002592816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002469376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 002438368 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002275896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002073960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002042368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002022304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 002017792 _____ C:\Windows\system32\rdpnano.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001994768 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001892864 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001860096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001856000 ____R (The ICU Project) C:\Windows\system32\icuin.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001697752 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-04-12 17:43 - 2019-04-12 17:43 - 001687552 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001671352 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001647632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001615872 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001590064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001567232 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001506304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001478968 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001468952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001467344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001459080 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001458056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001395056 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001370624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001360184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001342400 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-04-12 17:43 - 2019-04-12 17:43 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001311232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001297120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001294520 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2019-04-12 17:43 - 2019-04-12 17:43 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001213752 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001191728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001179680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001155072 ____R (The ICU Project) C:\Windows\SysWOW64\icuuc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001145856 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001072424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2019-04-12 17:43 - 2019-04-12 17:43 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001053192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 001047552 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001044280 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 001035776 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001026792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001019392 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 001001472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000998712 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000984888 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000982880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000982528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000981816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000976896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000974352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000964096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000948224 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000909840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000897536 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000882176 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2019-04-12 17:43 - 2019-04-12 17:43 - 000877056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000865784 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000855040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000845824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000828728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000822272 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000821048 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000809784 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000807424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000793832 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000766480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000761280 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000737080 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000730936 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000730112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000725928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000676352 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000675096 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000672256 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000660480 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000653040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000649064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000620560 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000617784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000611840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000609792 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000604008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000598544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000568632 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000556544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000552448 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000551936 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-04-12 17:43 - 2019-04-12 17:43 - 000540448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000513040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000508208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000506168 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_PCDisplay.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000485192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000474928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2019-04-12 17:43 - 2019-04-12 17:43 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000460800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000454144 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000447488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000421392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2019-04-12 17:43 - 2019-04-12 17:43 - 000408528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000407504 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000386872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000386360 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000385536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000385024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000384312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000368640 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000349184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000343984 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000322568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000316416 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000312632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000306488 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000300344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000283032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WiFiCloudStore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000263600 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000257696 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000255128 _____ (Microsoft Corporation) C:\Windows\system32\SgrmBroker.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000234808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.SharedPC.CredentialProvider.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000159272 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000159112 _____ (Microsoft Corporation) C:\Windows\system32\winquic.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000157496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winquic.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000147496 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000143880 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000134456 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000131384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000115360 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\negoexts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\drvsetup.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000107832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\negoexts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000098664 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000097808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\EduPrintProv.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvsetup.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpr.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\KdsCli.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000071208 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\RDSPnf.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000039736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WppRecorder.sys 2019-04-12 17:43 - 2019-04-12 17:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\RpcPing.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcPing.exe 2019-04-12 17:43 - 2019-04-12 17:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2019-04-12 17:43 - 2019-04-12 17:43 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2019-04-10 23:09 - 2019-04-10 23:09 - 000000365 _____ C:\Users\joczr\Desktop\How To Play Motley Crue 'Kickstart My Heart' Guitar Lesson - YouTube.website 2019-04-09 19:48 - 2019-04-09 21:45 - 000000000 ____D C:\Users\joczr\Desktop\Frac adds 2019-04-02 20:09 - 2019-04-02 20:09 - 000001246 _____ C:\Users\Public\Desktop\Axe-Edit.lnk 2019-04-02 20:09 - 2019-04-02 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fractal Audio 2019-04-02 19:48 - 2019-04-02 19:48 - 009109104 _____ (Fractal Audio ) C:\Users\joczr\Desktop\Axe-Edit-Win-v3p14p5.exe 2019-03-30 01:15 - 2019-04-14 22:28 - 000000568 _____ C:\Users\joczr\Desktop\Shredding the Pentatonic Scale with Stephanie Pickard Guitar Control - YouTube.website 2019-03-28 22:41 - 2019-03-28 23:16 - 000000000 ____D C:\Users\joczr\AppData\Roaming\DVDVideoSoft 2019-03-28 22:41 - 2019-03-28 22:41 - 000001408 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2019-03-28 22:41 - 2019-03-28 22:41 - 000001375 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack 2019-03-28 22:41 - 2019-03-28 22:41 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-21 23:15 - 2019-03-11 21:17 - 000000000 ____D C:\Users\joczr\AppData\Local\ClassicShell 2019-04-21 23:02 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-04-21 22:25 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\AppReadiness 2019-04-21 20:55 - 2019-03-10 00:15 - 000000000 ____D C:\Windows\system32\SleepStudy 2019-04-21 18:56 - 2019-03-09 17:08 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1303080539-3523170087-648723016-1002 2019-04-21 18:56 - 2019-03-09 17:08 - 000000000 ___RD C:\Users\joczr\OneDrive 2019-04-21 18:56 - 2019-03-09 17:05 - 000002363 _____ C:\Users\joczr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-04-21 18:56 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-04-21 18:55 - 2018-09-15 02:31 - 000000000 ____D C:\Windows\INF 2019-04-17 19:14 - 2019-03-09 16:23 - 000000000 ____D C:\ProgramData\NVIDIA 2019-04-15 23:00 - 2019-03-09 16:23 - 000795988 _____ C:\Windows\system32\PerfStringBackup.INI 2019-04-15 22:55 - 2019-03-10 00:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-04-15 22:44 - 2018-09-15 01:09 - 000786432 _____ C:\Windows\system32\config\BBI 2019-04-13 21:16 - 2019-03-10 00:15 - 000437632 _____ C:\Windows\system32\FNTCACHE.DAT 2019-04-13 21:16 - 2019-03-09 17:05 - 000000000 ____D C:\Users\joczr 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Dism 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\oobe 2019-04-13 00:28 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\bcastdvr 2019-04-13 00:28 - 2018-09-15 01:09 - 000000000 ____D C:\Windows\system32\Dism 2019-04-12 19:01 - 2019-03-09 17:05 - 000000000 ____D C:\Users\joczr\AppData\Local\Packages 2019-04-12 17:46 - 2018-09-15 02:33 - 000000000 ___HD C:\Windows\ELAMBKUP 2019-04-12 17:44 - 2018-09-15 02:23 - 000000000 ____D C:\Windows\CbsTemp 2019-04-10 18:49 - 2019-03-17 19:20 - 000000000 ____D C:\Windows\system32\MRT 2019-04-10 18:49 - 2019-03-11 21:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2019-04-10 18:48 - 2019-03-17 19:20 - 131129288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-04-09 19:50 - 2018-09-15 02:31 - 000000167 _____ C:\Windows\win.ini 2019-04-07 20:52 - 2019-03-10 00:15 - 000000000 ____D C:\Windows\system32\Drivers\wd 2019-04-02 20:07 - 2019-03-17 19:21 - 000000542 _____ C:\Users\joczr\Desktop\Axe Change -The Official Site for Fractal Audio Presets, Cabs and More.website 2019-04-02 20:05 - 2019-03-17 19:17 - 000000551 _____ C:\Users\joczr\Desktop\Search Results for Query metallica Fractal Audio Systems Forum.website 2019-04-01 13:02 - 2018-09-15 02:36 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-04-01 13:02 - 2018-09-15 02:36 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ ADDITION Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01 Ran by joczr (21-04-2019 23:16:57) Running from C:\Users\joczr\Desktop\New folder (2) Windows 10 Home Version 1809 17763.437 (X64) (2019-03-10 05:17:02) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1303080539-3523170087-648723016-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1303080539-3523170087-648723016-503 - Limited - Disabled) Guest (S-1-5-21-1303080539-3523170087-648723016-501 - Limited - Disabled) joczr (S-1-5-21-1303080539-3523170087-648723016-1002 - Administrator - Enabled) => C:\Users\joczr WDAGUtilityAccount (S-1-5-21-1303080539-3523170087-648723016-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden Axe-Edit 3.14.5 (HKLM-x32\...\{0B2FECD3-B4EF-4071-9546-7529D90BAA99}_is1) (Version: - Fractal Audio) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.) Fractal Audio Systems USB Audio Driver v2.23.0 (HKLM-x32\...\Fractal Audio Systems USB Audio Driver v2.23.0) (Version: 2.23.0 - Fractal Audio Systems) Fractal Audio Systems USB Driver Package 2014.06.06 (HKLM\...\{E992CC59-71FD-4199-B04E-6274F7439EA0}_is1) (Version: 2014.06.06 - Fractal Audio Systems) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.93.325 - Digital Wave Ltd) Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1303080539-3523170087-648723016-1002\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) NVIDIA 3D Vision Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation) NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7701 - Realtek Semiconductor Corp.) Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Windows Driver Package - Fractal Audio Systems (axefx2load) USB (05/15/2011 1.0.0.9) (HKLM\...\6AEB8A42A154DE456DE5E467C01A582911CB5C6A) (Version: 05/15/2011 1.0.0.9 - Fractal Audio Systems) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-07] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2019-03-09 16:24 - 2017-06-07 18:38 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll 2019-03-09 16:24 - 2017-06-07 18:38 - 000869016 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2019-03-19 22:46 - 2014-05-16 03:35 - 000434176 _____ () [File not signed] C:\Program Files\Fractal Audio Systems\USB Audio Driver\FASUSBAudioCplApp.exe 2019-04-12 17:46 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll 2019-04-12 17:46 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll 2019-03-19 22:46 - 2014-05-16 03:35 - 000192512 _____ () [File not signed] C:\Program Files\Fractal Audio Systems\USB Audio Driver\fasusbaudioapi.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1303080539-3523170087-648723016-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\joczr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B5DE59FF-AFE7-4AE7-993A-75054606F180}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8752EEDF-F60D-41D0-A185-DE0C4133F9F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{85823B40-0063-484C-98AE-BEC7A23C84A5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F28D5E75-C803-4CC9-BACD-457BD5208E03}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 03-04-2019 21:34:47 Scheduled Checkpoint 09-04-2019 19:49:56 Windows Update 21-04-2019 18:55:25 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/16/2019 11:50:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: tzsync.exe, version: 10.0.17763.1, time stamp: 0xc5d97414 Faulting module name: KERNELBASE.dll, version: 10.0.17763.404, time stamp: 0x2528b630 Exception code: 0xe0434352 Fault offset: 0x0000000000039129 Faulting process id: 0x1084 Faulting application start time: 0x01d4f4d92660e8a9 Faulting application path: C:\Windows\system32\tzsync.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: 9bb2e673-c342-4687-89aa-33648a08a2fc Faulting package full name: Faulting package-relative application ID: Error: (04/16/2019 11:50:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: tzsync.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.IOException at Microsoft.Win32.RegistryKey.Win32Error(Int32, System.String) at Microsoft.Win32.RegistryKey.GetValueKind(System.String) at TimeZoneSyncTask.DynamicDstTransform.GetDynamicDstRange(Microsoft.Win32.RegistryKey, System.Collections.Generic.Dictionary`2<System.String,System.String>) at TimeZoneSyncTask.TimeZoneSync.Sync() at TimeZoneSyncTask.Program.Main(System.String[]) Error: (04/16/2019 09:39:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: tzsync.exe, version: 10.0.17763.1, time stamp: 0xc5d97414 Faulting module name: KERNELBASE.dll, version: 10.0.17763.404, time stamp: 0x2528b630 Exception code: 0xe0434352 Fault offset: 0x0000000000039129 Faulting process id: 0x2760 Faulting application start time: 0x01d4f4c6ccca0d13 Faulting application path: C:\Windows\system32\tzsync.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: a00a5f61-1506-41c0-a92f-f0e321ee10fe Faulting package full name: Faulting package-relative application ID: Error: (04/16/2019 09:39:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: tzsync.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.IOException at Microsoft.Win32.RegistryKey.Win32Error(Int32, System.String) at Microsoft.Win32.RegistryKey.GetValueKind(System.String) at TimeZoneSyncTask.DynamicDstTransform.GetDynamicDstRange(Microsoft.Win32.RegistryKey, System.Collections.Generic.Dictionary`2<System.String,System.String>) at TimeZoneSyncTask.TimeZoneSync.Sync() at TimeZoneSyncTask.Program.Main(System.String[]) Error: (04/16/2019 09:10:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: tzsync.exe, version: 10.0.17763.1, time stamp: 0xc5d97414 Faulting module name: KERNELBASE.dll, version: 10.0.17763.404, time stamp: 0x2528b630 Exception code: 0xe0434352 Fault offset: 0x0000000000039129 Faulting process id: 0x1da4 Faulting application start time: 0x01d4f4c22ee76491 Faulting application path: C:\Windows\system32\tzsync.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: b98ab385-13a9-47d9-94a0-fd71cd8539e0 Faulting package full name: Faulting package-relative application ID: Error: (04/16/2019 09:06:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: tzsync.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.IOException at Microsoft.Win32.RegistryKey.Win32Error(Int32, System.String) at Microsoft.Win32.RegistryKey.GetValueKind(System.String) at TimeZoneSyncTask.DynamicDstTransform.GetDynamicDstRange(Microsoft.Win32.RegistryKey, System.Collections.Generic.Dictionary`2<System.String,System.String>) at TimeZoneSyncTask.TimeZoneSync.Sync() at TimeZoneSyncTask.Program.Main(System.String[]) Error: (04/16/2019 08:38:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: tzsync.exe, version: 10.0.17763.1, time stamp: 0xc5d97414 Faulting module name: KERNELBASE.dll, version: 10.0.17763.404, time stamp: 0x2528b630 Exception code: 0xe0434352 Fault offset: 0x0000000000039129 Faulting process id: 0x1cac Faulting application start time: 0x01d4f4be4c794154 Faulting application path: C:\Windows\system32\tzsync.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: b7694e25-31c4-4a75-ad61-c31490543e32 Faulting package full name: Faulting package-relative application ID: Error: (04/16/2019 08:38:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: tzsync.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.IOException at Microsoft.Win32.RegistryKey.Win32Error(Int32, System.String) at Microsoft.Win32.RegistryKey.GetValueKind(System.String) at TimeZoneSyncTask.DynamicDstTransform.GetDynamicDstRange(Microsoft.Win32.RegistryKey, System.Collections.Generic.Dictionary`2<System.String,System.String>) at TimeZoneSyncTask.TimeZoneSync.Sync() at TimeZoneSyncTask.Program.Main(System.String[]) System errors: ============= Error: (04/21/2019 07:24:53 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR27. Error: (04/21/2019 06:56:43 PM) (Source: Netwtw04) (EventID: 5007) (User: ) Description: 5007 - TX/CMD timeout (TfdQueue hanged) Error: (04/21/2019 06:56:43 PM) (Source: Netwtw04) (EventID: 5007) (User: ) Description: 5007 - TX/CMD timeout (TfdQueue hanged) Error: (04/21/2019 06:55:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. Error: (04/21/2019 06:54:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. Error: (04/21/2019 06:53:54 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: F:\Device\HarddiskVolume1283 Error: (04/21/2019 06:53:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/21/2019 06:53:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2019-04-21 19:47:37.214 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {BB5E1D93-DC0D-404C-9749-26127D0446A7} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-04-17 05:30:16.112 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {6E6DB802-0EC6-4A7B-B1C6-751EB48B79CD} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-04-17 05:20:10.385 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {E21042B2-F295-4679-A991-8D32A18D4222} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-04-17 02:01:44.516 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {4E48FC28-B33C-4C02-9F94-A2FB399420AE} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-04-10 20:03:40.558 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {677C8D33-1F9C-482D-831A-358E8BA1E4F4} Scan Type: Antimalware Scan Parameters: Quick Scan CodeIntegrity: =================================== Date: 2019-03-29 20:49:44.532 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.527 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.499 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.494 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.488 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.481 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.267 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2019-03-29 20:49:44.258 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz Percentage of memory in use: 20% Total physical RAM: 24525.17 MB Available physical RAM: 19491.99 MB Total Virtual: 28109.17 MB Available Virtual: 22322.59 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.61 GB) (Free:404.07 GB) NTFS Drive d: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1796.45 GB) NTFS Drive f: (Files) (Fixed) (Total:915.4 GB) (Free:736.44 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{ab035e53-6f61-40b6-8767-8aa124b79c49}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.58 GB) NTFS \\?\Volume{476e60f6-d2c8-4698-8802-74bfd61a6acd}\ (Restore) (Fixed) (Total:15.01 GB) (Free:5.6 GB) NTFS \\?\Volume{574189c7-866d-4827-ba95-2d91436892f1}\ () (Fixed) (Total:0.5 GB) (Free:0.47 GB) FAT32 \\?\Volume{0ba38e2c-f20a-4948-9e32-fb93f333cf9a}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 447.1 GB) (Disk ID: 48859041) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 48859041) Partition: GPT. ======================================================== Disk: 2 (Size: 1863 GB) (Disk ID: 16F2A91F) Partition: GPT. ==================== End of Addition.txt ============================
  2. Hi. My Malwarebytes gave me a message of "Attempt to execute VBScript blocked". I guess I'm infected. Is there anything I can do?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.