Jump to content

Helpmeplease1112

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. No logs, but under desktop there's a notepad "fixlog", the one I gave to you before. Under FRST/Logs it still looks the same as the picture I sent. No idea what's going on.
  2. Did that, it's been running for two days now and hasn't stopped nor given me a log. Is there something I can do?
  3. Sorry, had an event to attend. Here's the file. Talk to you tomorrow! Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017 Ran by 10 USER (10-01-2017 18:23:14) Run:1 Running from C:\Users\10 USER\Desktop Loaded Profiles: 10 USER (Available Profiles: 10 USER) Boot Mode: Normal ============================================== fixlist content: ***************** Start CreateRestorePoint: CloseProcesses: E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.) C:\Users\10 USER\AppData\Roaming\Dashlane HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] () HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] () BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\10 USER\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-12-07] (Dashlane, Inc.) Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\10 USER\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-12-07] (Dashlane, Inc.) CHR Extension: (Dashlane) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-01-04] U4 aspnet_state; no ImagePath C:\Users\10 USER\Desktop\Dashlane.lnk C:\Users\10 USER\AppData\LocalLow\Dashlane C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane C:\Users\10 USER\AppData\Roaming\Dashlane C:\Program Files (x86)\Dashlane C:\Users\10 USER\Downloads\Dashlane_Launcher_bchrome-1481560411.exe C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00441216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00471424 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 63176576 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00292736 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 06329216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 07633280 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 13821312 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 02285440 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00334720 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.6.5.21982.dll Hosts: CMD: ipconfig /flushDNS EmptyTemp: end ***************** Restore point was successfully created. Processes closed successfully. "E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe" => not found. HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Dashlane => value removed successfully C:\Users\10 USER\AppData\Roaming\Dashlane => moved successfully HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DashlanePlugin => value removed successfully
  4. Did the Adwcleaner and restarted.. here's the file(s) Another thing: Do I put the fixlist in the FRST folder or the place where the FRST text file is? AND, do I scan again and THEN fix after fixlist is in the FRST place? (CO) ~~~~~~~~~~~~~ # AdwCleaner v6.042 - Logfile created 10/01/2017 at 15:37:21 # Updated on 06/01/2017 by Malwarebytes # Database : 2017-01-10.2 [Server] # Operating System : Windows 10 Pro (X64) # Username : 10 USER - 10USER-PC # Running from : C:\Users\10 USER\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\10 USER\AppData\Local\DriverToolkit [-] Folder deleted: C:\Program Files (x86)\DriverToolkit ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\DriverToolkit [#] Key deleted on reboot: HKCU\Software\DriverToolkit [#] Key deleted on reboot: [x64] HKCU\Software\DriverToolkit ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1078 Bytes] - [10/01/2017 15:37:21] C:\AdwCleaner\AdwCleaner[S0].txt - [1362 Bytes] - [10/01/2017 15:36:47] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1224 Bytes] ########## ~~~~~~~~~~~ (SO) # AdwCleaner v6.042 - Logfile created 10/01/2017 at 15:36:47 # Updated on 06/01/2017 by Malwarebytes # Database : 2017-01-10.2 [Server] # Operating System : Windows 10 Pro (X64) # Username : 10 USER - 10USER-PC # Running from : C:\Users\10 USER\Desktop\AdwCleaner.exe # Mode: Scan # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Folder Found: C:\Users\10 USER\AppData\Local\DriverToolkit Folder Found: C:\Program Files (x86)\DriverToolkit ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious keys found. ***** [ Shortcuts ] ***** No infected shortcut found. ***** [ Scheduled Tasks ] ***** No malicious task found. ***** [ Registry ] ***** Key Found: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\DriverToolkit Key Found: HKCU\Software\DriverToolkit Key Found: [x64] HKCU\Software\DriverToolkit ***** [ Web browsers ] ***** No malicious Firefox based browser items found. No malicious Chromium based browser items found. ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [1206 Bytes] - [10/01/2017 15:36:47] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1279 Bytes] ########## ~~~~~~~~~~~ Running rogue's scan now. I think it's grabbing programs and installing them. Should I turn off wifi? My uncle said to do that while cleaning the malware.
  5. I already quarantined two PUP's Malwarebytes found before your reply, I'm posting that log file as well. https://gyazo.com/e39f53c6a0a2478737f9378de5ecd1d4 https://gyazo.com/2aa4537b6b8fb186553490a034feb509 Also, it quarantined the textbook file, but the admin pop-up for permission is still happening. *Note: I didn't restart the computer like it said to.. I was waiting for this and instructions. Should I do that now? My system is a 64 Bit. Quarantined items/scan log file: ~ Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/10/17 Scan Time: 1:03 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.5.1299 Components Version: 1.0.43 Update Package Version: 1.0.970 License: Trial -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: 10USER-PC\10 USER -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 368089 Time Elapsed: 13 min, 2 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 2 PUP.Optional.DriverDetective, C:\$RECYCLE.BIN\S-1-5-21-2252375925-3716301909-4049155379-1000\$RAAHR5M.EXE, Delete-on-Reboot, [1877], [335971],1.0.970 Adware.FileFinder, C:\USERS\10 USER\APPDATA\LOCAL\TEMP\LIFE_SCIENCE_TEXTBOOK_7TH_GRADE_MCGRAW-HILL_PDF_DOWNLOAD__NKR2B8.EXE, Delete-on-Reboot, [756], [358410],1.0.970 Physical Sector: 0 (No malicious items detected) (end) ~~ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017 Ran by 10 USER (administrator) on 10USER-PC (10-01-2017 14:27:32) Running from C:\Users\10 USER\Desktop Loaded Profiles: 10 USER & (Available Profiles: 10 USER) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Flux Software LLC) C:\Users\10 USER\AppData\Local\FluxSoftware\Flux\flux.exe (Dashlane, Inc.) C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe () C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\onenoteim.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe () E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Update\GoogleUpdate.exe (Microsoft Corporation) C:\Windows\System32\consent.exe (Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-01-04] (Microsoft Corporation) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.5\bin\EpmNews.exe HKLM-x32\...\Run: [EaseUS Cleanup] => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.5\bin\CleanUpUI.exe" 10 300 HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Google Update] => C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-02] (Google Inc.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [f.lux] => C:\Users\10 USER\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-05] (Flux Software LLC) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] () HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-01-10] (Nota Inc.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Google Update] => C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-02] (Google Inc.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [f.lux] => C:\Users\10 USER\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-05] (Flux Software LLC) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.) HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] () HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-01-10] (Nota Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2 Tcpip\..\Interfaces\{7ffe0e8d-9d04-4bd8-a502-195a372632c0}: [DhcpNameServer] 75.114.81.1 75.114.81.2 Internet Explorer: ================== HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\10 USER\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-12-07] (Dashlane, Inc.) Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\10 USER\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-12-07] (Dashlane, Inc.) FireFox: ======== FF DefaultProfile: mlj.daybyday@gmail.com FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-27] (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000: @tools.google.com/Google Update;version=3 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000: @tools.google.com/Google Update;version=9 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075: @tools.google.com/Google Update;version=3 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075: @tools.google.com/Google Update;version=9 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default [2017-01-10] CHR Extension: (Google Slides) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-24] CHR Extension: (Google Docs) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-24] CHR Extension: (Google Drive) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24] CHR Extension: (Brushed) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2016-04-24] CHR Extension: (YouTube) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-24] CHR Extension: (Adblock Plus) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-03] CHR Extension: (Dashlane) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-01-04] CHR Extension: (Full Page Screen Capture) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2017-01-03] CHR Extension: (Google Sheets) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-24] CHR Extension: (Google Docs Offline) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24] CHR Extension: (AdBlock) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-03] CHR Extension: (Chrome Web Store Payments) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24] CHR Extension: (Gmail) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24] CHR Extension: (Chrome Media Router) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-01-04] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 e1kexpress; C:\WINDOWS\system32\DRIVERS\e1k63x64.sys [498032 2013-02-20] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] () R1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation) [File not signed] R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-10] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-10] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-10] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-10] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-10] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation ) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U4 aspnet_state; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-10 14:27 - 2017-01-10 14:27 - 00016152 _____ C:\Users\10 USER\Desktop\FRST.txt 2017-01-10 14:27 - 2017-01-10 14:27 - 00000000 ____D C:\FRST 2017-01-10 14:26 - 2017-01-10 14:26 - 02419200 _____ (Farbar) C:\Users\10 USER\Desktop\FRST64.exe 2017-01-10 14:25 - 2017-01-10 14:25 - 01761280 _____ (Farbar) C:\Users\10 USER\Desktop\FRST.exe 2017-01-10 12:57 - 2017-01-10 12:57 - 00003528 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily 2017-01-10 12:57 - 2017-01-10 12:57 - 00003392 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine 2017-01-10 12:57 - 2017-01-10 12:57 - 00001055 _____ C:\Users\Public\Desktop\Gyazo.lnk 2017-01-10 12:57 - 2017-01-10 12:57 - 00001055 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk 2017-01-10 12:57 - 2017-01-10 12:57 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Gyazo 2017-01-10 12:57 - 2017-01-10 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2017-01-10 12:56 - 2017-01-10 12:57 - 00000000 ____D C:\Program Files (x86)\Gyazo 2017-01-10 12:49 - 2017-01-10 12:56 - 13863648 _____ (Nota Inc. ) C:\Users\10 USER\Downloads\Gyazo-3.2.9.exe 2017-01-10 12:40 - 2017-01-10 14:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-01-10 12:40 - 2017-01-10 12:40 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-10 12:40 - 2017-01-10 12:40 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-01-10 12:40 - 2017-01-10 12:40 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-01-10 12:40 - 2017-01-10 12:40 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-10 12:39 - 2017-01-10 12:39 - 54199488 _____ (Malwarebytes ) C:\Users\10 USER\Downloads\mb3-setup-SEMFD.100SEM-3.0.5.1299.exe 2017-01-10 12:39 - 2017-01-10 12:39 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-01-10 12:39 - 2017-01-10 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-10 12:39 - 2017-01-10 12:39 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-10 12:39 - 2017-01-10 12:39 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-10 12:39 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-10 12:36 - 2017-01-10 12:36 - 00425984 _____ C:\Users\10 USER\Downloads\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.iso 2017-01-07 22:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-01-07 22:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-01-07 22:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-01-07 22:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-01-07 22:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-01-07 22:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-01-07 18:51 - 2017-01-07 18:52 - 00000000 ____D C:\Users\10 USER\Documents\Sound recordings 2017-01-04 21:54 - 2017-01-04 21:54 - 00002001 _____ C:\Users\10 USER\Desktop\Dashlane.lnk 2017-01-04 21:54 - 2017-01-04 21:54 - 00000000 ____D C:\Users\10 USER\AppData\LocalLow\Dashlane 2017-01-04 21:52 - 2017-01-04 21:54 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2017-01-04 21:52 - 2017-01-04 21:54 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Dashlane 2017-01-04 21:52 - 2017-01-04 21:54 - 00000000 ____D C:\Program Files (x86)\Dashlane 2017-01-04 21:52 - 2017-01-04 21:52 - 00672632 _____ (Dashlane Inc.) C:\Users\10 USER\Downloads\Dashlane_Launcher_bchrome-1481560411.exe 2017-01-04 07:13 - 2017-01-04 04:32 - 00000000 ___DC C:\WINDOWS\Panther 2017-01-04 07:10 - 2017-01-04 04:20 - 00000000 ____D C:\Windows.old 2017-01-04 07:06 - 2017-01-04 07:06 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2017-01-04 07:06 - 2017-01-04 07:06 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2017-01-04 07:06 - 2017-01-04 07:06 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2017-01-04 07:06 - 2017-01-04 07:06 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2017-01-04 07:06 - 2017-01-04 07:06 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-01-04 07:06 - 2017-01-04 07:06 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-01-04 07:06 - 2017-01-04 07:06 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2017-01-04 07:06 - 2017-01-04 07:06 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-01-04 07:06 - 2017-01-04 07:06 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2017-01-04 07:06 - 2017-01-04 07:06 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-01-04 07:06 - 2017-01-04 07:06 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2017-01-04 07:06 - 2017-01-04 07:06 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-01-04 07:06 - 2017-01-04 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL 2017-01-04 07:06 - 2017-01-04 07:06 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL 2017-01-04 07:06 - 2017-01-04 07:06 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe 2017-01-04 07:06 - 2017-01-04 07:06 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys 2017-01-04 07:06 - 2017-01-04 07:06 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2017-01-04 07:06 - 2017-01-04 07:06 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2017-01-04 07:06 - 2017-01-04 07:06 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-01-04 07:05 - 2017-01-04 07:05 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2017-01-04 07:05 - 2017-01-04 07:05 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-01-04 07:05 - 2017-01-04 07:05 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-01-04 07:05 - 2017-01-04 07:05 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2017-01-04 07:05 - 2017-01-04 07:05 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls 2017-01-04 07:05 - 2017-01-04 07:05 - 00788624 _____ C:\WINDOWS\system32\locale.nls 2017-01-04 07:05 - 2017-01-04 07:05 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2017-01-04 07:05 - 2017-01-04 07:05 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-01-04 07:05 - 2017-01-04 07:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL 2017-01-04 07:05 - 2017-01-04 07:05 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL 2017-01-04 07:05 - 2017-01-04 07:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS 2017-01-04 07:05 - 2017-01-04 07:05 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidclass.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidusb.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2017-01-04 07:05 - 2017-01-04 07:05 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb 2017-01-04 07:05 - 2017-01-04 07:05 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb 2017-01-04 07:05 - 2017-01-04 07:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL 2017-01-04 07:05 - 2017-01-04 07:05 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL 2017-01-04 07:05 - 2017-01-04 07:05 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL 2017-01-04 07:05 - 2017-01-04 07:05 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL 2017-01-04 07:05 - 2017-01-04 07:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2017-01-04 07:05 - 2017-01-04 07:05 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll 2017-01-04 06:52 - 2017-01-04 06:52 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-01-04 06:51 - 2017-01-04 06:51 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2017-01-04 06:51 - 2017-01-04 06:51 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2017-01-04 04:36 - 2017-01-04 04:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-01-04 04:33 - 2017-01-05 13:13 - 00000000 ____D C:\Users\10 USER\AppData\Local\ConnectedDevicesPlatform 2017-01-04 04:33 - 2017-01-04 04:33 - 00000020 ___SH C:\Users\10 USER\ntuser.ini 2017-01-04 04:33 - 2017-01-04 04:33 - 00000000 ____D C:\ProgramData\USOShared 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\My Documents 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\Documents\My Videos 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\Documents\My Music 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures 2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Music 2017-01-04 04:31 - 2017-01-04 04:32 - 00007623 _____ C:\WINDOWS\diagwrn.xml 2017-01-04 04:31 - 2017-01-04 04:32 - 00007623 _____ C:\WINDOWS\diagerr.xml 2017-01-04 04:27 - 2017-01-09 02:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-04 04:27 - 2017-01-04 04:27 - 00003526 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000UA 2017-01-04 04:27 - 2017-01-04 04:27 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-04 04:27 - 2017-01-04 04:27 - 00003302 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6397DD84-3E0C-4107-842E-2AD81C7C654B} 2017-01-04 04:27 - 2017-01-04 04:27 - 00003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000Core 2017-01-04 04:27 - 2017-01-04 04:27 - 00002772 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-04 04:27 - 2017-01-04 04:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2017-01-04 04:23 - 2017-01-04 04:23 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-01-04 04:23 - 2017-01-04 04:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2017-01-04 04:23 - 2017-01-04 04:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs 2017-01-04 04:20 - 2017-01-04 04:23 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-01-04 04:20 - 2017-01-04 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2017-01-04 04:19 - 2017-01-09 13:04 - 00000000 ____D C:\Users\10 USER 2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\My Documents 2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\Documents\My Videos 2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\Documents\My Pictures 2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\Documents\My Music 2017-01-04 04:16 - 2016-07-16 06:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-01-04 04:14 - 2017-01-10 12:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-04 04:14 - 2017-01-04 04:24 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-04 04:14 - 2017-01-04 04:14 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-01-03 15:39 - 2017-01-03 15:39 - 00014278 _____ C:\Users\10 USER\Downloads\Dimmer_v1.0.zip 2017-01-03 15:39 - 2017-01-03 15:39 - 00000000 ____D C:\Users\10 USER\Downloads\Dimmer_v1.0 2017-01-03 15:38 - 2017-01-03 15:38 - 00496896 _____ C:\Users\10 USER\Downloads\flux-setup.exe 2017-01-03 15:38 - 2017-01-03 15:38 - 00002209 _____ C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk 2017-01-03 15:38 - 2017-01-03 15:38 - 00000000 ____D C:\Users\10 USER\AppData\Local\FluxSoftware 2017-01-03 13:08 - 2017-01-03 13:11 - 00000000 ____D C:\Users\10 USER\Documents\School 2017-01-03 13:04 - 2017-01-03 13:04 - 00000000 ____D C:\Users\10 USER\Tracing 2017-01-03 13:03 - 2017-01-04 04:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-01-03 13:03 - 2017-01-03 13:03 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk 2017-01-03 13:03 - 2017-01-03 13:03 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-01-03 13:03 - 2017-01-03 13:03 - 00000000 ____D C:\ProgramData\Skype 2017-01-03 13:01 - 2017-01-03 13:02 - 01478616 _____ (Skype Technologies S.A.) C:\Users\10 USER\Downloads\SkypeSetup.exe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-10 14:18 - 2016-08-18 16:53 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Skype 2017-01-10 05:11 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-10 05:11 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-09 17:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-09 02:06 - 2016-05-26 02:35 - 00967778 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-09 02:01 - 2016-07-16 01:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI 2017-01-09 01:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-08 23:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-07 22:05 - 2015-10-03 09:26 - 00000000 ____D C:\Users\10 USER\AppData\Local\Packages 2017-01-07 18:46 - 2016-04-24 16:54 - 00000000 ____D C:\Users\10 USER\AppData\Local\MicrosoftEdge 2017-01-06 01:21 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-05 13:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-01-05 13:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\appcompat 2017-01-04 14:22 - 2016-04-24 16:41 - 00002506 _____ C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-01-04 07:13 - 2016-07-16 06:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-01-04 07:08 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\dsc 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\setup 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\et-EE 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\es-MX 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-01-04 07:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-01-04 07:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-01-04 07:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\servicing 2017-01-04 07:07 - 2016-07-16 06:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2017-01-04 06:41 - 2016-05-26 06:05 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2017-01-04 04:37 - 2015-10-03 09:29 - 00002412 _____ C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-04 04:37 - 2015-10-03 09:29 - 00000000 ___RD C:\Users\10 USER\OneDrive 2017-01-04 04:33 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\USOPrivate 2017-01-04 04:33 - 2016-02-13 08:22 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-04 04:32 - 2016-07-16 01:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-01-04 04:30 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-01-04 04:30 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Registration 2017-01-04 04:30 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-01-04 04:27 - 2015-10-02 23:28 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-01-04 04:26 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\Media 2017-01-04 04:26 - 2016-07-16 06:47 - 00000000 __RHD C:\Users\Public\Libraries 2017-01-04 04:23 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-04 04:23 - 2016-04-24 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2017-01-04 04:23 - 2016-04-23 18:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet 2017-01-04 04:23 - 2015-10-30 01:28 - 00000000 ____D C:\Users\Default.migrated 2017-01-04 04:21 - 2016-08-17 22:41 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\spool 2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\IME 2017-01-04 04:21 - 2016-05-26 06:16 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2017-01-04 04:21 - 2016-05-26 06:16 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 __SHD C:\Program Files\Windows Sidebar 2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\schemas 2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files\MSBuild 2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-01-04 04:20 - 2010-11-21 02:16 - 00000000 ___RD C:\Users\Public\Recorded TV 2017-01-04 04:18 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-01-04 04:16 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2017-01-04 04:16 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2017-01-04 04:16 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-04 03:35 - 2015-10-01 22:06 - 00008192 __RSH C:\BOOTSECT.BAK 2017-01-04 03:32 - 2016-07-16 10:17 - 00000000 ___HD C:\$WINDOWS.~BT 2017-01-03 13:13 - 2016-04-24 16:40 - 00000000 ____D C:\Users\10 USER\AppData\Local\Google 2017-01-03 13:13 - 2016-04-24 15:06 - 00000000 ____D C:\Users\10 USER\AppData\Local\ElevatedDiagnostics 2017-01-02 14:36 - 2015-10-01 19:57 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-02 14:34 - 2015-10-01 19:57 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-02 14:14 - 2016-04-24 17:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-12-11 18:56 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-11 18:56 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2016-05-08 15:59 - 2016-05-08 15:59 - 0005712 _____ () C:\Users\10 USER\AppData\Local\recently-used.xbel ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-01-04 04:13 ==================== End of FRST.txt ============================ ~~ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017 Ran by 10 USER (10-01-2017 14:31:03) Running from C:\Users\10 USER\Desktop Windows 10 Pro Version 1607 (X64) (2017-01-04 09:32:59) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= 10 USER (S-1-5-21-2252375925-3716301909-4049155379-1000 - Administrator - Enabled) => C:\Users\10 USER Administrator (S-1-5-21-2252375925-3716301909-4049155379-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2252375925-3716301909-4049155379-503 - Limited - Disabled) Guest (S-1-5-21-2252375925-3716301909-4049155379-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2252375925-3716301909-4049155379-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Dashlane (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Dashlane) (Version: 4.6.5.21982 - Dashlane, Inc.) Dashlane (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Dashlane) (Version: 4.6.5.21982 - Dashlane, Inc.) f.lux (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Flux) (Version: - ) f.lux (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Flux) (Version: - ) GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team) Google Chrome (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Chrome (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Gyazo 3.2.9 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {112F2418-6970-409F-B5C6-6D376BA59538} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {13F64576-D9F2-4AF9-9551-C8D0109C3B46} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {1D59AF43-3BD1-4C28-BB65-7AF9C4BC3C12} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {26230C06-1420-44E1-A373-823C0D454A13} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2FB191A9-BE95-450B-9339-F64AE585E457} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {32CD3026-2049-4099-B468-EC53F57396BD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {32EE931F-CE49-4BFC-A322-E1C6F8C87656} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {393FBEDA-3D31-4D6D-84FA-993DD9F12CEE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {3E570EF4-E82F-4EF4-BBDC-5701DD006409} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3EFC3DFC-EA74-4073-8420-469EFACEA906} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {4B85DAA6-2279-4436-ADCF-864D8E54B013} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000Core => C:\Users\10 USER\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.) Task: {5B65DA86-395F-4FA8-A842-6FEECFFB828D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {68DD3895-C4FB-40D2-9E94-A7FE6D6CFD8A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {6D5F56BD-07AF-41E6-BF64-C5EA47161B10} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6DE30546-6FDD-440F-B85A-0A6025EABA1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {75445D5F-9700-4BD9-9B4D-DD7CC6B4E8EF} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-01-10] () Task: {7DF73643-C41B-4271-BD6C-9883025F8ECF} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {84209DF4-626B-48AA-B9A3-A13E584A10B6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {86ED0A45-4CCE-4877-B926-C9E040458E8A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9E5B0A99-5713-4DA6-AB5C-361CA80105A8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {9E824CBC-70E2-4064-9B05-A97D9C761923} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {A0BE4762-3D76-4A01-BB91-EE925A00E53A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {A27A089C-D6A6-4664-82AE-10BFFEEB2005} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {A467F6C4-0854-4175-94FA-947BF3AC8ECD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000UA => C:\Users\10 USER\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.) Task: {ADFF26C7-5F0D-4E7E-88F2-6A7612D6FE88} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B2A5B4CD-3ADA-46E6-B65A-8A9BE96EEE69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {BA0A7AA7-E683-4B43-83CF-F88F6A9AB566} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {BC746126-4B49-4AEF-81DF-559CBC3461F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C161E474-228A-4A4B-8AC1-92A0FF58F761} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {C3EE6DE8-007C-4C79-B928-67382CD78D1B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {CE9D06AD-19E8-47EA-A51A-57183FC54F01} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D753A7F7-61AF-4A06-AF41-4E590A921235} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-01-10] () Task: {D7DE55E0-4907-4CD7-B914-942848D251B1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E1E90F4B-FFA8-4E52-BF3D-3D1A09EE861E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E42E8A7E-4FB9-4316-866D-8DCCBC2BE487} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {ECA2804C-DD27-432C-9C09-8040EFE26A4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {ECB6F31E-3539-404E-95E5-9AA94FDBEF0F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F1496E97-8669-45EF-A0B9-AF04C2EF976C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F4C02728-87A2-4A90-8441-83D9DA768533} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-23 18:22 - 2016-01-11 12:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2017-01-04 04:37 - 2017-01-04 04:37 - 01678560 _____ () C:\Users\10 USER\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\amd64\ClientTelemetry.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-04 07:05 - 2017-01-04 07:05 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-01-04 21:54 - 2016-12-07 14:22 - 00536960 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe 2017-01-04 05:07 - 2017-01-04 05:08 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-01-04 05:07 - 2017-01-04 05:08 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-01-04 05:07 - 2017-01-04 05:08 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-01-04 05:07 - 2017-01-04 05:08 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll 2017-01-02 14:32 - 2017-01-02 14:33 - 01369288 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2017-01-04 05:09 - 2017-01-04 05:09 - 13017288 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll 2017-01-04 05:09 - 2017-01-04 05:09 - 00150216 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\textinputdriver.dll 2017-01-02 14:58 - 2017-01-02 15:08 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe 2017-01-10 12:36 - 2017-01-10 12:36 - 00053881 ____R () E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe 2017-01-10 12:39 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-10 12:39 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2017-01-10 12:39 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-01-04 07:06 - 2017-01-04 07:06 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2017-01-04 04:37 - 2017-01-04 04:37 - 01244376 _____ () C:\Users\10 USER\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\ClientTelemetry.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00344960 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00441216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00471424 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 63176576 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00292736 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 06329216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 07633280 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 13821312 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 02285440 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.6.5.21982.dll 2017-01-04 21:53 - 2016-12-07 14:14 - 00334720 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.6.5.21982.dll 2016-10-27 06:35 - 2016-10-27 06:35 - 22825144 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll 2016-05-03 09:41 - 2016-05-03 09:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll 2016-10-27 06:35 - 2016-10-27 06:35 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll 2017-01-02 14:27 - 2016-12-08 02:29 - 01829208 _____ () C:\Users\10 USER\AppData\Local\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2017-01-02 14:27 - 2016-12-08 02:29 - 00085848 _____ () C:\Users\10 USER\AppData\Local\Google\Chrome\Application\55.0.2883.87\libegl.dll 2017-01-10 12:36 - 2017-01-10 12:36 - 00011264 _____ () C:\Users\10 USER\AppData\Local\Temp\nsqE451.tmp\System.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141619797\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141619922\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg DNS Servers: 75.114.81.1 - 75.114.81.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{8DF5A8DC-2B0C-4254-A47E-C90FAC587922}] => C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Restore Points ========================= 04-01-2017 06:34:27 Windows Update 07-01-2017 22:06:21 Windows Modules Installer ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/10/2017 02:13:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000604 Fault offset: 0x0000000000000000 Faulting process id: 0x1474 Faulting application start time: 0x01d26b75a4daddfc Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: unknown Report Id: 2c124740-b08e-441b-8efe-162b366f6151 Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (01/10/2017 02:13:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000604 Fault offset: 0x0000000000000000 Faulting process id: 0x1474 Faulting application start time: 0x01d26b75a4daddfc Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe Faulting module path: unknown Report Id: a5144fdf-c05f-4915-8ebe-a8405365e747 Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (01/10/2017 01:01:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbam.exe, version: 3.0.0.865, time stamp: 0x584ee8a0 Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a1dc Exception code: 0xc0000005 Fault offset: 0x00192cf1 Faulting process id: 0xe44 Faulting application start time: 0x01d26b68a0e08e28 Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report Id: 745bd8a5-b0d5-40df-bc82-4913b910b6fc Faulting package full name: Faulting package-relative application ID: Error: (01/09/2017 02:41:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Skype.exe version 7.30.0.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 754 Start Time: 01d26a466a52259a Termination Time: 105 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 98aa3def-d6a3-11e6-8d84-000b819d8ea3 Faulting package full name: Faulting package-relative application ID: Error: (01/07/2017 10:06:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (01/07/2017 06:56:09 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Skype.exe version 7.30.0.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1764 Start Time: 01d267e61dabf0f9 Termination Time: 12 Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: d89ee25d-d534-11e6-a2f3-782bcb871252 Faulting package full name: Faulting package-relative application ID: Error: (01/07/2017 06:51:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8 Exception code: 0xc000027b Fault offset: 0x00000000006d675b Faulting process id: 0x1538 Faulting application start time: 0x01d26940e8da5879 Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 06c778c2-d00b-48d5-91c8-e85d70d9f8a6 Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw Faulting package-relative application ID: App Error: (01/07/2017 06:49:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8 Exception code: 0xc000027b Fault offset: 0x00000000006d675b Faulting process id: 0xb70 Faulting application start time: 0x01d26940a2125d4b Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 4e665596-0aff-4997-9f82-0fbce76f8f2e Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw Faulting package-relative application ID: App Error: (01/07/2017 06:48:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8 Exception code: 0xc000027b Fault offset: 0x00000000006d675b Faulting process id: 0x20a8 Faulting application start time: 0x01d2694078e20afe Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 642c8883-d394-413b-80b8-7f3c6c262117 Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw Faulting package-relative application ID: App Error: (01/07/2017 06:47:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8 Exception code: 0xc000027b Fault offset: 0x00000000006d675b Faulting process id: 0xeac Faulting application start time: 0x01d269407447ac78 Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 66f379ab-3f83-46b6-ac10-b25226c6c16c Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw Faulting package-relative application ID: App System errors: ============= Error: (01/09/2017 02:02:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/09/2017 01:04:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY) Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter. Code: 8 0x0 0x0 Error: (01/09/2017 01:04:19 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY) Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter. Code: 2 0xdeaddeed 0xeeec Error: (01/09/2017 01:04:19 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY) Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter. Code: 1 0xc 0x4 Error: (01/07/2017 06:34:04 PM) (Source: DCOM) (EventID: 10016) (User: 10USER-PC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} and APPID {9E175B9C-F52A-11D8-B9A5-505054503030} to the user 10USER-PC\10 USER SID (S-1-5-21-2252375925-3716301909-4049155379-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool. Error: (01/05/2017 01:12:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/04/2017 04:51:44 AM) (Source: DCOM) (EventID: 10016) (User: 10USER-PC) Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user 10USER-PC\10 USER SID (S-1-5-21-2252375925-3716301909-4049155379-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool. Error: (01/04/2017 04:36:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/04/2017 04:32:23 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The BranchCache service terminated with the following service-specific error: This program is blocked by group policy. For more information, contact your system administrator. Error: (01/04/2017 04:32:17 AM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz Percentage of memory in use: 57% Total physical RAM: 8027.59 MB Available physical RAM: 3422.46 MB Total Virtual: 16219.59 MB Available Virtual: 10690.87 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.88 GB) (Free:399.63 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6805C28C) Partition 1: (Active) - (Size=464.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================ ~~ Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/10/17 Scan Time: 2:16 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.5.1299 Components Version: 1.0.43 Update Package Version: 1.0.971 License: Trial -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: 10USER-PC\10 USER -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 320701 Time Elapsed: 18 min, 47 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) ~
  6. Hi, I recently was on a site trying to download a textbook online and I did, and it popped up as an application in the E drive. Honestly, the fact that it was a program should've been my first hint, but I was kind of desperate to find the textbook that I tried to open it. WMI Commandline utility popped up and I knew right away it was a virus. I've had this happen before on another computer, and somehow I fixed it, however I do not remember how I did. I downloaded MalwareBytes because I've used it before and it's a good program, and I scanned both the file and the whole drive, both scans turned up clean, however I knew that the program or the program's creators probably found a way around the malware detection. I then scanned it with Virustotal, and got a number of two hits out of 50+. However, the two it showed up on was less than good. I'm sending you photos of where the program is on my drive, the virustotal report and possibly a gif of the program in action. The program keeps popping up with an administrator prompt, and no matter how many times I click no, it keeps popping up. I managed a fix-it so I can get back to my computer, a trick I used before, and now it's on my taskbar but still there. Hope you can help. Thanks! P.S. I'm really late for school so if there's any way this can be resolved quickly I'd be VERY appreciative. Thank you!! Virustotal: https://www.virustotal.com/en/file/96d238a2755e676fb8cb2df1e39deeac4814fe0a5fc77550b9ca2ba497f3bfaf/analysis/ Pictures of the virustotal: https://gyazo.com/3e18146bce16d7db79cdd2fd3ecbad0b https://gyazo.com/7f5a059a36601c3e9dc75adf935258e5 https://gyazo.com/c16bb632a6d3fa70f147ed4cd18bc3de https://gyazo.com/1ea1fa87f094fe3bb6f1f835eed7dd13 ...I think it's pretty safe to assume it's NOT a textbook. Threat scan: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/10/17 Scan Time: 1:01 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.5.1299 Components Version: 1.0.43 Update Package Version: 1.0.970 License: Trial -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: 10USER-PC\10 USER -Scan Summary- Scan Type: Hyper Scan Result: Completed Objects Scanned: 2442 Time Elapsed: 0 min, 28 sec -Scan Options- Memory: Enabled Startup: Disabled Filesystem: Disabled Archives: Enabled Rootkits: Disabled Heuristics: Disabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) -- I don't know what to do as this exceeds my knowledge of malware removal. I've never dealt with a program of this threat before. It's completely different than the other WMI commandline utility virus I had, which leads me to think that it's a different program masquerading as another. Maybe I'm wrong. Please help. UPDATE: Scanning whole PC with Malwarebytes reveals two extra programs so I believe it's grabbing things from the internet and installing them. I'm getting on another PC to go on here and turning internet off in a moment so it can't download extra programs.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.