markyy

proxy always active farbar results Users shortcut scan result (x64) Version: 30-04-2017 Ran by MARK (30-04-2017 15:38:27) Running from C:\Users\Confidential\Desktop Boot Mode: Normal ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Alieca\Links\Desktop.lnk -> C:\Users\Confidential\Desktop () Shortcut: C:\Users\Alieca\Links\Downloads.lnk -> C:\Users\Confidential\Downloads () Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Confidential\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Alieca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Confidential\Documents () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Confidential\Downloads () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Confidential\Music () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Confidential\Pictures () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Confidential\Videos () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Confidential () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0\WinZip 21.0.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\Vegas Pro 14.0 (64-bit).lnk -> C:\Program Files\VEGAS\VEGAS Pro 14.0\vegas140.exe (MAGIX Computer Products Intl. Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\VEGAS Pro 14.0 Readme.lnk -> C:\Program Files\VEGAS\VEGAS Pro 14.0\readme\Vegas_readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS\VEGAS Pro 14.0\Video Capture 6.0 Readme.lnk -> C:\Program Files\VEGAS\VEGAS Pro 14.0\readme\Videocapture_readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Configure Tux Paint.lnk -> C:\Program Files (x86)\TuxPaint\tuxpaint-config.exe (New Breed Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Licence.lnk -> C:\Program Files (x86)\TuxPaint\docs\COPYING.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Readme.lnk -> C:\Program Files (x86)\TuxPaint\docs\html\README.html () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Uninstall Tux Paint.lnk -> C:\Program Files (x86)\TuxPaint\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst\The Walking Dead\Start game The Walking Dead.lnk -> C:\R.G. Catalyst\The Walking Dead\WalkingDead101.exe (Telltale Games) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst\The Walking Dead\Uninstall game The Walking Dead.lnk -> C:\R.G. Catalyst\The Walking Dead\uninstall\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe (Mojang) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Office 2016 Language Preferences.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Skype for Business Recording Manager.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OcPubMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Telemetry Dashboard for Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msotd.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Telemetry Log for Office 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\msoev.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake YouTube To MP3 Boom.lnk -> C:\Program Files (x86)\Freemake\Freemake YouTube To MP3 Boom\FreemakeYB.exe (Freemake) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound\Rapture3D - Help.lnk -> C:\Program Files (x86)\BRS\rapture3dgame.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound\Rapture3D - Speaker Layout.lnk -> C:\Program Files (x86)\BRS\UserLayout.exe (Blue Ripple Sound Limited) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Active Window Info (Window Spy).lnk -> C:\Program Files\AutoHotkey\AU3_Spy.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Help File.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey Setup.lnk -> C:\Program Files\AutoHotkey\Installer.ahk () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\AutoHotkey.lnk -> C:\Program Files\AutoHotkey\AutoHotkey.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Convert .ahk to .exe.lnk -> C:\Program Files\AutoHotkey\Compiler\Ahk2Exe.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey\Website.lnk -> C:\Program Files\AutoHotkey\AutoHotkey Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS GPU TweakII.lnk -> C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe (TODO: <Company name>) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\Links\Desktop.lnk -> C:\Users\Confidential\Desktop () Shortcut: C:\Users\Confidential\Links\Downloads.lnk -> C:\Users\Confidential\Downloads () Shortcut: C:\Users\Confidential\Downloads\Documents - Shortcut.lnk -> C:\Users\Confidential\Documents () Shortcut: C:\Users\Confidential\Desktop\Adobe Photoshop CS6.lnk -> C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Adobe Photoshop CS6\PhotoshopCS6.exe (PortableAppZ.blogspot.com) Shortcut: C:\Users\Confidential\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Confidential\Desktop\HandBrake.lnk -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) Shortcut: C:\Users\Confidential\Desktop\itch.lnk -> C:\Users\Confidential\AppData\Local\itch\itch.exe (Itch Corp) Shortcut: C:\Users\Confidential\Desktop\Minecraft Windows 10 Edition.lnk -> Tile and icon assets Shortcut: C:\Users\Confidential\Desktop\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Confidential\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZombieModding\Mods\aliendefense.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at WarCoDWaW.exe (No File) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZombieModding\Mods\BO2 Hijacked Zombies v1.3.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at WarCoDWaW.exe (No File) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZombieModding\Mods\mw2rust_1.01.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at WarCoDWaW.exe (No File) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZombieModding\Mods\Return_To_Stairway_To_Hell.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at WarCoDWaW.exe (No File) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZombieModding\Mods\Spongebob_ZMv1.1.lnk -> C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at WarCoDWaW.exe (No File) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6\Project64 1.6.lnk -> C:\Program Files (x86)\Project64 1.6\Project64.exe () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk -> C:\Users\Confidential\AppData\Local\MEGAsync\MEGA Website.url () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk -> C:\Users\Confidential\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk -> C:\Users\Confidential\AppData\Local\MEGAsync\uninst.exe (MEGA Limited) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itch Corp\itch.lnk -> C:\Users\Confidential\AppData\Local\itch\itch.exe (Itch Corp) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake\HandBrake.lnk -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake\Uninstall.lnk -> C:\Program Files\HandBrake\uninst.exe () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake YouTube To MP3 Boom.lnk -> C:\Program Files (x86)\Freemake\Freemake YouTube To MP3 Boom\Uninstall\unins000.exe () Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Confidential\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\Links\Desktop.lnk -> C:\Users\Confidential\Desktop () Shortcut: C:\Users\Kurt\Links\Downloads.lnk -> C:\Users\Confidential\Downloads () Shortcut: C:\Users\Kurt\Desktop\Spotify.lnk -> C:\Users\Confidential\AppData\Roaming\Spotify\Spotify.exe (No File) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Confidential\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Confidential\AppData\Roaming\Spotify\Spotify.exe (No File) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment) Shortcut: C:\Users\Public\Desktop\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries) Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) ShortcutWithArgument: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults ShortcutWithArgument: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices ShortcutWithArgument: C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0 ShortcutWithArgument: C:\Users\Alieca\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip Background Tools.lnk -> C:\Program Files\WinZip\WzBGTools.exe (WinZip Computing, S.L.) -> /bgtconfig ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Tux Paint (Full Screen).lnk -> C:\Program Files (x86)\TuxPaint\tuxpaint.exe (New Breed Software) -> --fullscreen native ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Tux Paint (Windowed).lnk -> C:\Program Files (x86)\TuxPaint\tuxpaint.exe (New Breed Software) -> --windowed ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Database Compare 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\DATABASECOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Office 2016 Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools\Spreadsheet Compare 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\DCF\SPREADSHEETCOMPARE.EXE" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Remove HitmanPro 3.7.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.) -> /uninstall ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company) -> uninstall=all ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6\Uninstall Project64 1.6.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {9559F7CA-5E34-4237-A2D9-D856464AD727} ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\gorescript classic.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bbohlinegjlacogbjchanihbiiboabcp ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Netflix.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=eppojlglocelodeimnohnlnionkobfln ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Twitch.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=comkdlimbkhemidbbpchhepidbmjpnhh ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0 ShortcutWithArgument: C:\Users\Confidential\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0 ShortcutWithArgument: C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults ShortcutWithArgument: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices ShortcutWithArgument: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Kurt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0 ShortcutWithArgument: C:\Users\Kurt\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} InternetURL: C:\Users\Alieca\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tux Paint\Tux Paint on the Web.url -> URL: hxxp://www.tuxpaint.org/?lang=en InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst\The Walking Dead\Release of BestRepack.NET.url -> URL: hxxp://bestrepack.net InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxp://java.com/help InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxp://java.com/ InternetURL: C:\Users\Confidential\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Confidential\Desktop\Assassin's Creed III.url -> URL: uplay://launch/54/1 InternetURL: C:\Users\Confidential\Desktop\ASTRONEER.url -> URL: steam://rungameid/361420 InternetURL: C:\Users\Confidential\Desktop\Borderlands 2.url -> URL: steam://rungameid/49520 InternetURL: C:\Users\Confidential\Desktop\Call of Duty World at War.url -> URL: steam://rungameid/10090 InternetURL: C:\Users\Confidential\Desktop\CSGO.url -> URL: steam://rungameid/730 InternetURL: C:\Users\Confidential\Desktop\DiRT 3 Complete Edition.url -> URL: steam://rungameid/321040 InternetURL: C:\Users\Confidential\Desktop\Galactic Civilizations I Ultimate Edition.url -> URL: steam://rungameid/214150 InternetURL: C:\Users\Confidential\Desktop\Garry's Mod.url -> URL: steam://rungameid/4000 InternetURL: C:\Users\Confidential\Desktop\H1Z1 King of the Kill.url -> URL: steam://rungameid/433850 InternetURL: C:\Users\Confidential\Desktop\Paladins.url -> URL: steam://rungameid/444090 InternetURL: C:\Users\Confidential\Desktop\Rocket League.url -> URL: steam://rungameid/252950 InternetURL: C:\Users\Confidential\Desktop\SMITE.url -> URL: steam://rungameid/386360 InternetURL: C:\Users\Confidential\Desktop\Splinter Cell Blacklist.url -> URL: uplay://launch/91/0 InternetURL: C:\Users\Confidential\Desktop\The Bureau XCOM Declassified.url -> URL: steam://rungameid/65930 InternetURL: C:\Users\Confidential\Desktop\The Witcher 3 Wild Hunt.url -> URL: steam://rungameid/292030 InternetURL: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WATCH_DOGS® 2.url -> URL: uplay://launch/2688/0 InternetURL: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Call of Duty World at War.url -> URL: steam://rungameid/10090 InternetURL: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> URL: steam://rungameid/730 InternetURL: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\H1Z1 King of the Kill Test Server.url -> URL: steam://rungameid/439700 InternetURL: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\H1Z1 King of the Kill.url -> URL: steam://rungameid/433850 InternetURL: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Team Fortress 2.url -> URL: steam://rungameid/440 InternetURL: C:\Users\Confidential\AppData\Local\MEGAsync\MEGA Website.url -> URL: hxxp://www.mega.nz InternetURL: C:\Users\Kurt\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Kurt\Desktop\Fistful of Frags.url -> URL: steam://rungameid/265630 InternetURL: C:\Users\Kurt\Desktop\mail.google.com.url -> URL: hxxps://mail.google.com/mail/u/0/#inbox InternetURL: C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Fistful of Frags.url -> URL: steam://rungameid/265630 ==================== End of Shortcut.txt ============================= Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2017 Ran by MARK (administrator) on DESKTOP-KNJ0HR4 (30-04-2017 15:37:01) Running from C:\Users\Confidential\Desktop Loaded Profiles: MARK (Available Profiles: defaultuser0 & MARK & Alieca & Kurt) Platform: Windows 10 Education Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Installer Technology Co.) C:\Program Files (x86)\BrowserSafer\BrowserSafer.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Daybreak Game Company) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\GameLauncherCefChildProcess.exe () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\GameLauncherCefChildProcess.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Confidential\Desktop\FRST64 (1).exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [BrowserSafer] => "C:\Program Files (x86)\BrowserSafer\BrowserSaferMngr.exe" HKU\S-1-5-21-336961583-835040132-1409505315-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-25] (Valve Corporation) HKU\S-1-5-21-336961583-835040132-1409505315-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX64.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX32.dll [2016-10-31] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-01-01] ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-01-01] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:13101 ProxyEnable: [S-1-5-21-336961583-835040132-1409505315-1001] => Proxy is enabled. ProxyServer: [S-1-5-21-336961583-835040132-1409505315-1001] => http=127.0.0.1:13101 Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25 Tcpip\..\Interfaces\{d526573e-eb5b-45d8-ad75-cd3f11075b1d}: [DhcpNameServer] 192.168.0.1 205.171.3.25 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-28] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-28] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-05] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-03-31] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-03-31] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vflz7uhzw.ico CHR Profile: C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default [2017-04-30] CHR Extension: (Google Slides) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-04] CHR Extension: (YouTube) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2017-03-24] CHR Extension: (Google Docs) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-04] CHR Extension: (Google Drive) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-04] CHR Extension: (gorescript classic) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlinegjlacogbjchanihbiiboabcp [2017-04-18] CHR Extension: (MEGA) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-04-28] CHR Extension: (YouTube) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-04] CHR Extension: (Adblock Plus) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21] CHR Extension: (Typewriter Sounds) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjgplikomfepokpgoiomongcpddafcdl [2017-03-11] CHR Extension: (Twitch) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\comkdlimbkhemidbbpchhepidbmjpnhh [2017-03-24] CHR Extension: (Netflix) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppojlglocelodeimnohnlnionkobfln [2017-03-27] CHR Extension: (Google Sheets) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-04] CHR Extension: (Google Docs Offline) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08] CHR Extension: (Gmail) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-04] CHR Extension: (Chrome Media Router) - C:\Users\Confidential\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-28] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-12] () R2 BrowserSafer; C:\Program Files (x86)\BrowserSafer\BrowserSafer.exe [563712 2016-12-22] (Installer Technology Co.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation) S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [107520 2016-10-17] (Freemake) [File not signed] S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries) S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-23] (Hi-Rez Studios) [File not signed] S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2017-03-09] (SurfRight B.V.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-06-01] (Intel Corporation) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-03-31] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-04-26] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-01-02] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2017-03-24] () R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-10-24] (ASUSTeK Computer Inc.) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-04-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47552 2017-04-26] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-04-26] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2016-12-26] (Realtek ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X] ========================== Drivers MD5 ======================= C:\Windows\System32\drivers\1394ohci.sys A7901875F89D011C38CF52C98ACF5B29 C:\Windows\System32\drivers\3ware.sys EE1CCC54F75C24727A218F98FC5349DA C:\Windows\System32\drivers\ACPI.sys 73C73E1AA0D4D727A04AAAB120B7F56A C:\Windows\System32\drivers\AcpiDev.sys 0935496EF9624B46B935CB35ECE1F205 C:\Windows\System32\Drivers\acpiex.sys D6794C31F4077B71433988787BAA926E C:\Windows\System32\drivers\acpipagr.sys FE5F656D6B35089DA39112E74EC6A85A C:\Windows\System32\drivers\acpipmi.sys 2F242941E4DFF69B883D77A16F039557 C:\Windows\System32\drivers\acpitime.sys C247E35A21682DA8D0DC3AF9F025FCC5 C:\Windows\System32\drivers\ADP80XX.SYS 49B9DB97AFC85DCCBDACDAB2E90085B7 C:\Windows\system32\drivers\afd.sys 323AA1953ED9C01E23F740FA891FE064 C:\Windows\System32\DRIVERS\ahcache.sys 23522E5D581F7722B1B5B86737CAE39C C:\Windows\System32\drivers\amdk8.sys DF21E05E41E5AC3F13F304D91457649A C:\Windows\System32\drivers\amdppm.sys 45D0AA4BB90B821DF92E8F19ABED0C5E C:\Windows\System32\drivers\amdsata.sys 74FFBC43B4B899C9A8CA06A892F2CE73 C:\Windows\System32\drivers\amdsbs.sys AAB0F1D8D7E54761ABAB13AF161F1680 C:\Windows\System32\drivers\amdxata.sys F91BAAC4237C40352A807000F3B716F9 C:\Windows\System32\drivers\appid.sys BC121C099C6C659126AD2102AFDFF8CF C:\Windows\System32\drivers\applockerfltr.sys 68190E2BADF23BD782344970E5B5DE9E C:\Windows\system32\drivers\AppvStrm.sys B66ED2CB37F7E4696A51612AFBA08834 C:\Windows\system32\drivers\AppvVemgr.sys 8DC924848E20F890BEFC6B31136D46BE C:\Windows\system32\drivers\AppvVfs.sys 9ADC5A8BEE10E174F95349E9232D8E76 C:\Windows\System32\drivers\arcsas.sys E6AB1F0B4C3D4E0D2A88332D76FECD03 C:\Windows\System32\drivers\asyncmac.sys 61C5A480C43E7E8E49C42869F49D0D3E C:\Windows\System32\drivers\atapi.sys A10F989A812B57B9695F6C305907C9C6 C:\Windows\System32\drivers\bxvbda.sys 61BAC67048CA5C1D08C48FCC8012B613 C:\Windows\System32\drivers\BasicDisplay.sys 94D6B95485BFA35D81524B0EBA0F7569 C:\Windows\System32\drivers\BasicRender.sys 2E78B31C90766FD086D2B766528E9AEA C:\Windows\System32\drivers\bcmfn.sys 3F5523DCEFE42B385659C5CB46A6B810 C:\Windows\System32\drivers\bcmfn2.sys 0B750A6A6D847E73CA48ADD7A0F5A393 C:\Windows\System32\Drivers\Beep.sys 0A508274355745EEF01C6BE3198D02C4 C:\Windows\System32\DRIVERS\bowser.sys 9CD2A4821DE379305CACB2E99AD8953A C:\Windows\System32\drivers\BthAvrcpTg.sys 722036C26D2C4E50EC2A2EC5FD678846 C:\Windows\System32\drivers\bthhfenum.sys C2E31BE025D46D189E38DD1EDF07837A C:\Windows\System32\drivers\BthHFHid.sys F7CD605FC0B0B22F3F6F247595E3A655 C:\Windows\System32\drivers\bthmodem.sys 535DC41A33630AE4C262406F9E981C03 C:\Windows\System32\drivers\buttonconverter.sys 23F9EF739F685E07482116425E7879AA C:\Windows\System32\drivers\capimg.sys 60EB6A4CE3E21887D302350631C16F26 C:\Windows\System32\DRIVERS\cdfs.sys F8FB51B9EF6372610E9B31A1D86B62FC C:\Windows\System32\drivers\cdrom.sys 613D0137C269187FA298A157E3D14A18 C:\Windows\System32\drivers\cht4sx64.sys 0AED948DA8D5F08B3D6F12E4E2089736 C:\Windows\System32\drivers\cht4vx64.sys 0002A0FDE087C1657AB31CE73077539C C:\Windows\System32\drivers\circlass.sys 6B4F90A287D75CCD78694F6790C911B2 C:\Windows\System32\drivers\CLFS.sys B72D26074E72A757D788FB1BEF8B2F2E C:\Windows\System32\drivers\registry.sys EEC3A4A98AE1A337E3CD1483AD6F2E15 C:\Windows\System32\drivers\CmBatt.sys 429623E266EF067A44E8CF148E9DFB9B C:\Windows\System32\Drivers\cng.sys 4289C913D7E2FE963ABB096AA99CB1F7 C:\Windows\System32\DRIVERS\cnghwassist.sys 3DB10C59405931E2C72EFB82C1AF97D1 C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 34C935AF2A414572B412B3556586D783 C:\Windows\System32\drivers\condrv.sys 44EEEB2382F566999287E13F2067693C C:\Windows\System32\drivers\csc.sys EC2EA2F6C6D23315C20B4829F00D0440 C:\Windows\System32\drivers\dam.sys 3BBD0073265DA6D3EFBA54B26E5D8236 C:\Windows\System32\Drivers\dfsc.sys 4BC21E937E9F9F408672D2C2CBE4A153 C:\Windows\System32\drivers\disk.sys 35B9D46560339A5A7F0CAC6ED702C817 C:\Windows\System32\drivers\dmvsc.sys 815F45161A4571C2C44491564F3D5968 C:\Windows\system32\DRIVERS\drmkaud.sys AE6BD4C879A8C849E53947C92DF3B3A0 C:\Windows\System32\drivers\dxgkrnl.sys 2DD9CF863320D5EDEA3ED9B8ED280BB0 C:\Windows\System32\drivers\evbda.sys 7EC6FC0266D74BD47ABB130A328B70EC C:\Windows\System32\drivers\EhStorClass.sys 8D74B8B5D6F7C5BC4C525BAF2B083FF1 C:\Windows\System32\drivers\EhStorTcgDrv.sys 2A9817B5A9260D8F60D52E36BEF10443 C:\Windows\System32\drivers\errdev.sys 77B60DEC7DCB4233E4A69D3F52E5DB24 C:\Windows\System32\Drivers\exfat.sys FCD2C63754C2E739A8EEAD9BC63F9DDC C:\Windows\System32\Drivers\fastfat.sys FA918EC296EB410FF02867D008D02421 C:\Windows\System32\drivers\fdc.sys 99598ECA5E41996E005D5B9D9FF1EFA2 C:\Windows\System32\drivers\filecrypt.sys F44F666B0EACC3181544FFCF8CA0FFC7 C:\Windows\System32\drivers\fileinfo.sys 78A210DDFDF2C9EC884631D2DAA573F0 C:\Windows\System32\drivers\filetrace.sys 1A97DB5E701A186989F3795223C3BE39 C:\Windows\System32\drivers\flpydisk.sys 46626665F0E5906E45619B4EFD6186B8 C:\Windows\System32\drivers\fltmgr.sys FDA72ACA14D516D18C33AFCD0FD9260F C:\Windows\System32\drivers\FsDepends.sys D152CCBFC8251670BF0AAFE00D6BC782 C:\Windows\System32\Drivers\Fs_Rec.sys 6D6BB5C7363CD35FA715E826F3D029EE C:\Windows\System32\DRIVERS\fvevol.sys 8EEC4925C03E375C4EC496E45C44139A C:\Windows\System32\drivers\vmgencounter.sys EF78034773CE506323655A868C949144 C:\Windows\System32\drivers\genericusbfn.sys B55FEBC6A00DAA1FE074F020B6907516 C:\Windows\System32\Drivers\msgpioclx.sys DDD8A8CDDC7F13EF57D1DAAE71865936 C:\Windows\System32\drivers\gpuenergydrv.sys 7ACD8F69B5D6EC97E6D2C006E19BED88 C:\Windows\system32\DRIVERS\HdAudio.sys 217230B984AB2954E2FA5E36578D7B08 C:\Windows\System32\drivers\HDAudBus.sys 10E3515FE5DBA6656FA62C29342EC4A1 C:\Windows\System32\drivers\HidBatt.sys B90D284B97CD4CA9DE7430AAAD887A56 C:\Windows\System32\drivers\hidbth.sys B2FE11643CC6ACDEE6C247DD36018FDB C:\Windows\System32\drivers\hidi2c.sys D24355488A2D4D2323518EC1AC7A6D9E C:\Windows\System32\drivers\hidinterrupt.sys 0AF9ABBA4F3F55C6C803890D64BC3C29 C:\Windows\System32\drivers\hidir.sys CDBCF8E9AB06D88A1E1191D32F320C5D C:\Windows\System32\drivers\hidusb.sys D8536CB438CC4CCDAE047B768EED22B2 C:\Windows\system32\drivers\hitmanpro37.sys E7EF785213EB121023E670B4D28BC745 C:\Windows\System32\drivers\HpSAMD.sys F5CA18197B4646E04DB9EB2D6642CC4D C:\Windows\System32\drivers\HTTP.sys A10C7C1E69FC90620C7BF2E51302A01F C:\Windows\System32\drivers\hvservice.sys 74FC79C52395B10FFD0B55CF22CF88FC C:\Windows\System32\drivers\hwpolicy.sys 771EDDA9830A3079F996F34D681FB6E5 C:\Windows\System32\drivers\hyperkbd.sys 3B9F315E7FA72CC25228EB097DD9C694 C:\Windows\System32\drivers\i8042prt.sys B54B30992620C97230013A74461C8517 C:\Windows\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F C:\Windows\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys 5A0E850F8CD17791A3E6A3CF81D0CA28 C:\Windows\System32\drivers\iaLPSS2i_I2C.sys 7508F1096803385D6376BFD0BD473AC4 C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F C:\Windows\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7 C:\Windows\System32\drivers\iaStorA.sys FAD8F30941428D201D9B235BBAB504B5 C:\Windows\System32\drivers\iaStorAV.sys 97E553D03219D3D51705C7235D9EAEBD C:\Windows\System32\drivers\iaStorV.sys 8350FE3BCDE3428BC040877BB7E9EAEB C:\Windows\System32\drivers\ibbus.sys 3BA03F7C7700DDF4C383DDE9252F5817 C:\Windows\System32\drivers\IndirectKmd.sys 2A01C96DF5802D3434634E55C91232D8 C:\Windows\System32\drivers\intelide.sys 9F7E87F6595D065A8A200A291043045E C:\Windows\System32\drivers\intelpep.sys A6BD2E20AE1BC5CB2776C87C28E4F4CA C:\Windows\System32\drivers\intelppm.sys 2A48DA39542636DB0FA3BA915385D1B3 C:\Windows\system32\drivers\IOMap64.sys 7C0766B89BACA46A5CEE48FD4F5DF2AD C:\Windows\System32\drivers\iorate.sys DB32758F3A7F6CCE81A5430080A2EA65 C:\Windows\System32\DRIVERS\ipfltdrv.sys FE85D0A86CA7A5A99CF8CD04DE7F80AE C:\Windows\System32\drivers\IPMIDrv.sys 10D01A3657AC8E8004C83D613163DE1E C:\Windows\System32\drivers\ipnat.sys F1DAECC3B3D6399875D4F10529D6A77C C:\Windows\system32\drivers\irda.sys 7475A2903BB704B446AA6309E34D3362 C:\Windows\System32\drivers\irenum.sys 9725E7F0C64CE9916A5CDABE8D6E13C3 C:\Windows\System32\drivers\isapnp.sys 58040898883A96160D41739C80328BBF C:\Windows\System32\drivers\msiscsi.sys CA20F4621AB8CD3F69199DE21B5B41C4 C:\Windows\System32\drivers\kbdclass.sys 210808437570BDDEE71A43535E3A2D30 C:\Windows\System32\drivers\kbdhid.sys 0B779E9FC426CA2268D28181FA6C222F C:\Windows\System32\drivers\kdnic.sys 813BA3EB2CE038F2A5382DDD75CAD60B C:\Windows\System32\Drivers\ksecdd.sys 705C0F8BCCEF6E7CB704CCB454192D7E C:\Windows\System32\Drivers\ksecpkg.sys 55AD13E2BAFC5AB53A10F8C271F5D242 C:\Windows\system32\drivers\ksthunk.sys 4ED115CD1A1099705F56B5E0FFF97CC6 C:\Windows\System32\drivers\lltdio.sys 5933A6673F00D8255C52957E40C2D601 C:\Windows\System32\drivers\lsi_sas.sys 8E1B0946948CCC0BC1FA3CB70374A795 C:\Windows\System32\drivers\lsi_sas2i.sys 4F68163FC04C973500DC4DA0946917B0 C:\Windows\System32\drivers\lsi_sas3i.sys E5AC5F2815938651CDCC27F425474673 C:\Windows\System32\drivers\lsi_sss.sys CCF6EC9FB9B8F18E05B4253E81013E48 C:\Windows\system32\drivers\luafv.sys C9579D32219E5B936AC3A48D470117EC C:\Windows\System32\drivers\megasas.sys C3CDCCF07486BD2616A7B82946E07AC0 C:\Windows\System32\drivers\MegaSas2i.sys 2CF0CB2A0ED68C5455371E84C16F9627 C:\Windows\System32\drivers\megasr.sys FADB2FE017E69EECE0E1BA78661C2E8C C:\Windows\System32\drivers\TeeDriverW8x64.sys EA96E9A0E593647206A2F0303E521D95 C:\Windows\System32\drivers\mlx4_bus.sys FD60818B66B2E8A5415EA840E99A9D8F C:\Windows\system32\drivers\mmcss.sys 68F6977F1CFBAAC770D940A8C0326FA1 C:\Windows\System32\drivers\modem.sys 0D50B3F3AB32D416786B58D4553859CE C:\Windows\System32\drivers\monitor.sys 9CCCB7FC3EDADEBA461D78615A6011A6 C:\Windows\System32\drivers\mouclass.sys 27A07B2FB2E3057DA8DAEA4F25D843C7 C:\Windows\System32\drivers\mouhid.sys 7BD6E7F7C9001AB21B8362CFFEE80B25 C:\Windows\System32\drivers\mountmgr.sys F5BDAEE4B7D369D4C74668DCFBA3FF10 C:\Windows\System32\drivers\mpsdrv.sys 30844BD376F9D01E62C820BEF446F1F8 C:\Windows\system32\drivers\mrxdav.sys 25D32BE04FE0A23FDF57FD5382757672 C:\Windows\System32\DRIVERS\mrxsmb.sys D559FF28B1AD9B1E15A4186E785E61F6 C:\Windows\System32\DRIVERS\mrxsmb10.sys D4D12BC29DE0F09280868FDCA65B3474 C:\Windows\System32\DRIVERS\mrxsmb20.sys 0698B15E21EA1B8742F2E7BB3142B754 C:\Windows\System32\drivers\bridge.sys 74C9D21523DAE0C18F413C196DF0058A C:\Windows\System32\Drivers\Msfs.sys F01B849D9D4A8CEAF32D4FDBD0B83C92 C:\Windows\System32\drivers\msgpiowin32.sys 22ECD8F5D1DFADF2011BBB1700CB871D C:\Windows\System32\drivers\mshidkmdf.sys FD870F6968A145E4D2BA8A8842686B03 C:\Windows\System32\drivers\mshidumdf.sys 30364757963A028CE5DF0FBAAC270173 C:\Windows\System32\drivers\msisadrv.sys 6BB0FEDDAE7135FA37FFAFF4D9E0E876 C:\Windows\system32\DRIVERS\MSKSSRV.sys 4586CDA25B7866DD9505CEECF9DB3C74 C:\Windows\System32\drivers\mslldp.sys 642CDE46351D5D2D90311E77072AB46D C:\Windows\system32\DRIVERS\MSPCLOCK.sys F2302A5CE63CA7673200FAFCEEEDB6AF C:\Windows\system32\DRIVERS\MSPQM.sys 6114512EA26E835BA522C63635429DB5 C:\Windows\System32\Drivers\MsRPC.sys AA538E16E644D00E3BA5349BBA9598EC C:\Windows\System32\drivers\mssecflt.sys 7ACFE7435317E791FF9EED2F49B402F2 C:\Windows\System32\drivers\mssmbios.sys 0543BEFD41EC4D25C7F7CF36409CEC7D C:\Windows\system32\DRIVERS\MSTEE.sys C1569E4DB8EFE3617847BF041A3C842F C:\Windows\System32\drivers\MTConfig.sys 130B16970154BA9876B09E5C4BAC63BE C:\Windows\System32\Drivers\mup.sys 15D987C8F6CCD4AC94E070C5986762CB C:\Windows\System32\drivers\mvumis.sys 3D2C5B4995CA0751D32DEA0DE9FDFE44 C:\Windows\System32\DRIVERS\nwifi.sys A5FA29F748BBF38FC3FAE4B54FA20A93 C:\Windows\System32\drivers\ndfltr.sys 629CB21AC49C8867E0F29DF1C16DB7B4 C:\Windows\System32\drivers\ndis.sys 63560E6BC9BCA978A6B72DF65F7A8930 C:\Windows\System32\drivers\ndiscap.sys 6DD605338FAAF6BA17662AA874E0D162 C:\Windows\System32\drivers\NdisImPlatform.sys E34196F285F8B8879E1FF36C31F7179E C:\Windows\System32\DRIVERS\ndistapi.sys 1FAD2398673F30CEC616B89C46B7DCBA C:\Windows\System32\drivers\ndisuio.sys AEB8ECBE66CC46854066CB1F5623E179 C:\Windows\System32\drivers\NdisVirtualBus.sys 7340104C2BF2F126714F7CDE85E63610 C:\Windows\System32\drivers\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C C:\Windows\System32\DRIVERS\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C C:\Windows\System32\DRIVERS\NDProxy.sys 78A12E3DF035B5D054986949B19BE43C C:\Windows\System32\drivers\Ndu.sys 04C8859355C1DC9C0FA198D1894D71C2 C:\Windows\System32\drivers\NetAdapterCx.sys 6C76780A01FC2B885BD6E957B5C36B02 C:\Windows\System32\drivers\netbios.sys 5D1513BD6430307C9DB86C6E351372ED C:\Windows\System32\DRIVERS\netbt.sys 6FEBB0A847FFD5F057B9AC8889F1B9A7 C:\Windows\System32\Drivers\Npfs.sys 001CBD7A2CD45C4EB39C01C3C677EF73 C:\Windows\System32\drivers\npsvctrig.sys 90F5DC9802AAA00CD0B6E2AD9E7FFADC C:\Windows\System32\drivers\nsiproxy.sys 0C6218321A09A7B51BA7FFAFBA4CCB21 C:\Windows\System32\Drivers\NTFS.sys 98BBD81DC481E9D58EEB31C81EBDEFF5 C:\Windows\System32\Drivers\Null.sys 6E6DD6F9DD2A034CF85E94047DBDB992 C:\Windows\system32\drivers\nvhda64v.sys C27427C9D79DE00A01B9987B68485F60 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvlddmkm.sys 90050A0469120BD8E0931267FFE31CFD C:\Windows\System32\drivers\nvraid.sys D261DF41F0840F734856A2B4F5E072C7 C:\Windows\System32\drivers\nvstor.sys 23B702B555EB0436B9DAA0BC63DA65CE C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys D61AC1C1B847970F152CE05AC66A2F6C C:\Windows\system32\drivers\nvvad64v.sys 652E175969898241C9F81C5D799A4E84 C:\Windows\System32\drivers\nvvhci.sys FEAA46EB1E2B80C0DEFD2AAE4050E097 C:\Windows\System32\drivers\parport.sys 6B81BF7853D161DB8AC62CD8B9C2DE6B C:\Windows\System32\drivers\partmgr.sys 0553ECB742278C8F4CFA28B43FF20EAD C:\Windows\System32\drivers\pci.sys 29AF16726F4DD84376ECA85AB6AFF2C6 C:\Windows\System32\drivers\pciide.sys 214DCC87E3898F738075D1341252A552 C:\Windows\System32\drivers\pcmcia.sys AED76A3333B3A31536E430020E0226FC C:\Windows\System32\drivers\pcw.sys E63FB38B6E75B39467492FBAD2CD512A C:\Windows\System32\drivers\pdc.sys CA979960D3A580C78EDB4BBD6BD3ABCC C:\Windows\System32\drivers\peauth.sys 1509A77F840AA9E72CF8247D0CF2FBDE C:\Windows\System32\drivers\percsas2i.sys 540116170E2135FCD5DDE77702166B67 C:\Windows\System32\drivers\percsas3i.sys 8356F87553BF49C703CF382033815898 C:\Windows\System32\drivers\raspptp.sys 5645B9D9788CCA2C88B9534996ED2D6D C:\Windows\System32\drivers\processr.sys 372913E12677A8CBBBABDD8311894F9D C:\Windows\System32\drivers\pacer.sys FC98407B85A31161851FDE245517574F C:\Windows\system32\drivers\qwavedrv.sys 819602BBBFDB0BD46DEA3715BF0DD452 C:\Windows\System32\DRIVERS\rasacd.sys CDF47037A0939F56D11F699629C276AD C:\Windows\System32\drivers\AgileVpn.sys 28C2EA278070EE12701D0EDF8CB0EC36 C:\Windows\System32\drivers\rasl2tp.sys 17E565710172ED71B8531D8822E1C5D1 C:\Windows\System32\DRIVERS\raspppoe.sys 9387DF155233D45D4E010F4F2FB52A57 C:\Windows\System32\drivers\rassstp.sys F0F4EEDEEBEE7A4244FAFB96A16B5712 C:\Windows\System32\DRIVERS\rdbss.sys 6132B142C5A1FA4C05F06FE43DE5E55E C:\Windows\System32\drivers\rdpbus.sys 79A415E6FA915EFC00297DAB16EC2635 C:\Windows\System32\drivers\rdpdr.sys 7135785C21CA79D270D11037C43D3F19 C:\Windows\System32\drivers\rdpvideominiport.sys 97A61A3CB2B5CB4FC32B3224EF333448 C:\Windows\System32\drivers\rdyboost.sys 69BB204AE07EE84ECFAB1BF13C4BD04B C:\Windows\System32\Drivers\ReFSv1.sys 940D6F5A2B0A61EE4170DF84F6C95C20 C:\Windows\System32\drivers\rspndr.sys 5FF28F097C9699097B473F8FC7C1AA7D C:\Windows\System32\drivers\rt640x64.sys AD4E81B1041A75216167DA27B0F91717 C:\Windows\System32\drivers\vms3cap.sys B5DAEE69BACA64D2BB004568E22D8756 C:\Windows\System32\drivers\sbp2port.sys 5E73FB63E2DBC75FE0C17DEB0010CE0E C:\Windows\System32\DRIVERS\scfilter.sys 3D9A82B03C92D1FEC42CB171D6F57778 C:\Windows\System32\drivers\scmbus.sys 9055ADDFBA4C8B914C914CE693B55C0A C:\Windows\System32\drivers\scmdisk0101.sys B6F2363584E62960846F7C3F00124A4F C:\Windows\System32\drivers\sdbus.sys 7C3D10BEC8B0DBA00A78C78EB10B3AE2 C:\Windows\System32\drivers\sdstor.sys 120DFCB71D6C502613A9E2D50E16850C C:\Windows\System32\drivers\SerCx.sys 401D706DDC0A7AF18C3DD228ADF74551 C:\Windows\System32\drivers\SerCx2.sys 7084D11083F0CDCA8B5C76F9846ABF5D C:\Windows\System32\drivers\serenum.sys 3FF478A8ED32A83C36581425F6282B6C C:\Windows\System32\drivers\serial.sys 92509187AA171A80521528B36F753E1D C:\Windows\System32\drivers\sermouse.sys 433D38FF6D08B993847EA2A10EB8CB52 C:\Windows\System32\drivers\sfloppy.sys 697D3EE0740AEAB62B66ABCA1C83D13B C:\Windows\System32\drivers\SiSRaid2.sys A34CE1830E45DA98932295FDE4B7908A C:\Windows\System32\drivers\sisraid4.sys A7B5C670770E908DA5FEF5BF1136E933 C:\Windows\System32\drivers\spaceport.sys 8BDB9E47D84144110F05AB757E630374 C:\Windows\System32\drivers\SpbCx.sys E03264C4C25B568F92ED1656AD541E64 C:\Windows\System32\DRIVERS\srv.sys FD3C05C412BE1C9FA477AD9CF9B2AADB C:\Windows\System32\DRIVERS\srv2.sys 55CA5329D1ADEB8F8034045930147AE4 C:\Windows\System32\DRIVERS\srvnet.sys F13EE0DB1FB1D6946AC3228D7EFCFC8F C:\Windows\System32\drivers\stexstor.sys 29D26E1347AE1BBD4201014E19880B2C C:\Windows\System32\drivers\storahci.sys 6BC6023E866489D22CE30E18846B80D9 C:\Windows\System32\drivers\vmstorfl.sys C5E0ACE4771F5575D9D5B457ABF3AD03 C:\Windows\System32\drivers\stornvme.sys B66D8C75C9BC59D637177AB3B1C569A6 C:\Windows\System32\drivers\storqosflt.sys BEBF85EB4D90E6996047DA027D0ED26E C:\Windows\System32\drivers\storufs.sys 8E73037A6F8938475692FFCC26EBF385 C:\Windows\System32\drivers\storvsc.sys 9D9DED47DA10E845EFF2DD57C94C809B C:\Windows\System32\drivers\swenum.sys 505E0C40B5D0ADDCBB414640F59BD2E0 C:\Windows\System32\drivers\Synth3dVsc.sys 32F46FB0F290D16DAA452B289C985795 C:\Windows\System32\drivers\tcpip.sys F3CFBE74DAF9ABD06F0B2A037DC4C90A C:\Windows\System32\drivers\tcpip.sys F3CFBE74DAF9ABD06F0B2A037DC4C90A C:\Windows\System32\drivers\tcpipreg.sys EC9450227A4C661513661F1F9C1F7DD6 C:\Windows\system32\DRIVERS\tdx.sys 0B237F8A96952BF95A14865030E131F2 C:\Windows\System32\drivers\terminpt.sys 06130AFFECEB94525FC2352936576B70 C:\Windows\System32\drivers\tpm.sys 46171262D0E806779DEEDFCAB2F830CC C:\Windows\System32\drivers\TsUsbFlt.sys A6F4025664C9D4BC2A9EDAB4092706D7 C:\Windows\System32\drivers\TsUsbGD.sys 37A96AD493E110C0BF1EE0AC0F9E7DBD C:\Windows\System32\drivers\tsusbhub.sys 5A91FDBA4D3FCB56DAEB8C091B3EB8E1 C:\Windows\System32\drivers\tunnel.sys 79E264287F17D56D768440B0270466DE C:\Windows\System32\drivers\uaspstor.sys AA65954F512BA097DD190790876DD991 C:\Windows\System32\Drivers\UcmCx.sys AB6268022C3A5B529075A39C33904DA6 C:\Windows\System32\Drivers\UcmTcpciCx.sys 7ED2EDA43D21C7A5F589A7960E265C52 C:\Windows\System32\drivers\UcmUcsi.sys 169351463039B45F5CDED9768879F712 C:\Windows\System32\drivers\ucx01000.sys 08A9E3AD29B215484FBB68CDC175DF3A C:\Windows\System32\drivers\udecx.sys DA70AEE267491AA56BC63AA0C0C96CA2 C:\Windows\System32\DRIVERS\udfs.sys FBC5ECF6D5A868D0B116C2DBB02B8168 C:\Windows\System32\drivers\UEFI.sys B918E40FAA9CD118CCA4AD388B748C98 C:\Windows\system32\drivers\UevAgentDriver.sys 166B17AE1DD24D8BA8CA474C7C31148F C:\Windows\System32\drivers\ufx01000.sys 0FD75222C1AD2687AB365BEBEA400DD4 C:\Windows\System32\drivers\UfxChipidea.sys C1A78C53E01C641AE41BFA65797819F5 C:\Windows\System32\drivers\ufxsynopsys.sys 767307212110EBEFB93EC9A5BE9E85B9 C:\Windows\System32\drivers\umbus.sys DC460AAA18CA2342FBBFB2DF9B044472 C:\Windows\System32\drivers\umpass.sys C3CF0377917ECE6D65D7623E1E61568F C:\Windows\System32\drivers\urschipidea.sys 6B46FC140C9AF68E6E7697D66D59CB4D C:\Windows\System32\drivers\urscx01000.sys B4402E7F0923F660270442CE76877ABE C:\Windows\System32\drivers\urssynopsys.sys 9DD431F1B94789CFB527E5D19261F124 C:\Windows\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473 C:\Windows\system32\drivers\usbaudio.sys 93F169DE94DBAC5DAF4755AFF10193DD C:\Windows\System32\drivers\usbccgp.sys C87E32B90F085970D9637FBAD45EF6FE C:\Windows\System32\drivers\usbcir.sys 0B663856474AC41924D9E9112203858F C:\Windows\System32\drivers\usbehci.sys F83D2250256203AC5DA5E8601C1AFDD7 C:\Windows\System32\drivers\usbhub.sys 7FFD26742321919590ED77FCA556D65F C:\Windows\System32\drivers\UsbHub3.sys 7A749B2863B5561BE34B39E8E249AD8F C:\Windows\System32\drivers\usbohci.sys D2109F1F4FEBF1DAC415CDC5DE876479 C:\Windows\System32\drivers\usbprint.sys 29C9572F2D061CFC3C0BD48A3163E343 C:\Windows\System32\drivers\usbser.sys 429477D6DEF3321FF7D3EF23CAAADA00 C:\Windows\System32\drivers\USBSTOR.SYS 0CC16F7B91C57AE9A4E44425A295FDAA C:\Windows\System32\drivers\usbuhci.sys C917D09064CDBD18F75ADC9B2C48F847 C:\Windows\System32\drivers\USBXHCI.SYS 95BCCEFBC40D06484CF16144FE79B8A5 C:\Windows\System32\drivers\vdrvroot.sys 0CBDE344FB48E42D78E29469F202ADBC C:\Windows\System32\drivers\VerifierExt.sys 723195568C8755CAD57F7933C5F2C5C2 C:\Windows\System32\drivers\vhdmp.sys 3BB8D153A9A514EC9FFCB586251A1925 C:\Windows\System32\drivers\vhf.sys 7929228F0E8B0C2FA0495A17A4FC27F6 C:\Windows\System32\drivers\vmbus.sys AEE432ED868831B1F068E373598F6D93 C:\Windows\System32\drivers\VMBusHID.sys 9444B23FC694B5F90F21B0FC7F10D8DD C:\Windows\System32\drivers\vmgid.sys 4D0287F566B36536DD812A54C015FC4A C:\Windows\System32\drivers\volmgr.sys 29075915F9BDC3437F8BED71C067D399 C:\Windows\System32\drivers\volmgrx.sys 6BDB6CE6D2D9E3D3F28F1C97E12B62E2 C:\Windows\System32\drivers\volsnap.sys BF2546583BB75F01DDA60A7921DFB230 C:\Windows\System32\drivers\volume.sys AC2E20A74D09D24485BE8396CE04F07B C:\Windows\System32\drivers\vpci.sys 92F6E3E6D3F1795263EB34B37F74AEF7 C:\Windows\System32\drivers\vsmraid.sys FD9BCB8920973CEAD4D49DC7A6D8A618 C:\Windows\System32\drivers\vstxraid.sys 0C111F220798CCE80484026E06822379 C:\Windows\System32\drivers\vwifibus.sys 607639716E9DB1CEF4E18B5B229293B4 C:\Windows\System32\drivers\vwififlt.sys B1ED64E628763148BF84FBE23F2AD711 C:\Windows\System32\drivers\wacompen.sys 55D00B785A7587F4263D125817871283 C:\Windows\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6 C:\Windows\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6 C:\Windows\system32\drivers\wcifs.sys E330144B97D493AA886000DCAAA8DAF5 C:\Windows\system32\drivers\wcnfs.sys AEA1093B751339267D8C8C1EF3D669CF C:\Windows\System32\drivers\WdBoot.sys D520B1B849B6D4D707AB31722B952C2D C:\Windows\System32\drivers\Wdf01000.sys 5030C76047D756263093A47B82970868 C:\Windows\System32\drivers\WdFilter.sys 29FF9199EDEB4F5470BB134D1A2563D2 C:\Windows\System32\DRIVERS\wdiwifi.sys EDC08B8D3E67F96688774841C247B82A C:\Windows\System32\Drivers\WdNisDrv.sys 17CF416CFF408190F5A4CBD79AB12E55 C:\Windows\System32\drivers\wfplwfs.sys E1785942AC51FEE6826CDF02075C5AA9 C:\Windows\System32\drivers\wimmount.sys 0CF79A0EACFFBB75A50A469A27696D02 C:\Windows\System32\drivers\WindowsTrustedRT.sys 0DE131733317EB4BE67028366B0CAAC6 C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys 92EB5D38BDF10C790450F3E46BF93A0E C:\Windows\System32\drivers\winmad.sys F95DE20312ACCA7761446DE152BD1F7C C:\Windows\System32\drivers\WinUSB.SYS 4EFB346BFDAEEB29316AA52BBB9852B1 C:\Windows\System32\drivers\winverbs.sys 8B9AFF5F08E66A6F1F1063DEC9457FB6 C:\Windows\System32\drivers\wmiacpi.sys 6F4F4F5A007D1710BD76FB311DA97C07 C:\Windows\System32\Drivers\Wof.sys 43C8D087B31C592163B33A4BDA540E40 C:\Windows\System32\drivers\WpdUpFltr.sys 75A9284F01FE7CB1A7D5EAE5C1EB4F33 C:\Windows\system32\drivers\ws2ifsl.sys 36D7B73ADC3E10607ED6EC874AFB5D1E C:\Windows\System32\drivers\WSDPrint.sys 696EC2EAA2A42A137CCBB9A84D6917C0 C:\Windows\system32\DRIVERS\WSDScan.sys 46E4A69825A7554A5DB784A55F8AD203 C:\Windows\System32\drivers\WudfPf.sys AED7FE551E8672B824A56324076183EB C:\Windows\System32\drivers\WudfRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\Windows\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\Windows\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D C:\Windows\System32\drivers\xboxgip.sys DB77764B46D02DCB9777D9E00A3F7D63 C:\Windows\System32\drivers\xinputhid.sys 63088A3361D9A308F328F11E9099DD87 ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-30 15:37 - 2017-04-30 15:37 - 00042305 _____ C:\Users\Confidential\Desktop\FRST.txt 2017-04-30 15:30 - 2017-04-30 15:31 - 02428928 _____ (Farbar) C:\Users\Confidential\Desktop\FRST64 (1).exe 2017-04-30 15:30 - 2017-04-30 15:30 - 02428928 _____ (Farbar) C:\Users\Confidential\Downloads\FRST64 (1).exe 2017-04-30 15:22 - 2017-04-30 15:22 - 00036533 _____ C:\Users\Confidential\Downloads\MTB.txt 2017-04-30 15:21 - 2017-04-30 15:21 - 00892416 _____ (Farbar) C:\Users\Confidential\Downloads\MiniToolBox.exe 2017-04-30 14:30 - 2017-04-30 14:30 - 00000000 ____D C:\Windows\LastGood.Tmp 2017-04-30 14:30 - 2017-04-26 00:40 - 00153536 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2017-04-30 14:30 - 2017-04-26 00:40 - 00127424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2017-04-29 11:56 - 2017-04-29 11:56 - 00000222 _____ C:\Users\Confidential\Desktop\H1Z1 King of the Kill.url 2017-04-29 10:13 - 2017-04-29 10:13 - 00000000 ____D C:\Users\Alieca\AppData\Roaming\Sun 2017-04-29 10:13 - 2017-04-29 10:13 - 00000000 ____D C:\Users\Alieca\AppData\LocalLow\Sun 2017-04-25 21:20 - 2017-04-25 21:20 - 00557497 _____ C:\Users\Kurt\Downloads\79371627.pdf 2017-04-20 00:11 - 2017-04-20 00:11 - 00000000 ____D C:\Users\Kurt\AppData\Roaming\Sun 2017-04-20 00:11 - 2017-04-20 00:11 - 00000000 ____D C:\Users\Kurt\AppData\LocalLow\Sun 2017-04-17 19:12 - 2017-04-17 19:12 - 00000000 ____D C:\Users\Confidential\Documents\Ubisoft 2017-04-17 13:24 - 2017-04-17 13:24 - 00000232 _____ C:\Users\Confidential\Desktop\Splinter Cell Blacklist.url 2017-04-16 18:56 - 2017-04-16 18:56 - 00000222 _____ C:\Users\Confidential\Desktop\DiRT 3 Complete Edition.url 2017-04-16 12:13 - 2017-04-16 12:13 - 00000222 _____ C:\Users\Confidential\Desktop\Galactic Civilizations I Ultimate Edition.url 2017-04-11 18:48 - 2017-03-28 02:10 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2017-04-11 18:48 - 2017-03-28 02:10 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-04-11 18:48 - 2017-03-28 01:29 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-04-11 18:48 - 2017-03-28 01:28 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2017-04-11 18:48 - 2017-03-28 01:26 - 00218520 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe 2017-04-11 18:48 - 2017-03-28 01:21 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2017-04-11 18:48 - 2017-03-28 01:20 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2017-04-11 18:48 - 2017-03-28 01:19 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2017-04-11 18:48 - 2017-03-28 01:18 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-04-11 18:48 - 2017-03-28 01:15 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2017-04-11 18:48 - 2017-03-28 01:11 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2017-04-11 18:48 - 2017-03-28 01:10 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2017-04-11 18:48 - 2017-03-28 01:07 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 22221368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 08168512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 01848584 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2017-04-11 18:48 - 2017-03-28 01:05 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 05721808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 02262776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 00277344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2017-04-11 18:48 - 2017-03-28 01:04 - 00136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll 2017-04-11 18:48 - 2017-03-28 01:04 - 00116568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll 2017-04-11 18:48 - 2017-03-28 01:02 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2017-04-11 18:48 - 2017-03-28 01:02 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2017-04-11 18:48 - 2017-03-28 01:02 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2017-04-11 18:48 - 2017-03-28 00:59 - 06667520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-11 18:48 - 2017-03-28 00:59 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2017-04-11 18:48 - 2017-03-28 00:59 - 02533728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2017-04-11 18:48 - 2017-03-28 00:58 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 01851688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 01344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 00961192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-04-11 18:48 - 2017-03-28 00:58 - 00387872 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2017-04-11 18:48 - 2017-03-28 00:53 - 01414728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2017-04-11 18:48 - 2017-03-28 00:53 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2017-04-11 18:48 - 2017-03-28 00:52 - 00306800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll 2017-04-11 18:48 - 2017-03-28 00:48 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-04-11 18:48 - 2017-03-28 00:42 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2017-04-11 18:48 - 2017-03-28 00:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll 2017-04-11 18:48 - 2017-03-28 00:41 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe 2017-04-11 18:48 - 2017-03-28 00:41 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll 2017-04-11 18:48 - 2017-03-28 00:40 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll 2017-04-11 18:48 - 2017-03-28 00:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthManagerProxy.dll 2017-04-11 18:48 - 2017-03-28 00:40 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-04-11 18:48 - 2017-03-28 00:39 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll 2017-04-11 18:48 - 2017-03-28 00:39 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll 2017-04-11 18:48 - 2017-03-28 00:38 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll 2017-04-11 18:48 - 2017-03-28 00:38 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2017-04-11 18:48 - 2017-03-28 00:38 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp 2017-04-11 18:48 - 2017-03-28 00:37 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apds.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2017-04-11 18:48 - 2017-03-28 00:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys 2017-04-11 18:48 - 2017-03-28 00:36 - 00769024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsecsnp.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-04-11 18:48 - 2017-03-28 00:36 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicDisplay.sys 2017-04-11 18:48 - 2017-03-28 00:35 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2017-04-11 18:48 - 2017-03-28 00:35 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2017-04-11 18:48 - 2017-03-28 00:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe 2017-04-11 18:48 - 2017-03-28 00:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll 2017-04-11 18:48 - 2017-03-28 00:35 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2017-04-11 18:48 - 2017-03-28 00:35 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-04-11 18:48 - 2017-03-28 00:34 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll 2017-04-11 18:48 - 2017-03-28 00:34 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll 2017-04-11 18:48 - 2017-03-28 00:34 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll 2017-04-11 18:48 - 2017-03-28 00:34 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll 2017-04-11 18:48 - 2017-03-28 00:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe 2017-04-11 18:48 - 2017-03-28 00:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll 2017-04-11 18:48 - 2017-03-28 00:32 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2017-04-11 18:48 - 2017-03-28 00:31 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-04-11 18:48 - 2017-03-28 00:31 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2017-04-11 18:48 - 2017-03-28 00:31 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll 2017-04-11 18:48 - 2017-03-28 00:31 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2017-04-11 18:48 - 2017-03-28 00:31 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00787968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll 2017-04-11 18:48 - 2017-03-28 00:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2017-04-11 18:48 - 2017-03-28 00:29 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll 2017-04-11 18:48 - 2017-03-28 00:29 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2017-04-11 18:48 - 2017-03-28 00:29 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2017-04-11 18:48 - 2017-03-28 00:29 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2017-04-11 18:48 - 2017-03-28 00:29 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll 2017-04-11 18:48 - 2017-03-28 00:29 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2017-04-11 18:48 - 2017-03-28 00:28 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll 2017-04-11 18:48 - 2017-03-28 00:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll 2017-04-11 18:48 - 2017-03-28 00:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll 2017-04-11 18:48 - 2017-03-28 00:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll 2017-04-11 18:48 - 2017-03-28 00:26 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-04-11 18:48 - 2017-03-28 00:26 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll 2017-04-11 18:48 - 2017-03-28 00:26 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll 2017-04-11 18:48 - 2017-03-28 00:26 - 00549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2017-04-11 18:48 - 2017-03-28 00:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-04-11 18:48 - 2017-03-28 00:26 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2017-04-11 18:48 - 2017-03-28 00:25 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2017-04-11 18:48 - 2017-03-28 00:25 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl 2017-04-11 18:48 - 2017-03-28 00:25 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2017-04-11 18:48 - 2017-03-28 00:25 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll 2017-04-11 18:48 - 2017-03-28 00:24 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe 2017-04-11 18:48 - 2017-03-28 00:24 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2017-04-11 18:48 - 2017-03-28 00:24 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2017-04-11 18:48 - 2017-03-28 00:24 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 2017-04-11 18:48 - 2017-03-28 00:24 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2017-04-11 18:48 - 2017-03-28 00:23 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2017-04-11 18:48 - 2017-03-28 00:23 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll 2017-04-11 18:48 - 2017-03-28 00:23 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2017-04-11 18:48 - 2017-03-28 00:23 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll 2017-04-11 18:48 - 2017-03-28 00:22 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll 2017-04-11 18:48 - 2017-03-28 00:22 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll 2017-04-11 18:48 - 2017-03-28 00:22 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll 2017-04-11 18:48 - 2017-03-28 00:21 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2017-04-11 18:48 - 2017-03-28 00:21 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll 2017-04-11 18:48 - 2017-03-28 00:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2017-04-11 18:48 - 2017-03-28 00:20 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2017-04-11 18:48 - 2017-03-28 00:20 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll 2017-04-11 18:48 - 2017-03-28 00:20 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2017-04-11 18:48 - 2017-03-28 00:19 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2017-04-11 18:48 - 2017-03-28 00:19 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll 2017-04-11 18:48 - 2017-03-28 00:19 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2017-04-11 18:48 - 2017-03-28 00:19 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2017-04-11 18:48 - 2017-03-28 00:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2017-04-11 18:48 - 2017-03-28 00:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll 2017-04-11 18:48 - 2017-03-28 00:18 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll 2017-04-11 18:48 - 2017-03-28 00:18 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2017-04-11 18:48 - 2017-03-28 00:17 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2017-04-11 18:48 - 2017-03-28 00:17 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2017-04-11 18:48 - 2017-03-28 00:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll 2017-04-11 18:48 - 2017-03-28 00:17 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2017-04-11 18:48 - 2017-03-28 00:16 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll 2017-04-11 18:48 - 2017-03-28 00:16 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2017-04-11 18:48 - 2017-03-28 00:16 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll 2017-04-11 18:48 - 2017-03-28 00:15 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe 2017-04-11 18:48 - 2017-03-28 00:15 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2017-04-11 18:48 - 2017-03-28 00:14 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll 2017-04-11 18:48 - 2017-03-28 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll 2017-04-11 18:48 - 2017-03-28 00:13 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2017-04-11 18:48 - 2017-03-28 00:13 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2017-04-11 18:48 - 2017-03-28 00:13 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll 2017-04-11 18:48 - 2017-03-28 00:13 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-04-11 18:48 - 2017-03-28 00:13 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2017-04-11 18:48 - 2017-03-28 00:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2017-04-11 18:48 - 2017-03-28 00:13 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll 2017-04-11 18:48 - 2017-03-28 00:12 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll 2017-04-11 18:48 - 2017-03-28 00:11 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2017-04-11 18:48 - 2017-03-28 00:11 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2017-04-11 18:48 - 2017-03-28 00:11 - 01981440 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2017-04-11 18:48 - 2017-03-28 00:11 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-04-11 18:48 - 2017-03-28 00:11 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2017-04-11 18:48 - 2017-03-28 00:11 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-04-11 18:48 - 2017-03-28 00:11 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-04-11 18:48 - 2017-03-28 00:10 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2017-04-11 18:48 - 2017-03-28 00:10 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-04-11 18:48 - 2017-03-28 00:10 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll 2017-04-11 18:48 - 2017-03-28 00:10 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll 2017-04-11 18:48 - 2017-03-28 00:10 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2017-04-11 18:48 - 2017-03-28 00:10 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2017-04-11 18:48 - 2017-03-28 00:09 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2017-04-11 18:48 - 2017-03-28 00:09 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2017-04-11 18:48 - 2017-03-28 00:09 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll 2017-04-11 18:48 - 2017-03-28 00:08 - 01564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-04-11 18:48 - 2017-03-28 00:08 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2017-04-11 18:48 - 2017-03-28 00:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RADCUI.dll 2017-04-11 18:48 - 2017-03-28 00:06 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2017-04-11 18:48 - 2017-03-27 23:48 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2017-04-11 18:48 - 2017-03-15 23:38 - 00034088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll 2017-04-11 18:47 - 2017-03-28 01:36 - 01617760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-04-11 18:47 - 2017-03-28 01:36 - 01294688 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-04-11 18:47 - 2017-03-28 01:36 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-04-11 18:47 - 2017-03-28 01:36 - 00343904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-04-11 18:47 - 2017-03-28 01:36 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-04-11 18:47 - 2017-03-28 01:35 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-04-11 18:47 - 2017-03-28 01:32 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2017-04-11 18:47 - 2017-03-28 01:28 - 07786336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-04-11 18:47 - 2017-03-28 01:26 - 00754528 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll 2017-04-11 18:47 - 2017-03-28 01:26 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll 2017-04-11 18:47 - 2017-03-28 01:26 - 00573280 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll 2017-04-11 18:47 - 2017-03-28 01:22 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll 2017-04-11 18:47 - 2017-03-28 01:20 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2017-04-11 18:47 - 2017-03-28 01:12 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2017-04-11 18:47 - 2017-03-28 01:11 - 02187616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-04-11 18:47 - 2017-03-28 01:11 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2017-04-11 18:47 - 2017-03-28 01:11 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-04-11 18:47 - 2017-03-28 01:11 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2017-04-11 18:47 - 2017-03-28 01:10 - 02758648 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-04-11 18:47 - 2017-03-28 01:10 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2017-04-11 18:47 - 2017-03-28 01:10 - 01157008 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2017-04-11 18:47 - 2017-03-28 01:10 - 00178528 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll 2017-04-11 18:47 - 2017-03-28 01:10 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll 2017-04-11 18:47 - 2017-03-28 01:09 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2017-04-11 18:47 - 2017-03-28 01:09 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2017-04-11 18:47 - 2017-03-28 01:09 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-04-11 18:47 - 2017-03-28 01:09 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll 2017-04-11 18:47 - 2017-03-28 01:08 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2017-04-11 18:47 - 2017-03-28 01:08 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2017-04-11 18:47 - 2017-03-28 01:08 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2017-04-11 18:47 - 2017-03-28 01:06 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2017-04-11 18:47 - 2017-03-28 01:04 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2017-04-11 18:47 - 2017-03-28 01:04 - 01276760 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-04-11 18:47 - 2017-03-28 01:04 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll 2017-04-11 18:47 - 2017-03-28 01:04 - 00160088 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll 2017-04-11 18:47 - 2017-03-28 01:00 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2017-04-11 18:47 - 2017-03-28 01:00 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2017-04-11 18:47 - 2017-03-28 00:58 - 00372440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll 2017-04-11 18:47 - 2017-03-28 00:44 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-04-11 18:47 - 2017-03-28 00:41 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll 2017-04-11 18:47 - 2017-03-28 00:41 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe 2017-04-11 18:47 - 2017-03-28 00:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll 2017-04-11 18:47 - 2017-03-28 00:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-04-11 18:47 - 2017-03-28 00:37 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2017-04-11 18:47 - 2017-03-28 00:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManagerProxy.dll 2017-04-11 18:47 - 2017-03-28 00:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\DdcWnsListener.dll 2017-04-11 18:47 - 2017-03-28 00:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2017-04-11 18:47 - 2017-03-28 00:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll 2017-04-11 18:47 - 2017-03-28 00:36 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-04-11 18:47 - 2017-03-28 00:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2017-04-11 18:47 - 2017-03-28 00:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll 2017-04-11 18:47 - 2017-03-28 00:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll 2017-04-11 18:47 - 2017-03-28 00:35 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll 2017-04-11 18:47 - 2017-03-28 00:35 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll 2017-04-11 18:47 - 2017-03-28 00:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2017-04-11 18:47 - 2017-03-28 00:34 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll 2017-04-11 18:47 - 2017-03-28 00:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe 2017-04-11 18:47 - 2017-03-28 00:34 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll 2017-04-11 18:47 - 2017-03-28 00:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-04-11 18:47 - 2017-03-28 00:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll 2017-04-11 18:47 - 2017-03-28 00:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll 2017-04-11 18:47 - 2017-03-28 00:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll 2017-04-11 18:47 - 2017-03-28 00:32 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll 2017-04-11 18:47 - 2017-03-28 00:32 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll 2017-04-11 18:47 - 2017-03-28 00:32 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.Phone.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-04-11 18:47 - 2017-03-28 00:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe 2017-04-11 18:47 - 2017-03-28 00:31 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll 2017-04-11 18:47 - 2017-03-28 00:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00239104 _____ (Microsoft Corporation) C:\Windows\system32\dafpos.dll 2017-04-11 18:47 - 2017-03-28 00:30 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe 2017-04-11 18:47 - 2017-03-28 00:29 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll 2017-04-11 18:47 - 2017-03-28 00:29 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-04-11 18:47 - 2017-03-28 00:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2017-04-11 18:47 - 2017-03-28 00:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2017-04-11 18:47 - 2017-03-28 00:26 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2017-04-11 18:47 - 2017-03-28 00:26 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2017-04-11 18:47 - 2017-03-28 00:26 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll 2017-04-11 18:47 - 2017-03-28 00:25 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2017-04-11 18:47 - 2017-03-28 00:25 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2017-04-11 18:47 - 2017-03-28 00:25 - 00966144 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2017-04-11 18:47 - 2017-03-28 00:25 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll 2017-04-11 18:47 - 2017-03-28 00:25 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2017-04-11 18:47 - 2017-03-28 00:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-04-11 18:47 - 2017-03-28 00:24 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-04-11 18:47 - 2017-03-28 00:24 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl 2017-04-11 18:47 - 2017-03-28 00:24 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2017-04-11 18:47 - 2017-03-28 00:23 - 09130496 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2017-04-11 18:47 - 2017-03-28 00:23 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-04-11 18:47 - 2017-03-28 00:23 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-04-11 18:47 - 2017-03-28 00:23 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2017-04-11 18:47 - 2017-03-28 00:22 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-04-11 18:47 - 2017-03-28 00:21 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-04-11 18:47 - 2017-03-28 00:21 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2017-04-11 18:47 - 2017-03-28 00:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll 2017-04-11 18:47 - 2017-03-28 00:21 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\CastLaunch.dll 2017-04-11 18:47 - 2017-03-28 00:20 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll 2017-04-11 18:47 - 2017-03-28 00:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2017-04-11 18:47 - 2017-03-28 00:19 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2017-04-11 18:47 - 2017-03-28 00:19 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2017-04-11 18:47 - 2017-03-28 00:19 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2017-04-11 18:47 - 2017-03-28 00:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll 2017-04-11 18:47 - 2017-03-28 00:18 - 12181504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-04-11 18:47 - 2017-03-28 00:18 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll 2017-04-11 18:47 - 2017-03-28 00:18 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll 2017-04-11 18:47 - 2017-03-28 00:17 - 13087232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-04-11 18:47 - 2017-03-28 00:17 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll 2017-04-11 18:47 - 2017-03-28 00:17 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2017-04-11 18:47 - 2017-03-28 00:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2017-04-11 18:47 - 2017-03-28 00:16 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2017-04-11 18:47 - 2017-03-28 00:16 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll 2017-04-11 18:47 - 2017-03-28 00:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll 2017-04-11 18:47 - 2017-03-28 00:15 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 08126976 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-04-11 18:47 - 2017-03-28 00:14 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll 2017-04-11 18:47 - 2017-03-28 00:14 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 06045184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 02095616 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-04-11 18:47 - 2017-03-28 00:13 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll 2017-04-11 18:47 - 2017-03-28 00:13 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll 2017-04-11 18:47 - 2017-03-28 00:12 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2017-04-11 18:47 - 2017-03-28 00:12 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll 2017-04-11 18:47 - 2017-03-28 00:12 - 02026496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-04-11 18:47 - 2017-03-28 00:12 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-04-11 18:47 - 2017-03-28 00:12 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2017-04-11 18:47 - 2017-03-28 00:12 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll 2017-04-11 18:47 - 2017-03-28 00:11 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2017-04-11 18:47 - 2017-03-28 00:11 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll 2017-04-11 18:47 - 2017-03-28 00:11 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2017-04-11 18:47 - 2017-03-28 00:10 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll 2017-04-11 18:47 - 2017-03-28 00:09 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2017-04-11 18:47 - 2017-03-28 00:09 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll 2017-04-11 18:47 - 2017-03-28 00:09 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2017-04-11 18:47 - 2017-03-28 00:09 - 01064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2017-04-11 18:47 - 2017-03-28 00:09 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2017-04-11 18:47 - 2017-03-28 00:08 - 03612672 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2017-04-11 18:47 - 2017-03-28 00:08 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2017-04-11 18:47 - 2017-03-28 00:08 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-04-11 18:47 - 2017-03-28 00:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll 2017-04-11 18:47 - 2017-03-28 00:07 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2017-04-11 18:47 - 2017-03-28 00:07 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll 2017-04-11 18:47 - 2017-03-28 00:07 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll 2017-04-11 18:47 - 2017-03-28 00:06 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2017-04-11 18:47 - 2017-03-28 00:06 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2017-04-11 18:47 - 2017-03-28 00:05 - 01633792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-04-11 18:47 - 2017-03-28 00:04 - 00119808 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll 2017-04-11 18:47 - 2017-03-18 11:50 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2017-04-11 18:47 - 2017-03-18 11:35 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2017-04-11 18:47 - 2017-03-15 23:47 - 00038768 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll 2017-04-09 18:54 - 2017-04-09 18:54 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2017-04-09 15:23 - 2017-04-09 15:23 - 00000221 _____ C:\Users\Confidential\Desktop\The Bureau XCOM Declassified.url 2017-04-08 08:53 - 2017-04-11 18:23 - 00000000 ____D C:\Users\Alieca\AppData\Local\NVIDIA Corporation 2017-04-08 08:51 - 2017-04-08 08:51 - 00000000 ____D C:\Users\Alieca\AppData\Roaming\Skype 2017-04-08 08:51 - 2017-04-08 08:51 - 00000000 ____D C:\Users\Alieca\AppData\Local\NVIDIA 2017-04-08 08:51 - 2017-04-08 08:51 - 00000000 ____D C:\Users\Alieca\AppData\Local\Comms 2017-04-07 19:03 - 2017-04-07 19:03 - 00000000 ____D C:\Users\Confidential\AppData\LocalLow\Pheonise 2017-04-07 16:23 - 2017-04-26 00:03 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2017-04-07 16:22 - 2017-03-31 20:36 - 00136248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2017-04-07 16:20 - 2017-04-02 11:12 - 00046008 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 40201152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 35354048 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 35280320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 11111392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 10635192 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 09316648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 09014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 08876272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 03790904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 03246016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 01988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438165.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 01591352 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438165.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 01278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 01276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 01055800 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00995920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00990144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00960448 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00821184 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00652856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00618928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00577544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2017-04-07 16:20 - 2017-03-31 22:27 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2017-04-07 16:20 - 2017-03-31 22:27 - 00000669 _____ C:\Windows\system32\nv-vk64.json 2017-04-02 09:56 - 2017-04-02 09:56 - 00001749 _____ C:\Users\Confidential\Desktop\Minecraft Windows 10 Edition.lnk 2017-04-01 10:20 - 2017-04-01 10:20 - 06260496 _____ C:\Users\Confidential\Desktop\Super Mario 64 (USA).zip 2017-04-01 10:10 - 2017-04-01 10:21 - 00000000 ____D C:\Program Files (x86)\Project64 1.6 2017-04-01 10:10 - 2017-04-01 10:10 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6 2017-04-01 10:09 - 2017-04-01 10:10 - 02080797 _____ (Project64 ) C:\Users\Confidential\Desktop\project64_1.6.exe 2017-04-01 04:25 - 2017-04-01 04:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2017-03-31 15:21 - 2017-04-04 15:48 - 00001291 _____ C:\Users\Confidential\Desktop\Google Chrome.lnk 2017-03-26 11:57 - 2017-03-26 11:57 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\HandBrake Team 2017-03-26 11:57 - 2017-03-26 11:57 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\HandBrake 2017-03-26 11:56 - 2017-03-26 11:56 - 00000865 _____ C:\Users\Confidential\Desktop\HandBrake.lnk 2017-03-26 11:56 - 2017-03-26 11:56 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake 2017-03-26 11:56 - 2017-03-26 11:56 - 00000000 ____D C:\Program Files\HandBrake 2017-03-26 11:49 - 2017-03-26 11:50 - 10563556 _____ C:\Users\Confidential\Downloads\HandBrake-1.0.3-x86_64-Win_GUI.exe 2017-03-24 11:40 - 2017-04-09 19:25 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\itch 2017-03-24 11:40 - 2017-04-07 18:45 - 00002256 _____ C:\Users\Confidential\Desktop\itch.lnk 2017-03-24 11:40 - 2017-04-07 18:45 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itch Corp 2017-03-24 11:40 - 2017-04-07 18:45 - 00000000 ____D C:\Users\Confidential\AppData\Local\SquirrelTemp 2017-03-24 11:40 - 2017-04-07 18:45 - 00000000 ____D C:\Users\Confidential\AppData\Local\itch 2017-03-24 11:39 - 2017-03-24 11:40 - 61552744 _____ (Itch Corp) C:\Users\Confidential\Downloads\itchSetup.exe 2017-03-24 10:34 - 2017-03-24 10:49 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\VEGAS Pro 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\VEGAS 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Publish Providers 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\MAGIX 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Local\VEGAS Pro 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Local\Sony 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\ProgramData\VEGAS Pro 2017-03-23 19:56 - 2017-03-23 19:56 - 00000000 ____D C:\ProgramData\MAGIX 2017-03-23 19:51 - 2017-03-23 19:51 - 00000000 ____D C:\Users\Confidential\AppData\Local\VEGAS 2017-03-23 19:51 - 2017-03-23 19:51 - 00000000 ____D C:\ProgramData\VEGAS 2017-03-23 19:51 - 2017-03-23 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS 2017-03-23 19:51 - 2017-03-23 19:51 - 00000000 ____D C:\Program Files\VEGAS 2017-03-23 19:51 - 2017-03-23 19:51 - 00000000 ____D C:\Program Files (x86)\VEGAS 2017-03-23 19:50 - 2017-03-23 19:56 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Sony 2017-03-23 19:48 - 2017-03-23 19:48 - 445137688 _____ C:\Users\Confidential\Downloads\Sony Vegas Pro 14.zip 2017-03-23 19:36 - 2017-03-23 19:57 - 00002497 _____ C:\Users\Confidential\Desktop\Adobe Photoshop CS6.lnk 2017-03-23 19:36 - 2017-03-23 19:36 - 00000040 ____H C:\FD2A6DB5786E 2017-03-23 19:36 - 2017-03-23 19:36 - 00000000 ____D C:\Users\Confidential\AppData\LocalLow\Adobe 2017-03-23 19:35 - 2017-03-23 19:35 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-03-23 19:34 - 2017-03-23 19:34 - 133012047 _____ (© The Computer Guy Tony ) C:\Users\Confidential\Downloads\Photoshop CS6 Installer.exe 2017-03-23 19:29 - 2017-03-23 19:29 - 13286592 _____ (MEGA Limited) C:\Users\Confidential\Downloads\MEGAsyncSetup.exe 2017-03-23 19:29 - 2017-03-23 19:29 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2017-03-23 19:29 - 2017-03-23 19:29 - 00000000 ____D C:\Users\Confidential\AppData\Local\MEGAsync 2017-03-23 19:29 - 2017-03-23 19:29 - 00000000 ____D C:\Users\Confidential\AppData\Local\Mega Limited 2017-03-23 16:42 - 2017-03-23 16:43 - 07912046 _____ C:\Users\Confidential\Downloads\12_Droppers_v1.1.zip 2017-03-21 20:26 - 2017-03-21 20:26 - 00000000 ____D C:\Users\Confidential\AppData\LocalLow\DefaultCompany 2017-03-17 20:19 - 2017-03-17 20:19 - 01288012 _____ C:\Users\Confidential\Downloads\saveedit_r256.zip 2017-03-16 19:16 - 2017-03-16 19:16 - 00000221 _____ C:\Users\Confidential\Desktop\Borderlands 2.url 2017-03-14 17:07 - 2017-03-04 02:40 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2017-03-14 17:07 - 2017-03-04 02:09 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll 2017-03-14 17:07 - 2017-03-04 01:54 - 02277288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2017-03-14 17:07 - 2017-03-04 01:54 - 00524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2017-03-14 17:07 - 2017-03-04 01:53 - 00781152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2017-03-14 17:07 - 2017-03-04 01:47 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2017-03-14 17:07 - 2017-03-04 01:46 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2017-03-14 17:07 - 2017-03-04 01:42 - 01260784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2017-03-14 17:07 - 2017-03-04 01:22 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll 2017-03-14 17:07 - 2017-03-04 01:21 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-03-14 17:07 - 2017-03-04 01:20 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2017-03-14 17:07 - 2017-03-04 01:16 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2017-03-14 17:07 - 2017-03-04 01:15 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-14 17:07 - 2017-03-04 01:13 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2017-03-14 17:07 - 2017-03-04 01:12 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-14 17:07 - 2017-03-04 01:11 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2017-03-14 17:07 - 2017-03-04 01:11 - 01320448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2017-03-14 17:07 - 2017-03-04 01:11 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll 2017-03-14 17:07 - 2017-03-04 01:09 - 00570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2017-03-14 17:07 - 2017-03-04 01:07 - 02748928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2017-03-14 17:07 - 2017-03-04 01:07 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-03-14 17:07 - 2017-03-04 01:06 - 05380608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2017-03-14 17:07 - 2017-03-04 01:06 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2017-03-14 17:07 - 2017-03-04 01:05 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2017-03-14 17:07 - 2017-03-04 01:03 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll 2017-03-14 17:07 - 2017-03-04 01:03 - 02109952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll 2017-03-14 17:07 - 2017-03-04 01:02 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-03-14 17:07 - 2017-03-04 01:02 - 02740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2017-03-14 17:07 - 2017-03-04 01:01 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2017-03-14 17:07 - 2017-03-04 01:01 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-03-14 17:07 - 2017-03-04 01:01 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2017-03-14 17:07 - 2017-03-04 01:01 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-03-14 17:07 - 2017-03-04 01:00 - 04557824 _____ (Microsoft) C:\Windows\SysWOW64\dbgeng.dll 2017-03-14 17:07 - 2017-03-04 01:00 - 02003968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-14 17:07 - 2017-03-04 01:00 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2017-03-14 17:07 - 2017-03-04 00:59 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll 2017-03-14 17:06 - 2017-03-04 02:57 - 00192352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2017-03-14 17:06 - 2017-03-04 02:44 - 01470816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll 2017-03-14 17:06 - 2017-03-04 02:35 - 00655200 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-14 17:06 - 2017-03-04 02:35 - 00315232 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2017-03-14 17:06 - 2017-03-04 02:35 - 00242528 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-14 17:06 - 2017-03-04 02:35 - 00086368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-14 17:06 - 2017-03-04 02:35 - 00038240 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2017-03-14 17:06 - 2017-03-04 02:26 - 00794416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll 2017-03-14 17:06 - 2017-03-04 02:24 - 02482280 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2017-03-14 17:06 - 2017-03-04 02:24 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll 2017-03-14 17:06 - 2017-03-04 02:24 - 00646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-03-14 17:06 - 2017-03-04 02:24 - 00108384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2017-03-14 17:06 - 2017-03-04 02:24 - 00090976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2017-03-14 17:06 - 2017-03-04 02:23 - 02512304 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2017-03-14 17:06 - 2017-03-04 02:21 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-03-14 17:06 - 2017-03-04 02:19 - 02049480 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2017-03-14 17:06 - 2017-03-04 02:18 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2017-03-14 17:06 - 2017-03-04 02:18 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-03-14 17:06 - 2017-03-04 02:17 - 00409952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2017-03-14 17:06 - 2017-03-04 02:15 - 01000280 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2017-03-14 17:06 - 2017-03-04 02:15 - 00063328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2017-03-14 17:06 - 2017-03-04 02:10 - 02828384 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2017-03-14 17:06 - 2017-03-04 02:09 - 02206496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2017-03-14 17:06 - 2017-03-04 02:09 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2017-03-14 17:06 - 2017-03-04 02:09 - 00681312 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2017-03-14 17:06 - 2017-03-04 02:09 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2017-03-14 17:06 - 2017-03-04 02:09 - 00635864 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2017-03-14 17:06 - 2017-03-04 02:09 - 00527808 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2017-03-14 17:06 - 2017-03-04 02:09 - 00497416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-03-14 17:06 - 2017-03-04 02:09 - 00396168 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2017-03-14 17:06 - 2017-03-04 02:08 - 00450400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-14 17:06 - 2017-03-04 02:08 - 00223584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-14 17:06 - 2017-03-04 02:08 - 00130912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys 2017-03-14 17:06 - 2017-03-04 02:07 - 00557400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2017-03-14 17:06 - 2017-03-04 02:07 - 00432992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2017-03-14 17:06 - 2017-03-04 02:04 - 01362512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2017-03-14 17:06 - 2017-03-04 02:04 - 01063472 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2017-03-14 17:06 - 2017-03-04 02:03 - 01723560 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2017-03-14 17:06 - 2017-03-04 02:03 - 01694712 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 01473048 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 01454512 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00811416 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00755648 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00523712 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00424616 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll 2017-03-14 17:06 - 2017-03-04 02:03 - 00382272 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe 2017-03-14 17:06 - 2017-03-04 02:02 - 00184416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2017-03-14 17:06 - 2017-03-04 02:01 - 00137936 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2017-03-14 17:06 - 2017-03-04 01:58 - 01416224 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2017-03-14 17:06 - 2017-03-04 01:56 - 00248992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll 2017-03-14 17:06 - 2017-03-04 01:53 - 00493912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2017-03-14 17:06 - 2017-03-04 01:53 - 00313568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2017-03-14 17:06 - 2017-03-04 01:52 - 00549088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2017-03-14 17:06 - 2017-03-04 01:52 - 00272720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 01123912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 00976184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 00640976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 00530480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 00374448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll 2017-03-14 17:06 - 2017-03-04 01:47 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll 2017-03-14 17:06 - 2017-03-04 01:46 - 00321792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe 2017-03-14 17:06 - 2017-03-04 01:45 - 00173408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2017-03-14 17:06 - 2017-03-04 01:45 - 00112120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2017-03-14 17:06 - 2017-03-04 01:42 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2017-03-14 17:06 - 2017-03-04 01:37 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll 2017-03-14 17:06 - 2017-03-04 01:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-03-14 17:06 - 2017-03-04 01:36 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\DuCsps.dll 2017-03-14 17:06 - 2017-03-04 01:36 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll 2017-03-14 17:06 - 2017-03-04 01:36 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys 2017-03-14 17:06 - 2017-03-04 01:35 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ddrawex.dll 2017-03-14 17:06 - 2017-03-04 01:34 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys 2017-03-14 17:06 - 2017-03-04 01:34 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll 2017-03-14 17:06 - 2017-03-04 01:34 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll 2017-03-14 17:06 - 2017-03-04 01:33 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.UI.GameBar.dll 2017-03-14 17:06 - 2017-03-04 01:33 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll 2017-03-14 17:06 - 2017-03-04 01:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe 2017-03-14 17:06 - 2017-03-04 01:32 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll 2017-03-14 17:06 - 2017-03-04 01:32 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\MCCSEngineShared.dll 2017-03-14 17:06 - 2017-03-04 01:31 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll 2017-03-14 17:06 - 2017-03-04 01:31 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_WorkAccess.dll 2017-03-14 17:06 - 2017-03-04 01:31 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2017-03-14 17:06 - 2017-03-04 01:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-14 17:06 - 2017-03-04 01:31 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2017-03-14 17:06 - 2017-03-04 01:30 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-03-14 17:06 - 2017-03-04 01:30 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2017-03-14 17:06 - 2017-03-04 01:30 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll 2017-03-14 17:06 - 2017-03-04 01:30 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2017-03-14 17:06 - 2017-03-04 01:30 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe 2017-03-14 17:06 - 2017-03-04 01:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe 2017-03-14 17:06 - 2017-03-04 01:29 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\tapi32.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveExt.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfp.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XInputUap.dll 2017-03-14 17:06 - 2017-03-04 01:29 - 00019968 _____ C:\Windows\SysWOW64\GamePanelExternalHook.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00394752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2017-03-14 17:06 - 2017-03-04 01:28 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2017-03-14 17:06 - 2017-03-04 01:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.HostName.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00719872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys 2017-03-14 17:06 - 2017-03-04 01:27 - 00460288 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-03-14 17:06 - 2017-03-04 01:27 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accountaccessor.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll 2017-03-14 17:06 - 2017-03-04 01:27 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddrawex.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00383488 _____ (Microsoft Corporation) C:\Windows\system32\DavSyncProvider.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00264704 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.UI.GameBar.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2017-03-14 17:06 - 2017-03-04 01:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe 2017-03-14 17:06 - 2017-03-04 01:25 - 01016320 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscandui.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCCSEngineShared.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2017-03-14 17:06 - 2017-03-04 01:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 01293312 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfui.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-03-14 17:06 - 2017-03-04 01:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe 2017-03-14 17:06 - 2017-03-04 01:23 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00820224 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL 2017-03-14 17:06 - 2017-03-04 01:23 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00541696 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00531456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2017-03-14 17:06 - 2017-03-04 01:23 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DavSyncProvider.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2017-03-14 17:06 - 2017-03-04 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 01299968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll 2017-03-14 17:06 - 2017-03-04 01:22 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-03-14 17:06 - 2017-03-04 01:22 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2017-03-14 17:06 - 2017-03-04 01:21 - 01937920 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2017-03-14 17:06 - 2017-03-04 01:21 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.Search.dll 2017-03-14 17:06 - 2017-03-04 01:21 - 00631296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl 2017-03-14 17:06 - 2017-03-04 01:21 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-14 17:06 - 2017-03-04 01:21 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2017-03-14 17:06 - 2017-03-04 01:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi32.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 00632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 00424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll 2017-03-14 17:06 - 2017-03-04 01:20 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 01639424 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 00714752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2017-03-14 17:06 - 2017-03-04 01:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2017-03-14 17:06 - 2017-03-04 01:19 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-14 17:06 - 2017-03-04 01:19 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll 2017-03-14 17:06 - 2017-03-04 01:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\Tabbtn.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 01762816 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 01231360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 01189376 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00548352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll 2017-03-14 17:06 - 2017-03-04 01:18 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe 2017-03-14 17:06 - 2017-03-04 01:18 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-03-14 17:06 - 2017-03-04 01:17 - 07812096 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2017-03-14 17:06 - 2017-03-04 01:17 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll 2017-03-14 17:06 - 2017-03-04 01:17 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-03-14 17:06 - 2017-03-04 01:16 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 03289088 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 01456640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00968704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2017-03-14 17:06 - 2017-03-04 01:16 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2017-03-14 17:06 - 2017-03-04 01:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll 2017-03-14 17:06 - 2017-03-04 01:15 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2017-03-14 17:06 - 2017-03-04 01:15 - 01837056 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2017-03-14 17:06 - 2017-03-04 01:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2017-03-14 17:06 - 2017-03-04 01:15 - 01345024 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll 2017-03-14 17:06 - 2017-03-04 01:15 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll 2017-03-14 17:06 - 2017-03-04 01:14 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll 2017-03-14 17:06 - 2017-03-04 01:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 02458112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00982528 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00858112 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll 2017-03-14 17:06 - 2017-03-04 01:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2017-03-14 17:06 - 2017-03-04 01:12 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll 2017-03-14 17:06 - 2017-03-04 01:12 - 00700416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Search.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 03441664 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 02953216 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 01891328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 01357312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2017-03-14 17:06 - 2017-03-04 01:11 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2017-03-14 17:06 - 2017-03-04 01:10 - 02852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 01917440 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2017-03-14 17:06 - 2017-03-04 01:10 - 01536000 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 01399296 _____ (Microsoft Corporation) C:\Windows\system32\Pimstore.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 01282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regedit.exe 2017-03-14 17:06 - 2017-03-04 01:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll 2017-03-14 17:06 - 2017-03-04 01:10 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2017-03-14 17:06 - 2017-03-04 01:09 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2017-03-14 17:06 - 2017-03-04 01:09 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll 2017-03-14 17:06 - 2017-03-04 01:09 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ProximityCommon.dll 2017-03-14 17:06 - 2017-03-04 01:08 - 12349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2017-03-14 17:06 - 2017-03-04 01:08 - 03405312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-03-14 17:06 - 2017-03-04 01:08 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2017-03-14 17:06 - 2017-03-04 01:08 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-03-14 17:06 - 2017-03-04 01:08 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2017-03-14 17:06 - 2017-03-04 01:08 - 00540160 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 02370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 01512448 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 00935936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-03-14 17:06 - 2017-03-04 01:07 - 00707584 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2017-03-14 17:06 - 2017-03-04 01:07 - 00545280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 05384192 _____ (Microsoft) C:\Windows\system32\dbgeng.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 04746752 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 03202048 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 02820096 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 02475008 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 01013760 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll 2017-03-14 17:06 - 2017-03-04 01:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 01133568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 00545792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll 2017-03-14 17:06 - 2017-03-04 01:04 - 01826816 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-14 17:06 - 2017-03-04 01:04 - 00753152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll 2017-03-14 17:06 - 2017-03-04 01:04 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll 2017-03-14 17:06 - 2017-03-04 01:04 - 00531456 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll 2017-03-14 17:06 - 2017-03-04 01:04 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2017-03-14 17:06 - 2017-03-04 01:04 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RADCUI.dll 2017-03-14 17:06 - 2017-03-04 01:03 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-14 17:06 - 2017-03-04 01:03 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2017-03-14 17:06 - 2017-03-04 01:03 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll 2017-03-14 17:06 - 2017-03-04 01:02 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2017-03-14 17:06 - 2017-03-04 01:02 - 01709056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2017-03-14 17:06 - 2017-03-04 01:02 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll 2017-03-14 17:06 - 2017-03-04 01:02 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2017-03-14 17:06 - 2017-03-04 01:02 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr 2017-03-14 17:06 - 2017-03-04 01:02 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.SecureAssessment.dll 2017-03-14 17:06 - 2017-03-04 01:01 - 01571840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-14 17:06 - 2017-03-04 01:01 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2017-03-14 17:06 - 2017-03-04 01:01 - 01293312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2017-03-14 17:06 - 2017-03-04 01:01 - 01154560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Pimstore.dll 2017-03-14 17:06 - 2017-03-04 01:01 - 00560640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2017-03-14 17:06 - 2017-03-04 01:01 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll 2017-03-14 17:06 - 2017-03-04 01:00 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2017-03-14 17:06 - 2017-03-04 01:00 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll 2017-03-14 17:06 - 2017-03-04 01:00 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2017-03-14 17:06 - 2017-03-04 01:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2017-03-14 17:06 - 2017-03-04 00:59 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2017-03-14 17:06 - 2017-03-04 00:57 - 00449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll 2017-03-14 17:06 - 2017-02-21 21:17 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml 2017-03-14 17:06 - 2016-07-15 21:29 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\CspCellularSettings.dll 2017-03-14 17:06 - 2016-07-15 21:28 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAPNCsp.dll 2017-03-14 17:06 - 2016-07-15 21:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CfgSPCellular.dll 2017-03-14 17:05 - 2017-03-04 02:35 - 00590952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2017-03-14 17:05 - 2017-03-04 02:27 - 02170720 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll 2017-03-14 17:05 - 2017-03-04 02:25 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2017-03-14 17:05 - 2017-03-04 02:24 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-14 17:05 - 2017-03-04 02:24 - 00894096 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-03-14 17:05 - 2017-03-04 02:24 - 00354264 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2017-03-14 17:05 - 2017-03-04 02:22 - 01354312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-14 17:05 - 2017-03-04 02:22 - 01172984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-03-14 17:05 - 2017-03-04 02:20 - 00379744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2017-03-14 17:05 - 2017-03-04 02:20 - 00128352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2017-03-14 17:05 - 2017-03-04 02:15 - 00404320 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2017-03-14 17:05 - 2017-03-04 02:13 - 00635456 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2017-03-14 17:05 - 2017-03-04 02:11 - 00266544 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll 2017-03-14 17:05 - 2017-03-04 02:09 - 00578392 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2017-03-14 17:05 - 2017-03-04 02:08 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-03-14 17:05 - 2017-03-04 02:08 - 00342456 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2017-03-14 17:05 - 2017-03-04 02:07 - 02913144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2017-03-14 17:05 - 2017-03-04 02:07 - 00947552 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi 2017-03-14 17:05 - 2017-03-04 02:07 - 00811872 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe 2017-03-14 17:05 - 2017-03-04 02:07 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2017-03-14 17:05 - 2017-03-04 02:07 - 00110944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys 2017-03-14 17:05 - 2017-03-04 02:07 - 00080224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys 2017-03-14 17:05 - 2017-03-04 02:01 - 00201568 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2017-03-14 17:05 - 2017-03-04 02:01 - 00128648 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2017-03-14 17:05 - 2017-03-04 01:58 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2017-03-14 17:05 - 2017-03-04 01:37 - 00025088 _____ C:\Windows\system32\GamePanelExternalHook.dll 2017-03-14 17:05 - 2017-03-04 01:36 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll 2017-03-14 17:05 - 2017-03-04 01:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2017-03-14 17:05 - 2017-03-04 01:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe 2017-03-14 17:05 - 2017-03-04 01:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll 2017-03-14 17:05 - 2017-03-04 01:34 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys 2017-03-14 17:05 - 2017-03-04 01:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll 2017-03-14 17:05 - 2017-03-04 01:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothDesktopHandlers.dll 2017-03-14 17:05 - 2017-03-04 01:33 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\XInputUap.dll 2017-03-14 17:05 - 2017-03-04 01:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2017-03-14 17:05 - 2017-03-04 01:32 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\MediaFoundation.DefaultPerceptionProvider.dll 2017-03-14 17:05 - 2017-03-04 01:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll 2017-03-14 17:05 - 2017-03-04 01:31 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll 2017-03-14 17:05 - 2017-03-04 01:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2017-03-14 17:05 - 2017-03-04 01:30 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll 2017-03-14 17:05 - 2017-03-04 01:30 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll 2017-03-14 17:05 - 2017-03-04 01:30 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll 2017-03-14 17:05 - 2017-03-04 01:29 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2017-03-14 17:05 - 2017-03-04 01:28 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2017-03-14 17:05 - 2017-03-04 01:28 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll 2017-03-14 17:05 - 2017-03-04 01:28 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll 2017-03-14 17:05 - 2017-03-04 01:28 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2017-03-14 17:05 - 2017-03-04 01:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2017-03-14 17:05 - 2017-03-04 01:26 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl 2017-03-14 17:05 - 2017-03-04 01:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll 2017-03-14 17:05 - 2017-03-04 01:26 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2017-03-14 17:05 - 2017-03-04 01:26 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2017-03-14 17:05 - 2017-03-04 01:25 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2017-03-14 17:05 - 2017-03-04 01:24 - 01092096 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll 2017-03-14 17:05 - 2017-03-04 01:24 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2017-03-14 17:05 - 2017-03-04 01:24 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2017-03-14 17:05 - 2017-03-04 01:24 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll 2017-03-14 17:05 - 2017-03-04 01:23 - 03753984 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll 2017-03-14 17:05 - 2017-03-04 01:23 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2017-03-14 17:05 - 2017-03-04 01:23 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll 2017-03-14 17:05 - 2017-03-04 01:21 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl 2017-03-14 17:05 - 2017-03-04 01:21 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2017-03-14 17:05 - 2017-03-04 01:20 - 00893952 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2017-03-14 17:05 - 2017-03-04 01:20 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2017-03-14 17:05 - 2017-03-04 01:20 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll 2017-03-14 17:05 - 2017-03-04 01:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe 2017-03-14 17:05 - 2017-03-04 01:18 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2017-03-14 17:05 - 2017-03-04 01:18 - 00320512 _____ (Microsoft Corporation) C:\Windows\regedit.exe 2017-03-14 17:05 - 2017-03-04 01:17 - 01082368 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2017-03-14 17:05 - 2017-03-04 01:17 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2017-03-14 17:05 - 2017-03-04 01:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2017-03-14 17:05 - 2017-03-04 01:16 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll 2017-03-14 17:05 - 2017-03-04 01:15 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2017-03-14 17:05 - 2017-03-04 01:14 - 01562112 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2017-03-14 17:05 - 2017-03-04 01:14 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2017-03-14 17:05 - 2017-03-04 01:14 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2017-03-14 17:05 - 2017-03-04 01:14 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe 2017-03-14 17:05 - 2017-03-04 01:13 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll 2017-03-14 17:05 - 2017-03-04 01:13 - 00947200 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll 2017-03-14 17:05 - 2017-03-04 01:13 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll 2017-03-14 17:05 - 2017-03-04 01:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe 2017-03-14 17:05 - 2017-03-04 01:12 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2017-03-14 17:05 - 2017-03-04 01:11 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2017-03-14 17:05 - 2017-03-04 01:11 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-03-14 17:05 - 2017-03-04 01:11 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe 2017-03-14 17:05 - 2017-03-04 01:11 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2017-03-14 17:05 - 2017-03-04 01:10 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe 2017-03-14 17:05 - 2017-03-04 01:10 - 00960000 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2017-03-14 17:05 - 2017-03-04 01:09 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2017-03-14 17:05 - 2017-03-04 01:08 - 01714688 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2017-03-14 17:05 - 2017-03-04 01:08 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2017-03-14 17:05 - 2017-03-04 01:07 - 02512384 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2017-03-14 17:05 - 2017-03-04 01:07 - 01490944 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-14 17:05 - 2017-03-04 01:07 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2017-03-14 17:05 - 2017-03-04 01:06 - 04060672 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2017-03-14 17:05 - 2017-03-04 01:06 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2017-03-14 17:05 - 2017-03-04 01:06 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2017-03-14 17:05 - 2017-03-04 01:04 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe 2017-03-14 17:05 - 2017-03-04 01:03 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll 2017-03-14 17:05 - 2017-03-04 01:01 - 03478528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2017-03-14 17:05 - 2016-05-29 13:38 - 08886976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSetup.exe 2017-03-12 17:26 - 2017-03-12 17:26 - 54970760 _____ (Electronic Arts) C:\Users\Confidential\Downloads\OriginThinSetup (3).exe 2017-03-11 22:15 - 2017-03-11 22:15 - 00017605 _____ C:\Users\Confidential\Downloads\MCLeaksAuthenticator.zip 2017-03-11 15:31 - 2017-03-27 15:49 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2017-03-11 14:30 - 2017-03-11 14:30 - 00000000 ____D C:\Users\Confidential\AppData\LocalLow\NoBrakesGames 2017-03-11 14:29 - 2017-03-12 16:22 - 406271412 _____ C:\Users\Confidential\Downloads\IGG-Human.Fall.Flat.v1.1.1.rar 2017-03-10 20:52 - 2017-03-10 20:53 - 00543232 _____ (D3vil) C:\Users\Confidential\Downloads\Pastebin D3vSpider.exe 2017-03-10 18:14 - 2017-03-10 18:14 - 03729760 _____ C:\Users\Confidential\Downloads\forge-1.8-11.14.4.1577-installer-win.exe 2017-03-10 18:12 - 2017-03-10 18:12 - 04120881 _____ C:\Users\Confidential\Downloads\forge-1.8.9-11.15.1.1902-1.8.9-installer-win.exe 2017-03-10 18:08 - 2017-03-10 18:09 - 00033089 _____ C:\Users\Confidential\Downloads\AltLoader 1.8.jar 2017-03-10 16:17 - 2017-03-10 16:17 - 00536864 _____ C:\Windows\system32\vulkan-1-1-0-42-1.dll 2017-03-10 16:17 - 2017-03-10 16:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1-1-0-42-1.dll 2017-03-10 16:17 - 2017-03-10 16:17 - 00254240 _____ C:\Windows\system32\vulkaninfo-1-1-0-42-1.exe 2017-03-10 16:17 - 2017-03-10 16:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-42-1.exe 2017-03-10 08:49 - 2017-03-10 08:50 - 00066881 _____ C:\Users\Confidential\Downloads\Shortcut.txt 2017-03-10 08:48 - 2017-04-30 15:37 - 00000000 ____D C:\FRST 2017-03-10 08:48 - 2017-03-10 08:50 - 00306221 _____ C:\Users\Confidential\Downloads\FRST.txt 2017-03-10 08:48 - 2017-03-10 08:50 - 00064161 _____ C:\Users\Confidential\Downloads\Addition.txt 2017-03-10 08:47 - 2017-03-10 08:48 - 02423808 _____ (Farbar) C:\Users\Confidential\Downloads\FRST64.exe 2017-03-09 22:37 - 2017-03-24 10:48 - 00000396 _____ C:\Windows\system32\.crusader 2017-03-09 21:58 - 2017-03-09 22:07 - 00000000 ____D C:\ProgramData\HitmanPro 2017-03-09 21:58 - 2017-03-09 21:58 - 11581544 _____ (SurfRight B.V.) C:\Users\Confidential\Downloads\hitmanpro_x64 (1).exe 2017-03-09 21:58 - 2017-03-09 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2017-03-09 21:58 - 2017-03-09 21:58 - 00000000 ____D C:\Program Files\HitmanPro 2017-03-09 21:55 - 2017-03-09 21:58 - 11581544 _____ (SurfRight B.V.) C:\Users\Confidential\Downloads\hitmanpro_x64.exe 2017-03-09 21:52 - 2017-03-09 21:52 - 04031440 _____ C:\Users\Confidential\Downloads\adwcleaner_6.044.exe 2017-03-09 21:52 - 2017-03-09 21:52 - 04031440 _____ C:\Users\Confidential\Downloads\adwcleaner_6.044 (1).exe 2017-03-09 21:35 - 2017-03-09 21:36 - 57131432 _____ (Malwarebytes ) C:\Users\Confidential\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe 2017-03-04 19:14 - 2017-03-04 19:14 - 00000222 _____ C:\Users\Confidential\Desktop\SMITE.url 2017-03-04 18:20 - 2017-03-04 18:20 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\7DaysToDie 2017-02-25 20:52 - 2017-02-25 20:52 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Axolot Games 2017-02-25 20:52 - 2017-02-25 20:52 - 00000000 ____D C:\Users\Confidential\AppData\Local\Axolot Games 2017-02-25 20:51 - 2017-02-25 20:51 - 355074098 _____ C:\Users\Confidential\Downloads\Scrap.Mechanic.Beta.v0.2.1.rar 2017-02-25 11:02 - 2017-02-25 11:02 - 00000000 ____D C:\Users\Confidential\AppData\Local\SKIDROW 2017-02-25 10:53 - 2017-02-25 10:56 - 194143485 _____ C:\Users\Confidential\Downloads\Turbo Dismount By The_MC_Boy.zip 2017-02-23 20:56 - 2017-02-23 20:56 - 00000220 _____ C:\Users\Confidential\Desktop\Garry's Mod.url 2017-02-23 13:06 - 2017-02-23 13:06 - 00111030 _____ C:\Users\Confidential\Downloads\law.jpg-large 2017-02-21 20:01 - 2017-02-21 20:01 - 00000000 ____D C:\Users\Kurt\ansel 2017-02-20 10:02 - 2017-02-20 10:02 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Audacity 2017-02-20 10:02 - 2017-02-20 10:02 - 00000000 ____D C:\Users\Confidential\AppData\Local\Audacity 2017-02-20 10:01 - 2017-02-20 10:02 - 00000000 ____D C:\Program Files (x86)\Audacity 2017-02-20 10:01 - 2017-02-20 10:01 - 26496761 _____ (Audacity Team ) C:\Users\Confidential\Downloads\audacity-win-2.1.2.exe 2017-02-20 10:01 - 2017-02-20 10:01 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2017-02-18 22:51 - 2017-02-18 22:51 - 00000000 ____D C:\Users\Confidential\Documents\Telltale Games 2017-02-18 22:51 - 2017-02-18 22:51 - 00000000 ____D C:\ProgramData\Steam 2017-02-18 22:51 - 2017-02-18 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst 2017-02-18 22:47 - 2017-02-18 22:47 - 00000000 ____D C:\R.G. Catalyst 2017-02-18 22:39 - 2017-02-18 22:39 - 1905146191 _____ C:\Users\Confidential\Downloads\The Walking Dead 1+2+3+4+5+400.rar 2017-02-18 22:10 - 2017-02-18 22:12 - 03431033 _____ C:\Users\Confidential\Downloads\Walking-dead-1_2_3_4_5.exe 2017-02-18 22:06 - 2017-02-18 22:06 - 00000000 ____D C:\Users\Confidential\AppData\Local\CrashReportClient 2017-02-18 21:30 - 2017-02-18 21:30 - 00000000 ____D C:\Users\Confidential\AppData\Local\HelloNeighborReborn 2017-02-18 20:53 - 2017-02-18 21:07 - 698346441 _____ C:\Users\Confidential\Downloads\Hello_Neighbor_Alpha_1.zip 2017-02-14 20:26 - 2017-02-14 20:26 - 00000000 ____D C:\Users\Confidential\ansel 2017-02-14 19:52 - 2017-04-07 16:22 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-02-14 19:52 - 2017-03-10 16:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll 2017-02-14 19:52 - 2017-03-10 16:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll 2017-02-14 19:52 - 2017-03-10 16:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe 2017-02-14 19:52 - 2017-03-10 16:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2017-02-14 19:50 - 2017-03-31 22:27 - 28592184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2017-02-14 19:50 - 2017-02-09 21:33 - 01983424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437866.dll 2017-02-14 19:50 - 2017-02-09 21:33 - 01589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437866.dll 2017-02-14 01:18 - 2017-02-14 01:18 - 00353488 _____ (Spotify Ltd) C:\Users\Kurt\Downloads\SpotifySetup (1).exe 2017-02-13 20:47 - 2017-02-13 20:47 - 00000000 ____D C:\Users\Confidential\AppData\LocalLow\Mana Potion Studios 2017-02-13 20:46 - 2017-02-13 20:46 - 88614087 _____ C:\Users\Confidential\Downloads\Zilak - Get Happy Room For Free.rar 2017-02-12 16:13 - 2017-02-12 16:13 - 540874792 _____ C:\Users\Confidential\Downloads\Derberg.exe 2017-02-09 18:50 - 2017-02-09 18:50 - 00000000 ____D C:\Users\Confidential\AppData\Roaming\Steam 2017-02-09 18:50 - 2017-02-09 18:50 - 00000000 ____D C:\Users\Confidential\AppData\Local\Colossal Order 2017-02-09 18:49 - 2017-02-18 22:51 - 00000000 ___HD C:\Windows\msdownld.tmp 2017-02-09 18:48 - 2017-02-18 22:51 - 00000000 ____D C:\Windows\SysWOW64\directx 2017-02-09 18:45 - 2017-02-20 10:16 - 00000000 ____D C:\Games 2017-02-09 18:24 - 2017-02-09 18:43 - 1737187078 _____ C:\Users\Confidential\Downloads\Cities Skylines (Demonico) .zip 2017-02-09 18:09 - 2017-02-09 18:11 - 00000000 ____D C:\Users\Kurt\Documents\wow 2017-02-08 19:25 - 2017-02-08 19:25 - 00000000 ____D C:\Users\Confidential\AppData\LocalLow\Jannik Nickel 2017-02-08 19:23 - 2017-02-08 19:23 - 46551869 _____ C:\Users\Confidential\Downloads\ancient-warfare-2-win-64bit-stable-update4.zip 2017-02-05 16:18 - 2017-02-05 16:21 - 239927520 _____ C:\Users\Confidential\Downloads\car_jump_arena.zip 2017-02-05 16:00 - 2017-02-05 16:01 - 65741328 _____ C:\Users\Confidential\Downloads\FR16 (1).zip 2017-02-05 15:59 - 2017-02-05 15:59 - 00259353 _____ C:\Users\Confidential\Downloads\VprBudgetdrift (1).zip 2017-02-05 15:51 - 2017-02-05 15:51 - 00259353 _____ C:\Users\Confidential\Downloads\VprBudgetdrift.zip 2017-02-05 12:23 - 2017-02-05 12:23 - 00062724 _____ C:\Users\Confidential\Downloads\rafradek_blocklauncher-1.8-2.0 (1).jar 2017-02-05 12:22 - 2017-02-13 21:40 - 88314802 _____ C:\Users\Confidential\Downloads\rafradek_blocklauncher-1.8-2.0.jar 2017-02-05 12:22 - 2017-02-05 12:22 - 04388166 _____ C:\Users\Confidential\Downloads\forge-1.10-12.18.0.2000-1.10.0-installer-win.exe 2017-02-05 12:10 - 2017-02-05 12:10 - 20911359 _____ C:\Users\Confidential\Downloads\RMS_Titanic.zip 2017-02-04 22:53 - 2017-02-04 22:53 - 04644447 _____ C:\Users\Confidential\Downloads\forge-1.11.2-13.20.0.2226-installer-win (2).exe 2017-02-04 22:51 - 2017-02-04 22:51 - 04644447 _____ C:\Users\Confidential\Downloads\forge-1.11.2-13.20.0.2226-installer-win.exe 2017-02-04 21:56 - 2017-02-04 21:56 - 01588155 _____ C:\Users\Confidential\Downloads\Hello_Zombie_v1.1.zip 2017-02-04 21:35 - 2017-02-04 21:35 - 15352634 _____ C:\Users\Confidential\Downloads\Project_Nightmare_Map.zip 2017-02-04 18:05 - 2017-04-25 20:14 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-04 18:05 - 2017-04-25 20:14 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-04 18:01 - 2017-04-28 21:09 - 00003416 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-02-04 18:01 - 2017-04-28 21:09 - 00003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-02-04 18:00 - 2017-02-04 18:01 - 00000000 ____D C:\Users\Confidential\AppData\Local\Deployment 2017-02-04 18:00 - 2017-02-04 18:00 - 00000000 ____D C:\Users\Confidential\AppData\Local\Apps\2.0 2017-02-04 17:25 - 2017-02-04 17:25 - 12576400 _____ C:\Users\Confidential\Downloads\PayDay The Minecraft Heist.zip 2017-02-04 16:39 - 2017-02-04 16:39 - 04597539 _____ C:\Users\Confidential\Downloads\forge-1.11-13.19.1.2199-installer-win (1).exe 2017-02-03 20:34 - 2017-02-21 21:59 - 00000000 ____D C:\Users\Kurt\Documents\The Witcher 3 2017-01-31 17:31 - 2017-04-17 15:29 - 00000000 ____D C:\Users\Confidential\Documents\The Witcher 3 2017-01-30 17:18 - 2017-01-30 17:18 - 00000222 _____ C:\Users\Confidential\Desktop\The Witcher 3 Wild Hunt.url ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-30 15:16 - 2016-12-26 00:14 - 00000000 ____D C:\Program Files (x86)\Steam 2017-04-30 15:11 - 2016-12-25 23:54 - 00000000 ____D C:\ProgramData\NVIDIA 2017-04-30 15:04 - 2016-12-26 15:30 - 00000000 ____D C:\Users\Confidential 2017-04-30 15:02 - 2017-01-11 19:38 - 00000000 ____D C:\Users\Confidential\AppData\Local\ElevatedDiagnostics 2017-04-30 15:01 - 2016-12-26 15:33 - 02687562 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-30 14:56 - 2017-01-02 19:37 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-04-30 14:56 - 2016-12-26 00:09 - 00003256 _____ C:\Windows\System32\Tasks\GPU Tweak II 2017-04-30 14:56 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\AppReadiness 2017-04-30 14:55 - 2016-12-26 15:27 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-30 14:55 - 2016-07-16 01:04 - 00524288 _____ C:\Windows\system32\config\BBI 2017-04-30 14:32 - 2016-07-16 06:45 - 00000000 ____D C:\Windows\INF 2017-04-30 14:30 - 2017-01-08 15:29 - 00003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2017-01-08 15:29 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-04-30 14:30 - 2017-01-08 15:28 - 00004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2017-01-08 15:28 - 00003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2017-01-08 15:28 - 00003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2017-01-08 15:28 - 00003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2017-01-08 15:28 - 00003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2017-01-08 15:28 - 00003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 14:30 - 2016-12-25 23:54 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-04-30 14:30 - 2016-12-25 23:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-04-30 14:30 - 2016-12-25 23:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-04-30 14:22 - 2016-12-26 15:27 - 00000000 ____D C:\Windows\system32\SleepStudy 2017-04-30 10:53 - 2017-01-03 12:56 - 00004178 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{ABE5F094-6A23-4611-B7D2-D1B9523F8CC8} 2017-04-29 10:21 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-28 17:02 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-28 17:01 - 2016-12-26 15:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-04-28 16:13 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\system32\appraiser 2017-04-28 16:13 - 2016-07-16 06:36 - 00000000 ____D C:\Windows\CbsTemp 2017-04-26 09:38 - 2016-12-26 00:26 - 00000000 ____D C:\Users\Confidential\AppData\Local\Ubisoft Game Launcher 2017-04-26 09:36 - 2017-01-02 11:16 - 00000000 ____D C:\Users\Kurt\AppData\Local\Google 2017-04-26 08:46 - 2017-01-02 19:40 - 00004162 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{28E7FD4A-9F2C-4739-97A0-4702B0F70D97} 2017-04-26 00:40 - 2017-01-12 18:05 - 00057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2017-04-26 00:40 - 2017-01-08 15:29 - 01882048 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2017-04-26 00:40 - 2017-01-08 15:29 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2017-04-26 00:40 - 2017-01-08 15:29 - 01472960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2017-04-26 00:40 - 2017-01-08 15:29 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2017-04-26 00:40 - 2017-01-08 15:29 - 00121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll 2017-04-26 00:40 - 2017-01-08 15:28 - 00047552 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2017-04-25 21:21 - 2017-01-06 00:53 - 00000000 ____D C:\Users\Kurt\AppData\Local\Spotify 2017-04-25 21:00 - 2017-01-06 00:52 - 00000000 ____D C:\Users\Kurt\AppData\Roaming\Spotify 2017-04-18 19:22 - 2017-01-11 17:38 - 00000000 ____D C:\Users\Confidential\AppData\Local\CrashDumps 2017-04-17 16:10 - 2017-01-02 11:17 - 00002360 _____ C:\Users\Kurt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-04-17 16:10 - 2017-01-02 11:17 - 00000000 ___RD C:\Users\Kurt\OneDrive 2017-04-17 16:08 - 2016-12-26 15:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-17 12:15 - 2017-01-13 14:24 - 00000000 ____D C:\ProgramData\Codemasters 2017-04-17 12:15 - 2016-12-26 11:04 - 00000000 ____D C:\Users\Confidential\Documents\My Games 2017-04-17 12:14 - 2017-01-13 14:24 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2017-04-17 12:14 - 2017-01-13 14:24 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2017-04-17 12:14 - 2017-01-13 14:24 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2017-04-17 12:14 - 2017-01-13 14:24 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2017-04-17 12:14 - 2017-01-13 14:24 - 00000000 ____D C:\Program Files (x86)\OpenAL 2017-04-15 11:22 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\rescache 2017-04-11 21:07 - 2016-12-26 15:27 - 00336008 _____ C:\Windows\system32\FNTCACHE.DAT 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ___SD C:\Windows\SysWOW64\F12 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ___SD C:\Windows\system32\F12 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\SysWOW64\setup 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\system32\setup 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\ShellExperiences 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\Provisioning 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Windows\PolicyDefinitions 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-11 21:06 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-11 21:06 - 2016-07-16 01:04 - 00000000 ____D C:\Windows\system32\Dism 2017-04-11 20:23 - 2016-12-26 02:42 - 00000000 ____D C:\Windows\system32\MRT 2017-04-11 20:22 - 2016-12-26 02:42 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-04-11 18:40 - 2016-12-26 23:37 - 00000000 ____D C:\Users\Alieca\AppData\Local\ConnectedDevicesPlatform 2017-04-11 18:23 - 2016-12-26 23:38 - 00002366 _____ C:\Users\Alieca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-04-11 18:23 - 2016-12-26 23:38 - 00000000 ___RD C:\Users\Alieca\OneDrive 2017-04-11 18:21 - 2016-12-26 15:32 - 00002384 _____ C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-04-11 18:21 - 2016-12-26 15:32 - 00000000 ___RD C:\Users\Confidential\OneDrive 2017-04-11 18:21 - 2016-12-26 00:12 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-08 22:04 - 2016-12-26 23:37 - 00000000 ____D C:\Users\Alieca 2017-04-08 14:43 - 2016-12-26 02:44 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-04-08 08:58 - 2016-12-26 23:37 - 00000000 ____D C:\Users\Alieca\AppData\Local\Google 2017-04-08 08:52 - 2016-12-26 23:37 - 00000000 ____D C:\Users\Alieca\AppData\Local\Packages 2017-04-07 18:55 - 2016-12-26 00:01 - 00000000 ____D C:\ProgramData\Package Cache 2017-04-07 16:23 - 2016-12-26 00:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-04-05 19:27 - 2017-01-02 11:16 - 00000000 ____D C:\Users\Kurt 2017-04-02 11:12 - 2016-09-24 02:17 - 01600560 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2017-04-02 11:12 - 2016-09-24 01:51 - 00218040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2017-04-01 13:52 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-04-01 13:52 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-01 11:55 - 2016-12-26 15:30 - 00000000 ____D C:\Users\Confidential\AppData\Local\Packages 2017-04-01 04:26 - 2017-01-03 18:35 - 00000000 ____D C:\ProgramData\Garmin 2017-04-01 04:25 - 2017-01-03 18:35 - 00003624 _____ C:\Windows\System32\Tasks\GarminUpdaterTask 2017-04-01 04:25 - 2017-01-03 18:35 - 00001963 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2017-04-01 04:25 - 2017-01-03 18:35 - 00000000 ____D C:\Program Files (x86)\Garmin 2017-03-31 22:27 - 2016-09-24 01:42 - 04085712 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2017-03-31 22:27 - 2016-09-24 01:42 - 03602296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2017-03-31 22:27 - 2016-09-23 22:42 - 00045061 _____ C:\Windows\system32\nvinfo.pb 2017-03-31 21:10 - 2016-12-25 23:54 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2017-03-31 21:10 - 2016-12-25 23:54 - 02481208 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2017-03-31 21:10 - 2016-12-25 23:54 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2017-03-31 21:10 - 2016-12-25 23:54 - 00549944 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2017-03-31 21:10 - 2016-12-25 23:54 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2017-03-31 21:10 - 2016-12-25 23:54 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2017-03-31 21:10 - 2016-12-25 23:54 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2017-03-31 05:15 - 2016-12-25 23:54 - 07851747 _____ C:\Windows\system32\nvcoproc.bin ==================== Files in the root of some directories ======= 2017-01-08 15:29 - 2017-01-12 18:05 - 0005943 _____ () C:\ProgramData\NvTelemetryContainer.log 2017-01-08 15:29 - 2017-01-11 23:35 - 0004604 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1 Some files in TEMP: ==================== 2017-01-06 18:27 - 2017-01-06 18:27 - 12630720 _____ (Ellora Assets Corporation ) C:\Users\Confidential\AppData\Local\Temp\FreemakeYouTubeToMP3BoomFull.exe 2017-02-24 19:19 - 2016-12-09 12:04 - 0037376 _____ (Microsoft) C:\Users\Confidential\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe 2017-02-24 19:19 - 2016-12-09 12:04 - 0020992 _____ (Microsoft) C:\Users\Confidential\AppData\Local\Temp\HiRezLauncherControls.dll 2017-03-10 18:10 - 2017-03-10 18:10 - 0017408 ____N (Red Hat®, Inc.) C:\Users\Confidential\AppData\Local\Temp\jansi-32-1085916850673454364.dll 2017-03-10 18:13 - 2017-03-10 18:13 - 0017408 ____N (Red Hat®, Inc.) C:\Users\Confidential\AppData\Local\Temp\jansi-32-4257681417797041845.dll 2017-02-05 13:36 - 2017-02-05 13:36 - 0017408 ____N (Red Hat®, Inc.) C:\Users\Confidential\AppData\Local\Temp\jansi-32-6526405303062290907.dll 2017-03-15 15:46 - 2017-03-15 15:46 - 0017408 ____N (Red Hat®, Inc.) C:\Users\Confidential\AppData\Local\Temp\jansi-32-6561218796314430203.dll 2017-02-05 12:24 - 2017-02-05 12:24 - 0017408 ____N (Red Hat®, Inc.) C:\Users\Confidential\AppData\Local\Temp\jansi-32-6672450150151902197.dll 2017-02-05 12:26 - 2017-02-05 12:26 - 0017408 ____N (Red Hat®, Inc.) C:\Users\Confidential\AppData\Local\Temp\jansi-32-7517111160221671526.dll 2016-12-15 01:06 - 2016-12-15 01:06 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Confidential\AppData\Local\Temp\libeay32.dll 2016-12-15 01:06 - 2016-12-15 01:06 - 0970912 _____ (Microsoft Corporation) C:\Users\Confidential\AppData\Local\Temp\msvcr120.dll 2016-12-25 23:54 - 2016-12-29 07:43 - 0747464 _____ (NVIDIA Corporation) C:\Users\Confidential\AppData\Local\Temp\nvSCPAPI.dll 2016-12-25 23:54 - 2017-02-09 17:39 - 0868152 _____ (NVIDIA Corporation) C:\Users\Confidential\AppData\Local\Temp\nvSCPAPI64.dll 2017-01-08 15:39 - 2017-02-09 17:39 - 0352704 _____ (NVIDIA Corporation) C:\Users\Confidential\AppData\Local\Temp\nvStInst.exe 2017-01-08 15:28 - 2017-01-05 20:10 - 0255032 _____ (NVIDIA Corporation) C:\Users\Confidential\AppData\Local\Temp\NvTelemetryAPI32.dll 2017-01-08 15:28 - 2017-01-05 20:10 - 0335928 _____ (NVIDIA Corporation) C:\Users\Confidential\AppData\Local\Temp\NvTelemetryAPI64.dll 2017-01-26 19:45 - 2017-01-26 19:45 - 7163504 _____ (Spotify Ltd) C:\Users\Confidential\AppData\Local\Temp\SpotifyUninstall.exe 2016-12-15 01:06 - 2016-12-15 01:06 - 0772672 _____ () C:\Users\Confidential\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {ae93a849-cba9-11e6-96a6-9ad2d5b5f726} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 10 locale en-US inherit {bootloadersettings} recoverysequence {ae93a84b-cba9-11e6-96a6-9ad2d5b5f726} volumebandid 1 recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {ae93a849-cba9-11e6-96a6-9ad2d5b5f726} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {ae93a84b-cba9-11e6-96a6-9ad2d5b5f726} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{ae93a84c-cba9-11e6-96a6-9ad2d5b5f726} path \windows\system32\winload.exe description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{ae93a84c-cba9-11e6-96a6-9ad2d5b5f726} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {ae93a849-cba9-11e6-96a6-9ad2d5b5f726} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {ae93a84b-cba9-11e6-96a6-9ad2d5b5f726} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {ae93a84c-cba9-11e6-96a6-9ad2d5b5f726} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2017-04-28 16:34 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2017 Ran by MARK (30-04-2017 15:37:47) Running from C:\Users\Confidential\Desktop Windows 10 Education Version 1607 (X64) (2016-12-26 20:29:03) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-336961583-835040132-1409505315-500 - Administrator - Disabled) Alieca (S-1-5-21-336961583-835040132-1409505315-1002 - Limited - Enabled) => C:\Users\Alieca DefaultAccount (S-1-5-21-336961583-835040132-1409505315-503 - Limited - Disabled) defaultuser0 (S-1-5-21-336961583-835040132-1409505315-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-336961583-835040132-1409505315-501 - Limited - Disabled) Kurt (S-1-5-21-336961583-835040132-1409505315-1003 - Limited - Enabled) => C:\Users\Kurt MARK (S-1-5-21-336961583-835040132-1409505315-1001 - Administrator - Enabled) => C:\Users\Confidential ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «The Walking Dead» 1.0.0.23 (HKLM-x32\...\The Walking Dead_is1) (Version: 1.0.0.23 - Telltale Games) Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony) Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - Frictional Games) Ansel (Version: 381.65 - NVIDIA Corporation) Hidden ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft) ASTRONEER (HKLM\...\Steam App 361420) (Version: - System Era Softworks) ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.) ASUS GPU TweakII (x32 Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) AutoHotkey 1.1.24.04 (HKLM\...\AutoHotkey) (Version: 1.1.24.04 - Lexikos) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bloons TD Battles (HKLM\...\Steam App 444640) (Version: - Ninja Kiwi) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software) Call of Duty: World at War (HKLM\...\Steam App 10090) (Version: - Treyarch) Cities: Skylines (HKLM-x32\...\Cities: Skylines_is1) (Version: - ) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Cry of Fear (HKLM\...\Steam App 223710) (Version: - Team Psykskallar) DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio) DiRT Showdown (HKLM\...\Steam App 201700) (Version: - Codemasters Racing Studio) Dota 2 (HKLM\...\Steam App 570) (Version: - Valve) Double Action: Boogaloo (HKLM\...\Steam App 317360) (Version: - Double Action Factory) Drop Alive (HKLM\...\Steam App 513450) (Version: - Invi Games) Elevated Installer (x32 Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Fistful of Frags (HKLM\...\Steam App 265630) (Version: - Fistful of Frags Team) Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.4 - Ellora Assets Corporation) Galactic Civilizations I: Ultimate Edition (HKLM\...\Steam App 214150) (Version: - Stardock Entertainment) Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company) H1Z1: King of the Kill Test Server (HKLM\...\Steam App 439700) (Version: - Daybreak Game Company) HandBrake 1.0.3 (HKLM-x32\...\HandBrake) (Version: 1.0.3 - ) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.) Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation) itch (HKU\S-1-5-21-336961583-835040132-1409505315-1001\...\itch) (Version: 23.4.0 - Itch Corp) iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7967.2139 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-336961583-835040132-1409505315-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.65 - NVIDIA Corporation) NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation) NVIDIA Graphics Driver 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) NvNodejs (Version: 3.5.0.76 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64) Prominence Poker (HKLM\...\Steam App 384180) (Version: - Pipeworks Studio) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.5.0.76 - NVIDIA Corporation) Hidden SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios) Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version: - Ubisoft) Star Trek Online (HKLM\...\Steam App 9900) (Version: - Cryptic Studios) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) The Bureau: XCOM Declassified (HKLM\...\Steam App 65930) (Version: - 2K Marin) The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED) Tux Paint 0.9.22 (HKLM-x32\...\Tux Paint_is1) (Version: - New Breed Software) UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-336961583-835040132-1409505315-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02B9A2BD-5069-4213-9960-471B6DB81D54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-28] (Microsoft Corporation) Task: {07F7C0B4-538D-40D2-B93A-D1D4C07EAB0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-04] (Google Inc.) Task: {278FFC92-AC07-4C4E-BA0E-A54A14F592E6} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-09-01] (TODO: <Company name>) Task: {31BF6339-C1A3-4AF2-BF1E-E88170147C16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-28] (Microsoft Corporation) Task: {372141C0-2732-4077-93BE-197CE127060C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {3B7D6209-E38E-4DD9-9DB9-6CEA9879D394} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {4938AD07-1B9D-495E-9AEB-51C0F1AF3B2E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation) Task: {49F2D5BB-819F-4413-8BCE-273CFEDA193C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation) Task: {4E8705A5-4D9A-447C-B362-8BB68B46BBC4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] () Task: {5C4B8EBC-0D38-4F0E-8E00-F3E3D1A74C4B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation) Task: {60524E79-A54A-4CED-9E15-CEE8B653BE2B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation) Task: {6FFD7EED-ECFA-453F-BC57-9387F0387AEA} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2016-12-13] (WinZip) Task: {722670C9-41F4-491F-A9C8-8BB397749D08} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation) Task: {7E960B4B-5904-4AB1-9665-9F1E1685EDAD} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-12-13] (WinZip Computing, S.L.) Task: {88E23B73-08F8-457E-BB79-F4A809EAB0F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-04] (Google Inc.) Task: {93F6ACBC-FE5B-42D6-933B-71C866B63E06} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {B6D8F019-131D-461D-B97B-031CD23E7C76} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {BE3C4999-21DF-4D81-892C-6E29F232CD9B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-28] (Microsoft Corporation) Task: {C531EF01-1580-4405-B8C6-4C97BAA5E9C0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\gorescript classic.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bbohlinegjlacogbjchanihbiiboabcp ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Netflix.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=eppojlglocelodeimnohnlnionkobfln ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Twitch.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=comkdlimbkhemidbbpchhepidbmjpnhh ShortcutWithArgument: C:\Users\Confidential\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2017-04-11 18:47 - 2017-03-28 01:22 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-12-25 23:54 - 2017-03-31 21:10 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-11-17 02:28 - 2016-11-17 02:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-01-08 15:28 - 2017-04-26 00:40 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-12-26 08:55 - 2017-01-02 15:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2017-04-11 18:47 - 2017-03-28 01:22 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll 2016-10-31 14:45 - 2016-10-31 14:45 - 00592384 _____ () C:\Users\Confidential\AppData\Local\MEGAsync\ShellExtX64.dll 2016-12-26 15:35 - 2017-04-28 17:00 - 08931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-12-26 02:40 - 2016-09-06 23:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 17:05 - 2017-03-04 01:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 17:05 - 2017-03-04 01:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll 2017-04-25 20:10 - 2017-04-25 20:11 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-04-25 20:10 - 2017-04-25 20:11 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-04-25 20:10 - 2017-04-25 20:11 - 43011072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-04-25 20:10 - 2017-04-25 20:11 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\skypert.dll 2016-12-26 18:56 - 2014-11-25 17:24 - 00204800 _____ () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\GameLauncherCefChildProcess.exe 2017-04-25 20:14 - 2017-04-19 00:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libglesv2.dll 2017-04-25 20:14 - 2017-04-19 00:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libegl.dll 2017-03-14 17:06 - 2017-03-04 01:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 17:06 - 2017-03-04 01:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-04-11 18:47 - 2017-03-28 00:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-04-11 18:47 - 2017-03-28 00:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-01-08 15:28 - 2017-04-26 00:40 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-12-26 00:16 - 2017-03-09 19:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-12-26 00:16 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-12-26 00:16 - 2017-04-25 18:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll 2016-12-26 00:16 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-12-26 00:16 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-12-26 00:16 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-12-26 00:16 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-12-26 00:16 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-12-26 00:16 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-12-26 00:16 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-12-26 00:16 - 2017-04-25 18:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-12-26 00:16 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-12-26 00:17 - 2017-01-30 16:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2016-12-26 00:16 - 2017-04-25 18:55 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll 2017-01-08 15:28 - 2017-04-26 00:03 - 02442360 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-01-08 15:28 - 2017-04-26 00:03 - 00361920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-01-08 15:28 - 2017-04-26 00:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-01-08 15:28 - 2017-04-26 00:03 - 00384120 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-01-08 15:28 - 2017-04-26 00:03 - 00467392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-01-08 15:28 - 2017-04-26 00:03 - 00572024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-01-08 15:29 - 2017-04-26 00:39 - 65708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2016-12-26 22:06 - 2017-02-11 18:21 - 00841152 _____ () C:\Users\Confidential\AppData\LocalLow\Daybreak Game Company\npdg0act.dll 2016-12-26 18:50 - 2014-11-25 17:24 - 41212928 _____ () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\libcef.dll 2016-12-26 18:50 - 2014-11-25 17:24 - 00902144 _____ () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\libglesv2.dll 2016-12-26 18:54 - 2014-11-25 17:24 - 00102400 _____ () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\libegl.dll 2016-12-26 18:50 - 2014-11-25 17:24 - 00888320 _____ () C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.libs\ffmpegsumo.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 06:47 - 2017-03-11 22:15 - 00000002 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-336961583-835040132-1409505315-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Confidential\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{a781647b-7480-4065-82dc-929b623a73d5}.jpg DNS Servers: 192.168.0.1 - 205.171.3.25 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: Freemake Improver => 2 MSCONFIG\Services: Garmin Device Interaction Service => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HiPatchService => 2 MSCONFIG\Services: HitmanProScheduler => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MBAMService => 2 HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "BrowserSafer" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E5B6FDA7-9497-4C23-BA72-6B513FDD5D14}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A8B980BF-F745-495F-8E14-D0D79A41CBBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F8967F9C-B3A9-4CCC-B980-77364AF68B4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{088CA2E9-8A3A-4F35-BD2B-8A8CF7336B79}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{77E042DF-25B8-4FCF-A2D9-98A0BF050E83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe FirewallRules: [{B96AD9E4-8F44-432E-959D-7FA979058D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe FirewallRules: [{B410AF68-F90C-4136-A6CD-05C1AECF9025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe FirewallRules: [{A4B98E4D-ABCE-4630-8726-C655EB2E6E23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe FirewallRules: [{95D98FD1-472A-4FF2-A403-84642EB707F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{06F62989-F42E-4882-B985-A3DA15517625}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{27FE7090-5A97-4CCA-ADF9-2B93E8571524}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{95BD2115-F09C-4F79-B5B5-6FCFD19B4D50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{F1BDE0D2-51DA-48E2-8007-53D0B12FDF16}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{4E93C7E0-A2AA-4EDA-8137-577D81A49594}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{232D8BCD-4123-4590-9162-289220797B77}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\WATCH_DOGS2\bin\WatchDogs2.exe FirewallRules: [{AD7041B0-527F-4505-AC7E-E1AE4FE9BBD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\WATCH_DOGS2\bin\WatchDogs2.exe FirewallRules: [{76D72FD1-2CC4-4534-8CC6-E30E91408953}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{1A83C9D3-2FB4-47A3-ABBE-CB00319D030E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{A34E2216-DF36-4FEE-B693-E0649BC8BDC8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{99DA8723-B9BC-4A5D-B11C-294522385B8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{FC97466C-54C2-4D0B-9920-143114633C4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{B1110C0E-6A03-4F27-8442-78C65948A379}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{9A4B92B0-9824-4CF7-BBB4-A3A76BD5704F}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{C9BEAF1E-ED13-4AA2-BC6C-7ED89899F747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill Test Server\LaunchPad.exe FirewallRules: [{95B0FFD5-A763-4F82-B9C7-C3F1979EFB11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill Test Server\LaunchPad.exe FirewallRules: [TCP Query User{27AD3E84-1D49-45B1-89CF-E888D5A2284C}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill test server\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill test server\h1z1.exe FirewallRules: [UDP Query User{D3F18343-8728-4C81-AC26-8856F2039086}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill test server\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill test server\h1z1.exe FirewallRules: [{5B1DC65A-B814-43C6-86B1-C0DE368D0510}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{549E5049-E8A3-4FDD-AFE8-AF872F2EFBEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{5E3BDAD8-F1CA-4D54-B63A-705F28324508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{A8F150EE-2905-484C-920C-7CD8D2FBAF14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{918AA976-B9B4-4567-9DA2-BA6B85868523}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe FirewallRules: [{AB2C4A64-B2A7-4D8D-96C2-83A892D004CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe FirewallRules: [{870194C8-8406-43B1-970D-29183A30294B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{0E851F08-546A-47A9-BA15-76095040693F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{84E735D7-64AE-47FC-B3C6-55F95DB5F77D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{FF681FD9-BF04-4346-A688-4B6942614633}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [TCP Query User{36DEDE52-5C58-40CD-99A4-ACDEF772FFB4}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe FirewallRules: [UDP Query User{9197BD24-A66C-4D21-B107-3520F6CAB67C}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe FirewallRules: [{2D3B4FB7-CAF4-493E-AB02-DE6C868347BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{FEB2BD2D-0101-416B-B4E4-2C3E17C9775A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned_BE.exe FirewallRules: [{B6834EAC-11DB-4745-91A5-79EDF58DC031}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{8E45113B-ACD9-4895-B250-B8770603F151}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{B24B8C26-D8FD-49CA-A859-65FEEE74E0F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{874B1F28-134E-4FC9-812B-C4888AD293A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BFAA1260-CF01-4ED7-A686-F08FC86BA6E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{04E8072B-32BB-464F-9A2C-CDF6BBB8F768}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{79A995DC-3E1D-4ED0-B839-BE297B949D15}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{BCD8CB08-E74D-4D4E-8F0E-4AACCB515EE1}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{CE406C59-B06D-4754-8D49-E15656CFB6ED}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe FirewallRules: [{6BC36020-CED2-4454-B4E2-F922D6CEE362}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe FirewallRules: [{EFD61A34-5F48-45EC-8926-8677D731EE0C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe FirewallRules: [{2BA42B77-1347-41A0-A631-7336C8049772}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe FirewallRules: [{10DCA4AB-A054-4C86-8C5C-2F5F243EFBD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4F663893-A6C5-4286-8CD0-70A58026EB2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9DB2F442-E5DF-4FE0-B1B8-6368D8C9297C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D9147A0F-C9A2-499F-8EBE-9AB37D2ED3CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{3F262EB1-C9FE-4E53-854F-D3C3F6E3B8C7}C:\users\confidential\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\confidential\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{4F1ABFF8-775D-437B-9F86-A0B2B40E92DF}C:\users\confidential\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\confidential\appdata\roaming\spotify\spotify.exe FirewallRules: [{E45F6622-9434-49A6-B63E-5FDF3755123C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3F258824-D00C-4108-B900-2B5963913E02}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6BE43CD7-E36E-4DEC-AD6F-F26D385145F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{43C69E56-CDC1-4E77-9D27-B26F0D30E3A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4E7EBB6F-D124-4B58-A618-F31A4E4B1617}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B34937AB-7E18-495A-BF54-19A705AD11AA}C:\users\kurt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kurt\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{79D08471-662C-45BF-B98A-20FD7AA1F668}C:\users\kurt\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kurt\appdata\roaming\spotify\spotify.exe FirewallRules: [{3D555D06-038F-48E5-AAB7-F501036FA527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Online\Star Trek Online.exe FirewallRules: [{9A6E9757-6AC9-42CF-AFE4-B2C06F23F898}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Trek Online\Star Trek Online.exe FirewallRules: [{5E195F23-0742-46D5-8AC2-2F60012BEB04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{FC007C10-E1B6-4A81-B7D5-23D61519F748}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{003321A5-789E-4384-A5FB-A46FDF8F60B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{FD8D5D30-5CAD-40D6-AC0D-B4E43E391344}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6FC57B2B-F5AB-4E67-84B4-BFBD204CB923}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{BFD9F62A-8258-469A-B810-1F65EE231192}C:\users\kurt\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\kurt\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{05948EE0-E2B9-43D8-9EE0-68F90838036B}C:\users\kurt\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\kurt\appdata\roaming\spotify\spotify.exe FirewallRules: [{55F22648-6780-43CD-A0F6-EE3D9411DB10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{4A1A8225-63B7-4D33-A8AC-0A34C74BF582}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{F2CA038A-6B0A-4EB0-A5A4-7E083947EA69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prominence Poker\Prominence\Binaries\Win64\Prominence-Win64-Shipping.exe FirewallRules: [{1CB38011-82A2-4539-909B-0786845ADAA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prominence Poker\Prominence\Binaries\Win64\Prominence-Win64-Shipping.exe FirewallRules: [{48F8DD39-F5BB-4C0C-B294-C9B1FA944EBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Showdown\showdown.exe FirewallRules: [{C82F7F48-6A04-4A66-ADB0-F1290255CB71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Showdown\showdown.exe FirewallRules: [{C39C80A7-5B8A-4AC8-8E8B-2F47B2C35852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{E6D1FFF9-D4F1-4E3A-BCED-7A0253A2622D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [TCP Query User{2BBEC15C-5716-4451-B16D-52AC68536041}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{6101A496-B4DF-454F-8C27-11E61D0DE1A1}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{8558DF32-A090-4C6B-8124-7B52D144EEC0}C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe FirewallRules: [UDP Query User{91F51141-1A50-4808-8426-C6804F1A18AC}C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe FirewallRules: [{250427A5-9F85-4F7F-8ECE-0E43514808E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER Early Access\Astro.exe FirewallRules: [{E5B387BE-5D24-4298-BAD9-AFC8323393AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER Early Access\Astro.exe FirewallRules: [TCP Query User{58773302-8F3E-4476-9E5F-4E22C4005EA8}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [UDP Query User{0DD76397-3D79-46CD-9B1B-7309B248F96E}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [{4EB5B727-B1C0-4143-9404-4CAA9E648FFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons TD Battles\Battles-Win.exe FirewallRules: [{0AC6EE14-3240-465F-B2F5-ED1C6FC68583}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons TD Battles\Battles-Win.exe FirewallRules: [TCP Query User{D1ADEDA4-55CE-4E7B-80CD-7C6372F9D69D}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [UDP Query User{8DDD7B7F-8DAA-4AC2-985C-30622C0A5F30}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe FirewallRules: [TCP Query User{13B311E6-1B8F-48C6-BE99-2EC975F4E51D}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Block) C:\program files (x86)\relevantknowledge\rlvknlg.exe FirewallRules: [UDP Query User{E7B6581E-AEC2-40F9-BCC9-2B55C4141F29}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Block) C:\program files (x86)\relevantknowledge\rlvknlg.exe FirewallRules: [{E38E4A15-5269-447E-8F98-12D310AC7B49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [{CC2058D3-47A5-4013-9601-B4DCA345FDAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe FirewallRules: [TCP Query User{217A29FD-B98E-4A7D-BADB-457F3AC00CD5}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [UDP Query User{B7CD9480-3290-4B95-BDD3-88F99E5D478E}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe FirewallRules: [TCP Query User{FA9326E6-703E-4081-9AE9-D90496BCEEFE}C:\users\confidential\downloads\beamng.drive.v0.7\beamng.drive.v0.7\bin64\beamng.drive.x64.exe] => (Allow) C:\users\confidential\downloads\beamng.drive.v0.7\beamng.drive.v0.7\bin64\beamng.drive.x64.exe FirewallRules: [UDP Query User{1BD25299-2172-46F1-BBA9-96BC2DD16CED}C:\users\confidential\downloads\beamng.drive.v0.7\beamng.drive.v0.7\bin64\beamng.drive.x64.exe] => (Allow) C:\users\confidential\downloads\beamng.drive.v0.7\beamng.drive.v0.7\bin64\beamng.drive.x64.exe FirewallRules: [TCP Query User{853F662C-B956-4508-8858-C2B9B36BB005}C:\users\confidential\downloads\beamng.drive.v0.7\bin64\beamng.drive.x64.exe] => (Allow) C:\users\confidential\downloads\beamng.drive.v0.7\bin64\beamng.drive.x64.exe FirewallRules: [UDP Query User{1226DB74-1C0C-45CF-9B6C-0BDF1E5F803A}C:\users\confidential\downloads\beamng.drive.v0.7\bin64\beamng.drive.x64.exe] => (Allow) C:\users\confidential\downloads\beamng.drive.v0.7\bin64\beamng.drive.x64.exe FirewallRules: [{4896DB2F-972B-4A8F-9654-C5906F33DEA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{412D913F-ADE3-4E0C-9640-F8324D0ABC40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [TCP Query User{B1A5587D-F7CA-40B3-9A63-5079A98F4399}C:\users\confidential\appdata\local\temp\rar$exa0.420\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.420\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe FirewallRules: [UDP Query User{9222CC90-C3B7-4A5C-A54D-4F3DE833FA94}C:\users\confidential\appdata\local\temp\rar$exa0.420\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.420\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe FirewallRules: [TCP Query User{0B5295B3-486F-4279-A2B8-46740BB16366}C:\users\confidential\appdata\local\temp\rar$exa0.689\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.689\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe FirewallRules: [UDP Query User{34009098-7ADB-41B6-9A32-422346632A7F}C:\users\confidential\appdata\local\temp\rar$exa0.689\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.689\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe FirewallRules: [{AE1A765B-DA94-4109-A51F-BD822556DCA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{9735DC86-A0B1-4894-BD48-2331599154B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [TCP Query User{A6BE512D-5B94-4CC1-869B-A40A2D918766}C:\users\confidential\appdata\local\temp\rar$exa0.753\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.753\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe FirewallRules: [UDP Query User{F2CCD427-730B-4C46-B824-20A9BA89F312}C:\users\confidential\appdata\local\temp\rar$exa0.753\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.753\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe FirewallRules: [{742F83B9-C405-4B56-AC5F-14BF82E3F1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A80CDCD7-47B2-4DBC-97DD-5578F956AACB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{D92997CC-3878-4E54-87FC-175C6D693AFA}C:\users\confidential\appdata\local\temp\rar$exa0.822\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.822\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe FirewallRules: [UDP Query User{FD62C501-08C4-4DA3-AEF1-8A0D8CC9FD98}C:\users\confidential\appdata\local\temp\rar$exa0.822\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe] => (Allow) C:\users\confidential\appdata\local\temp\rar$exa0.822\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe FirewallRules: [TCP Query User{BFAC6D6F-2844-40FA-813F-5DFA8C3FCFE6}C:\users\confidential\appdata\local\temp\rar$exa0.480\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe] => (Block) C:\users\confidential\appdata\local\temp\rar$exa0.480\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe FirewallRules: [UDP Query User{0AB7F4FB-A2F3-4643-8E3D-B3CC3CEBDD48}C:\users\confidential\appdata\local\temp\rar$exa0.480\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe] => (Block) C:\users\confidential\appdata\local\temp\rar$exa0.480\scrap.mechanic.beta.v0.2.1\release\scrapmechanic.exe FirewallRules: [TCP Query User{9116B11E-0758-428A-B71D-60D938C0D468}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [UDP Query User{A3B81EA2-C9A3-4369-98E7-8907AF4D36CF}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe FirewallRules: [{1007FA38-32CA-4CB9-A10C-7FBC82F700DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{4DD50F19-0E3F-4AC0-BD9F-34274B41CDD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe FirewallRules: [{AC114A12-B261-4C0B-A254-B03932D8BBB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EA3EAE35-CE88-4185-9585-E799AF14E922}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{ED7916C3-A69D-4E1C-B819-12505A047FAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{F0D6E04D-BD95-4C1A-BBE6-7FBF21E0B9A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [TCP Query User{1338DEAF-9A05-476E-ABA8-29D7DFB473E8}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [UDP Query User{51D14465-CBBD-47CE-968A-FA5A741F218A}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [{ADCD64F6-EF81-4A41-A9B2-538F2C200BEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BE249172-C0D1-4543-92AB-6025AEB4B0BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4B5FE86A-2298-40EB-99C7-822A22150AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{80C62BF7-9EE1-4654-8C0D-A0C64CA4878A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{54513AE4-F0C4-41DE-8147-5BD669D18D21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{63A5400B-5111-4853-8EF8-54F8B0F252AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{417054EC-7193-4AFB-AEE9-858368F9D903}C:\users\confidential\appdata\local\temp\rar$exa0.481\igg-human.fall.flat.v1.1.1\human.exe] => (Block) C:\users\confidential\appdata\local\temp\rar$exa0.481\igg-human.fall.flat.v1.1.1\human.exe FirewallRules: [UDP Query User{743CAC5D-28C0-4178-9960-E97040A2B584}C:\users\confidential\appdata\local\temp\rar$exa0.481\igg-human.fall.flat.v1.1.1\human.exe] => (Block) C:\users\confidential\appdata\local\temp\rar$exa0.481\igg-human.fall.flat.v1.1.1\human.exe FirewallRules: [TCP Query User{902AC54B-9C25-445B-9C4F-1B6F4272177C}C:\users\confidential\appdata\local\temp\rar$exa0.914\igg-human.fall.flat.v1.1.1\human.exe] => (Block) C:\users\confidential\appdata\local\temp\rar$exa0.914\igg-human.fall.flat.v1.1.1\human.exe FirewallRules: [UDP Query User{012449B2-B2C7-4F0A-A9FB-9E440F2F0A53}C:\users\confidential\appdata\local\temp\rar$exa0.914\igg-human.fall.flat.v1.1.1\human.exe] => (Block) C:\users\confidential\appdata\local\temp\rar$exa0.914\igg-human.fall.flat.v1.1.1\human.exe FirewallRules: [{C0C4740B-4C41-4E5A-A719-237267F8F8C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Action\hl2.exe FirewallRules: [{D82AF6DA-45FD-4C5A-A74F-0D1D2CE54CC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Action\hl2.exe FirewallRules: [{1E2374B0-AA2D-4F0C-99EE-9737C67E556C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Action\bin\hammer.exe FirewallRules: [{8DEA93B7-80B2-4C7D-9CCD-A213CE6E2A38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Action\bin\hammer.exe FirewallRules: [{14303E10-5CD2-421A-AED3-DBB56779B60F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4C45A474-2455-4CE7-8FF5-609C370B795D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{979A22E1-B0CB-4160-A6C8-F871399C4072}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{60DF7A2A-750E-421D-B17A-D396F738F591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CD7D65F0-944D-44CD-B9CD-DACA3430F7AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DC1A2203-0D94-4381-9429-C5DB4FB12495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9EF8716F-3E9B-4BD0-86DE-33CF596B1958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{F425CF82-2400-48FF-852B-2F2FF9EB103C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{2C23BB28-79F8-4CC8-A814-0C7977B10390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{554C13EE-D66F-4D88-8157-284BA1654A31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe FirewallRules: [{DE00A17A-AE83-47BA-9A95-4BAF16EFF0DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7A460AAA-0A75-4812-9319-6529478BA86C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C074370D-BA08-436F-BF75-57799F4AB003}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5E99E16F-3858-4E45-BDE5-55F4C185658A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{002A72D6-8DFA-4EBF-B914-78A2A20FDA5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9F72135D-5BA5-408C-B141-C2B5360D2078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BB8EFF9D-8E9D-4897-BF42-6F744F4B23FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D894EA22-19BD-48ED-A770-BB40D6149DDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{69C8E1F6-1962-40E8-B628-A4AD50055A68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8DE9DA05-7633-402E-BB31-211CC6189AFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{B2C4D472-9DEA-4AF3-B943-9CBC8CBBCF41}C:\users\confidential\desktop\whereismyhammer-64bitonly\windowsnoeditor\whereismyhammer\binaries\win64\whereismyhammer.exe] => (Allow) C:\users\confidential\desktop\whereismyhammer-64bitonly\windowsnoeditor\whereismyhammer\binaries\win64\whereismyhammer.exe FirewallRules: [UDP Query User{9F3BBDE1-A3B6-4931-B791-3BFAC286678D}C:\users\confidential\desktop\whereismyhammer-64bitonly\windowsnoeditor\whereismyhammer\binaries\win64\whereismyhammer.exe] => (Allow) C:\users\confidential\desktop\whereismyhammer-64bitonly\windowsnoeditor\whereismyhammer\binaries\win64\whereismyhammer.exe FirewallRules: [{C881CEF3-59EA-4B95-8A84-0EE75A190DFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{C466A3F0-AFAE-418A-9C01-5DB9309C4476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{6243F85E-99AE-42E5-AA01-8E8C51FB32EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1E07C672-D30D-49E7-A88B-564EC06CA11B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{16F5BA28-BD6B-4981-805A-16D915013A1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8108F6F2-EAE6-4382-B5C3-7CCB614F4525}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A8CCF10E-8177-48F1-82AF-B1CCF62F2D5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AABD2C16-9988-4E7C-A598-EB6B98B73542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{F8C9F2E9-30E7-4762-AEBB-6221488C82C9}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [UDP Query User{0C8ABFA4-AD84-4903-AB0C-A5174E9A9E40}C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer early access\astro\binaries\win64\astro-win64-shipping.exe FirewallRules: [TCP Query User{BCC0E445-1E9C-41BB-B186-8B40442E0244}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{4E7BCB61-D28A-4E2E-8F5B-FA3CBD7087C8}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{86EA534B-1977-4CD8-8E64-6A3BF0EE3E93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{45E69EB0-BF43-4E5A-A047-91F8F9E0104C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2E4CD347-EBBF-4E12-BB91-D628DA66CA05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F866EF1D-925F-44D2-AB61-A4C31FBEC578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AA4B698E-F79B-417D-854A-338CC9CAD513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{D5F05350-86EC-4705-A268-EE7DA8C65348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{F4623D5F-1D92-4EB1-8BF7-01CC6C09FC83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe FirewallRules: [{FA98FB5E-C232-4767-B83D-68813C05DB8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Bureau\Binaries\Win32\TheBureau.exe FirewallRules: [{7F80AE21-9921-4544-9B7E-B4E57091967A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4FBD2725-E4A1-47E8-9D34-BB006BA65D92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A717C9FF-7BD4-4CA4-AB07-32974D4089AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AEE0B098-D782-419A-9A30-118111D06262}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{20E5EF0E-8865-4C37-A6B0-03F0C242C69D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations I Ultimate Edition\AltarianProphecy\GalCiv.exe FirewallRules: [{13034C38-B547-4C70-83F2-04740428F4DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations I Ultimate Edition\AltarianProphecy\GalCiv.exe FirewallRules: [{F4378FAE-5A39-4B10-A81A-47EA07A38791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{3F98895C-7063-409A-BDD1-727532CF0C1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{679DA7ED-E96F-4A03-9AC7-B877B2FBC3D6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe FirewallRules: [{889ED74B-E1F8-499A-83DA-7684C4AAB207}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe FirewallRules: [{B5BDB844-549E-4420-8262-8B43629F54BB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe FirewallRules: [{93ADD140-4A46-418D-821F-A08CE75187A0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe FirewallRules: [{818927EC-AAE2-41FD-ACC1-2510CD2D4EFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1DA4B3E1-6963-45EE-A791-E40AFDF6963F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AAE4AB99-F3D3-4907-907E-B5B1C46B6F62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6F69FE8C-944F-4DC2-BED8-BE0FA6A878D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F6B0AAEA-C4CE-4B15-BC4B-38A1A214B597}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E4C1239E-61B1-428C-9B85-14FC01867A7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FE8E878A-0222-40E2-BC8C-D2036A1A98F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8AE2D99C-0A24-4BCE-BEEE-28715C7173E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{09C5BEA3-3BBE-4422-8E62-683066EBF5B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{05B30B26-C095-4519-90EA-EF323E042790}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B54AA5F1-891E-458A-A420-43DBDA53FC87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AD222737-38C3-4532-A89F-101DC22B32D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E050DC3E-397C-43CB-A7DA-604C5BB3800D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe ==================== Restore Points ========================= 19-04-2017 17:49:55 Scheduled Checkpoint 28-04-2017 16:13:29 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/30/2017 02:31:14 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on line 2. The manifest file root element must be assembly. Error: (04/30/2017 02:31:10 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (04/30/2017 04:09:14 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on line 2. The manifest file root element must be assembly. Error: (04/30/2017 04:09:06 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (04/30/2017 03:18:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: esu.exe, version: 1.0.0.0, time stamp: 0x58dac8d5 Faulting module name: KERNELBASE.dll, version: 10.0.14393.1066, time stamp: 0x58d9f07f Exception code: 0xe0434352 Fault offset: 0x000da932 Faulting process id: 0x34d8 Faulting application start time: 0x01d2c18a6382e9b0 Faulting application path: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report Id: 9786a0eb-b775-4b9d-97d3-4b0f7b3c86e6 Faulting package full name: Faulting package-relative application ID: Error: (04/30/2017 03:18:47 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: esu.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef) at Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) at Garmin.Omt.Service.Shared.Overrides..cctor() Exception Info: System.TypeInitializationException at Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() at Garmin.Omt.Express.SelfUpdater.Program.RealMain() at Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) Error: (04/29/2017 10:52:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KNJ0HR4) Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/29/2017 10:46:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KNJ0HR4) Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/29/2017 10:38:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KNJ0HR4) Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/29/2017 10:33:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-KNJ0HR4) Description: Activation of app Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (04/30/2017 02:56:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The BrowserSafer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (04/30/2017 02:56:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The BrowserSafer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (04/30/2017 02:56:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The BrowserSafer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (04/30/2017 02:56:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/30/2017 02:56:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/30/2017 02:55:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/30/2017 02:55:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/30/2017 02:52:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/30/2017 02:52:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/30/2017 02:47:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-04-30 15:30:26.886 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-30 15:30:26.885 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-12 16:34:45.291 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-03-12 16:34:45.288 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-13 23:53:13.922 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-13 22:00:03.231 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-09 17:44:53.683 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-09 17:44:53.682 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-09 17:44:02.276 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-09 17:44:02.275 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Percentage of memory in use: 19% Total physical RAM: 16336.05 MB Available physical RAM: 13175.76 MB Total Virtual: 18768.05 MB Available Virtual: 15253.08 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:489.05 GB) (Free:44.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF0F0E89) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 489 GB) (Disk ID: BF0F0E81) Partition 1: (Not Active) - (Size=489 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================