Jump to content

ChuckFinley

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I think I might have fixed the problem. I deleted all of the cookies and cached data files in my Microsoft Edge browser. After doing that I ran ADWcleaner several times yesterday and this morning and the PUP.OPTIONAL.LEGACY has not returned (according to the scan results).
  2. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/21/17 Scan Time: 8:57 AM Log File: report.txt Administrator: Yes -Software Information- Version: 3.1.2.1733 Components Version: 1.0.160 Update Package Version: 1.0.2630 License: Trial -System Information- OS: Windows 10 (Build 15063.540) CPU: x64 File System: NTFS User: MY23\James -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 363011 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 3 min, 25 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017 Ran by James (administrator) on MY23 (21-08-2017 09:20:11) Running from C:\Users\James\Desktop Loaded Profiles: James (Available Profiles: James) Platform: Windows 10 Home Version 1703 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (ASUS) C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (wyDay) C:\Program Files\CyberGhost 6\wyUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (STMicroelectronics) C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\LockAppHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ASUS HDD Protection Tray Application] => C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_Manager.exe [54272 2014-02-12] (STMicroelectronics) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{069e570d-8417-4f7a-8a54-8c9997d7e8bf}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Internet Explorer: ================== HKU\S-1-5-21-3134094431-3575185100-3874724725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-3134094431-3575185100-3874724725-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [76848 2017-02-06] (CyberGhost S.R.L) R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.) R2 TransformService; C:\Program Files\ASUS\ASUS FlipLock\TransformService.exe [73528 2014-07-08] (ASUS) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation) S3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation) S3 DptfDevDram; C:\WINDOWS\System32\drivers\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation) S3 DptfDevFan; C:\WINDOWS\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation) S3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation) S3 DptfDevPch; C:\WINDOWS\System32\drivers\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation) S3 DptfDevPower; C:\WINDOWS\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation) R3 INVN_MotionApps; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( ) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-08-15] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-20] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-20] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-20] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-21] (Malwarebytes) R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation) R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [125104 2014-06-06] (STMicroelectronics) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ========================== Drivers MD5 ======================= C:\WINDOWS\System32\drivers\1394ohci.sys AAB860A5E606B9621E130D8C29D3F305 C:\WINDOWS\System32\drivers\3ware.sys 4140B14929C555E9513D59A2EEB5C471 C:\WINDOWS\System32\drivers\ACPI.sys AC251B31370C1E00F577928260B8939F C:\WINDOWS\System32\drivers\acpials.sys 89842DD6D0B7D178038199BB5792E30A C:\WINDOWS\System32\drivers\AcpiDev.sys 3E5E5DAE5CAEC0209C93D3AD8128D8A0 C:\WINDOWS\System32\Drivers\acpiex.sys F72D7CC7E7A97A09757313F3B4C7E17A C:\WINDOWS\System32\drivers\acpipagr.sys F04B6F53FBDB2B6B0451AE53DE19F0C9 C:\WINDOWS\System32\drivers\acpipmi.sys C347A6095F3BE417D24F1E1349F4AF0F C:\WINDOWS\System32\drivers\acpitime.sys 686BFFC47454DD2F58795C2EE891CA9F C:\WINDOWS\System32\drivers\ADP80XX.SYS FBDA59118E59B3722248C66BAD89CAA9 C:\WINDOWS\system32\drivers\afd.sys AC1928C2F7505BD556C552F153B062AB C:\WINDOWS\System32\DRIVERS\ahcache.sys 1D914C996F2C3134E2344BB74F79BCF6 C:\WINDOWS\system32\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658 C:\WINDOWS\System32\drivers\amdk8.sys 9C39FBA94FFEF04561D13ED0D1B50DD0 C:\WINDOWS\System32\drivers\amdppm.sys 395D56FA2E22A10AE4774440D086F559 C:\WINDOWS\System32\drivers\amdsata.sys EB729A9ADCB9F9C406B533F95E2F67D4 C:\WINDOWS\System32\drivers\amdsbs.sys 3B5C5C696F33FE61F1922533B03B9316 C:\WINDOWS\System32\drivers\amdxata.sys A7D45A303FF8A9493C96C4B804051E6E C:\WINDOWS\system32\drivers\AmUStor.SYS 618F25E577FD7F1367CD24FD423D68A2 C:\WINDOWS\System32\drivers\appid.sys 5180537517C27375B1F2CB37ED599FAF C:\WINDOWS\System32\drivers\applockerfltr.sys EAF36A714E16A69B8B4ED7591CBA77B6 C:\WINDOWS\System32\drivers\arcsas.sys 6E456A94B9BD7F6B4758729BCEDE40C3 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961 C:\WINDOWS\System32\drivers\AsusTP.sys 645768721834630DB0666D11C5ED2914 C:\WINDOWS\System32\drivers\asyncmac.sys 766F3A7E42AFCF74265FAC78987D1665 C:\WINDOWS\System32\drivers\atapi.sys 01733BEEE02E51F712330D5909BD701C C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys C435191FAD19B43E5C3082E4275DCE75 C:\WINDOWS\System32\drivers\bxvbda.sys 0914A5E66C0775CE11960452A6434FEC C:\WINDOWS\System32\drivers\BasicDisplay.sys F8129321B1874D4386F7FEB754BC3380 C:\WINDOWS\System32\drivers\BasicRender.sys E2BFD01BD0ECF2BDE9420022147952A4 C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7 C:\Windows\System32\Drivers\Beep.sys ED03D2ACE378C9EB8BB957ABBD85B951 C:\WINDOWS\System32\DRIVERS\bowser.sys 2342B8619193B0D9FAC0D02C69DCE74A C:\WINDOWS\System32\drivers\BthAvrcpTg.sys AF57F0B0E284BE06860A7B701341324D C:\WINDOWS\System32\drivers\bthhfenum.sys E1E55BA45510B2B0309E2C77ABEB1BFE C:\WINDOWS\System32\drivers\BthHFHid.sys 336A9C0254A0178ED50281B6EDF5B836 C:\WINDOWS\System32\drivers\bthmodem.sys 5428242193611BF91DDBF4F58900A55A C:\WINDOWS\System32\drivers\BTHport.sys 27B7348B88DE2F93C4FB4D53EC469AB0 C:\WINDOWS\System32\drivers\BTHUSB.sys FA5CE6301192DD6ED4AA747B2C88FD42 C:\WINDOWS\System32\drivers\buttonconverter.sys 102CAA11BA89290D48FBFD2E04274BA0 C:\WINDOWS\System32\drivers\CAD.sys 029434AC0A3935F9125ABBD08BF7C30B C:\WINDOWS\System32\drivers\capimg.sys 307AE8BC9B45772DA02FB952A1D86C35 C:\WINDOWS\System32\DRIVERS\cdfs.sys B6E5AD7C83A5254DEE9D86023C0E5A81 C:\WINDOWS\System32\drivers\cdrom.sys ABE77AD954BC3D72F559CF0C381E50BC C:\WINDOWS\System32\drivers\cht4sx64.sys 05EA22CFC40EDE05BF6E3BC782E5204C C:\WINDOWS\System32\drivers\cht4vx64.sys 863E1C9F6750446DFB9EDCAEC3531367 C:\WINDOWS\System32\drivers\circlass.sys 3E416539352B007AD0610BF34AC15D31 C:\WINDOWS\System32\drivers\cldflt.sys 616E1ED94FA7F96D429D985FDB203D2E C:\WINDOWS\System32\drivers\CLFS.sys AF0BF03C8574DD026FAF9A82A64C2D04 C:\WINDOWS\System32\drivers\registry.sys 5118CFC33BBB51C7E3ED441B7085AD26 C:\WINDOWS\System32\drivers\CmBatt.sys 232F3A3AC3A2FB32C5C46503A6517073 C:\WINDOWS\System32\Drivers\cng.sys 3413CE81E02C091F33C4C3DD3071630F C:\WINDOWS\System32\DRIVERS\cnghwassist.sys E1BFF774FF67CA951A5DFF0E104FB132 C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys DFDAEDB857BC18764F0D8ECDCC3C1499 C:\WINDOWS\System32\drivers\condrv.sys 04532711732BE9DBC364E88E4A9EC18A C:\WINDOWS\System32\drivers\dam.sys F51953EC4B9AACD92A3B3CE66E05CEF4 C:\WINDOWS\System32\Drivers\dfsc.sys 185A4519B7764F4DEF714D890A7A9FD2 C:\WINDOWS\System32\drivers\disk.sys 1203EA16F36C5BEB2509FB7CC03DC178 C:\WINDOWS\System32\drivers\dmvsc.sys 038B8B76284BC291EC75B005BB3EB13F C:\WINDOWS\System32\drivers\DptfDevDisplay.sys F63294AE660B7C604C11CB98B659FCA0 C:\WINDOWS\System32\drivers\DptfDevDram.sys D2C5B3B33BB7C67B274945AA07DF366A C:\WINDOWS\System32\drivers\DptfDevFan.sys C4DB937D349F451CAF3BCAFCDBDB6E0E C:\WINDOWS\System32\drivers\DptfDevGen.sys 4F3E5C33858C11ADB7BD6B8867A103FA C:\WINDOWS\System32\drivers\DptfDevPch.sys 238D5E1230E82AF32D44813351873EA5 C:\WINDOWS\System32\drivers\DptfDevPower.sys 61B9147C6B91871E45471E08DF56FAE8 C:\WINDOWS\System32\drivers\drmkaud.sys 3D934A1C02EB6979CF45C70A71F580EC C:\WINDOWS\System32\drivers\dxgkrnl.sys F1D8A5A6C39586717822C2AAB70663F4 C:\WINDOWS\System32\drivers\evbda.sys D64CD3AE93125EDA383190C2AF607E70 C:\WINDOWS\System32\drivers\EhStorClass.sys FFBB37982E6D24AEC7A2E5459098EAC9 C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys ABF38D02E01D6ED87AE1DF65FC5DF62D C:\WINDOWS\System32\drivers\errdev.sys B9A59B4AD516E38C39FA416398B96CCB C:\WINDOWS\system32\drivers\mbae64.sys 5C9CA030C451CB3553DB9094C68EE6E9 C:\Windows\System32\Drivers\exfat.sys 9C4D88E8614487AD85A6F18A71A7298F C:\Windows\System32\Drivers\fastfat.sys C61014A176ECAAF97589E6FC979CE786 C:\WINDOWS\System32\drivers\fdc.sys 853081957BA148F38FD8DE4390CFCF4A C:\WINDOWS\System32\drivers\filecrypt.sys 27E764D6460504B7271AFECE7A59FB76 C:\WINDOWS\System32\drivers\fileinfo.sys 3D6087F51110F3CC0DA89385354F8C5E C:\WINDOWS\System32\drivers\filetrace.sys 057E95E53C38260C4EF49B3A077770CD C:\WINDOWS\System32\drivers\flpydisk.sys 90B2983D8495C26345A1DC5F0C3BB07B C:\WINDOWS\System32\drivers\fltmgr.sys A84261F75F490E45CFEDBA77EFE4F67E C:\WINDOWS\System32\drivers\FsDepends.sys D2814848206DFC18EB8D3D069FAE703E C:\Windows\System32\Drivers\Fs_Rec.sys AE7EDF845F41ACA3B74567C3CE20E987 C:\WINDOWS\System32\DRIVERS\fvevol.sys 560AE7760EC108F92D2EA8638CC805CF C:\WINDOWS\System32\drivers\vmgencounter.sys 4616F61E24B3AEA6E0E4EA7D69531EF4 C:\WINDOWS\System32\drivers\genericusbfn.sys 23174BB6937459B924BB8EF667FB28EF C:\WINDOWS\System32\Drivers\msgpioclx.sys 4B11CFBE1D9B73A9D865F6AB26F800BA C:\WINDOWS\System32\drivers\gpuenergydrv.sys 3FC3FCF557D0BE3D724EA10642E1F6FF C:\WINDOWS\System32\drivers\HDAudBus.sys 02B9639D9997E95CDF2F4C4F3BDCC73D C:\WINDOWS\System32\drivers\HidBatt.sys 9F90819E301C70A3A042FC05D3E41B5F C:\WINDOWS\System32\drivers\hidbth.sys 3CA3244C45B25F3B3ED9445C195E40EB C:\WINDOWS\System32\drivers\hidi2c.sys 55DAF856F9633DD2519BA4E942870F02 C:\WINDOWS\System32\drivers\hidinterrupt.sys E34216A190D9BF8EAA666F6903BCD0EF C:\WINDOWS\System32\drivers\hidir.sys 852DBB5185996AD8C73872A43A453729 C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys 7222DC0F811BBD1B4B4A7C28B7C31AE5 C:\WINDOWS\System32\drivers\hidusb.sys C1A608120DE0DF52E51B8BAF86AF19F9 C:\WINDOWS\System32\drivers\HpSAMD.sys 8ADD9CA3E0F18CEA11EA6FAED794A228 C:\WINDOWS\System32\drivers\HTTP.sys BB1AE72906564A6E81B79D73A05AE21F C:\WINDOWS\System32\drivers\hvservice.sys F60F8390B635156593F7493AE898AFB0 C:\WINDOWS\System32\drivers\hwpolicy.sys 563F5FC3B46A70A91AB6C8822AC8BF25 C:\WINDOWS\System32\drivers\hyperkbd.sys C082249BC3E972C8A132D9EC6AD9EAD5 C:\WINDOWS\System32\drivers\i8042prt.sys C6C8315E3262FAE460529C6DA2951682 C:\WINDOWS\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F C:\WINDOWS\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 42962355A7911407026E920E7252E3E5 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys BD47B2FEABFA48C6224D43EE9EA9BC06 C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 2184CB3A65888F446FCD6DBA9F073F4C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 4126F8DA08CE7924A3AE6F7235F85D5F C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7 C:\WINDOWS\System32\drivers\iaStorA.sys E5A15FEDEBDFB8E12CB94DBF01833775 C:\WINDOWS\System32\drivers\iaStorAV.sys D820075D3395BED28FC57AEF8FBA666F C:\WINDOWS\System32\drivers\iaStorV.sys A243E0CE8644378C9A9D015ABC3EDA27 C:\WINDOWS\System32\drivers\ibbus.sys E16E4FC9F250E48CB2CAD93E59D010E2 C:\WINDOWS\system32\DRIVERS\ibtusb.sys EAD6C953C40FC06E8E56182D9C27C480 C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 7BA5F6FEAA79BB7C7A635E6B3982A0D3 C:\WINDOWS\System32\drivers\IndirectKmd.sys 0E33BC018502E7FDE77C343055D9C626 C:\WINDOWS\system32\drivers\intelaud.sys F0F581A2299CB2BAB1DF2597BCDDB80F C:\WINDOWS\system32\drivers\RTKVHD64.sys 622868E4BAE8FBCD22CB1A5901A2C824 C:\WINDOWS\system32\DRIVERS\IntcDAud.sys E300D1E37B737ED14F7A08CD5604E5D9 C:\WINDOWS\System32\drivers\intelide.sys 4B7F8A1AAC7172DB6918A0E10E1D78A3 C:\WINDOWS\System32\drivers\intelpep.sys 0A3DBE89C965FFB7C0D0E38834E77B90 C:\WINDOWS\System32\drivers\intelppm.sys 64EC687A811DC4F69DF3816F073352AA C:\WINDOWS\System32\drivers\WUDFRd.sys 5068DAA8F67A62E964C9C9F88B159EA9 C:\WINDOWS\System32\drivers\iorate.sys 549C278119FF539C3B219C55B98B0E87 C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys A0F9F2E87F0C751FE164D90EB44A9B63 C:\WINDOWS\System32\drivers\IPMIDrv.sys 656DDB34996A96539BA6E2843B5F2A77 C:\WINDOWS\System32\drivers\ipnat.sys DCC05E5EAA580C97F13B434FAFACED85 C:\WINDOWS\system32\drivers\irda.sys 9035C10C7EB8CF7C87CEA82A62EBB43A C:\WINDOWS\System32\drivers\irenum.sys E7FD479E3298F3C8852A0D2F092BDB35 C:\WINDOWS\System32\drivers\isapnp.sys 7FE3B3A30FA20F27AF7022A01C2266BA C:\WINDOWS\System32\drivers\msiscsi.sys 618707F3F742BF67AB578808171F60EB C:\WINDOWS\System32\drivers\iwdbus.sys C2BC9AC9C6514230A481BDCA6A24BEFD C:\WINDOWS\System32\drivers\kbdclass.sys D36B404BF979297C6572AEF98B2594F2 C:\WINDOWS\System32\drivers\kbdhid.sys 7E2036A846789D6D6A2EE21915017EE1 C:\WINDOWS\System32\drivers\kbfiltr.sys 6C6F4A5FC5A2343995D1B0F111D5CF06 C:\WINDOWS\System32\drivers\kdnic.sys 4C054B8E901F41F5743DADE8A29FF256 C:\WINDOWS\System32\Drivers\ksecdd.sys BA7A5838866618A4E82FBC05B8923605 C:\WINDOWS\System32\Drivers\ksecpkg.sys 6629CAA1F157088B9EDD1EAD24C6D753 C:\WINDOWS\system32\drivers\ksthunk.sys 9778205F28DC4F2EFFCC146647FE5CF0 C:\WINDOWS\System32\drivers\lltdio.sys FC37745959DFA4871759E4DCC836227A C:\WINDOWS\System32\drivers\lsi_sas.sys 16C9D4D822CCA795A72DC88B25A577CC C:\WINDOWS\System32\drivers\lsi_sas2i.sys 920F0CFCED5F28A31B79F1C470649D11 C:\WINDOWS\System32\drivers\lsi_sas3i.sys 0FE63316F1C70A0F759A449FAC64C24B C:\WINDOWS\System32\drivers\lsi_sss.sys 80E82C46B27A923A3744531069B63857 C:\WINDOWS\system32\drivers\luafv.sys 88F5570C04766EE561FF129B2F93030C C:\WINDOWS\System32\drivers\mausbhost.sys C3EED732789052C98A2613A7E1C37CDA C:\WINDOWS\System32\drivers\mausbip.sys 4DCE65116A28488593FF5A6A18B03DB0 C:\WINDOWS\system32\drivers\MBAMChameleon.sys 0C847B9BD2D1F1E97037F8C3DA6D5A1B C:\WINDOWS\system32\drivers\farflt.sys 19956478146DC7884812C24B74D7132E C:\WINDOWS\system32\drivers\mbam.sys 149E252142950594695178971748D056 C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys C3549BE8C1FE4ECBEE21DAD3378F6CD0 C:\WINDOWS\system32\drivers\mwac.sys 56D97EB1ACE0B76D500E7E1F1AB72023 C:\WINDOWS\System32\drivers\megasas.sys 0609BF877A2F4DEECC62EEE220AB6242 C:\WINDOWS\System32\drivers\MegaSas2i.sys EEC64C8D498D121607C7615FDFBEE4D0 C:\WINDOWS\System32\drivers\megasr.sys 2B7D3B206833D769218A1F4BE2D73B97 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys FB4FD57CB9A6424C91D041844ADA059E C:\WINDOWS\System32\drivers\mlx4_bus.sys 89257B8D3826B5629CF7F73F97DA44F9 C:\WINDOWS\system32\drivers\mmcss.sys 9AE3C0CC0865B1618A3C97744A6A9E9B C:\WINDOWS\System32\drivers\modem.sys 0CD29540C32C2E2E0E3D7E9832752AF3 C:\WINDOWS\System32\drivers\monitor.sys 534477FCAFDFCA6B841BFA06BD26BCC5 C:\WINDOWS\System32\drivers\mouclass.sys F5D4E18A70BA069D479154442CDEB60D C:\WINDOWS\System32\drivers\mouhid.sys 5C09868963B0C076AC3BC7759A46B7B1 C:\WINDOWS\System32\drivers\mountmgr.sys 8BF7039787036529B98E50AE86A0E46B C:\WINDOWS\System32\drivers\mpsdrv.sys AD118EC95E9EF4D5223D681D8F183567 C:\WINDOWS\system32\drivers\mrxdav.sys D14C297933C82B8CB0B5CBBA4DDC830B C:\WINDOWS\System32\DRIVERS\mrxsmb.sys F2AD1B72C5A6475FB5FF332E1980DF88 C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 84700F40C0E41AEA91F8F3D6218A8A68 C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys B855479BA6A74349CEF8061808C90201 C:\WINDOWS\System32\drivers\bridge.sys 44A8A52763381E5DCAE122330191493C C:\Windows\System32\Drivers\Msfs.sys 92C00BD9616F353CA59A755C33269757 C:\WINDOWS\System32\drivers\msgpiowin32.sys F27EC8F7A0A779276E5DA2E70C2B01EE C:\WINDOWS\System32\drivers\mshidkmdf.sys CBA955A54C9446CAAD28C76789D3B071 C:\WINDOWS\System32\drivers\mshidumdf.sys E8E568EF60677E4534F387C53EE1B35F C:\WINDOWS\System32\drivers\msisadrv.sys 16376B7B0730C04DD1A2C0CC8E09E420 C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys C2939119A17E52D74191EFC1E4CDEE09 C:\WINDOWS\System32\drivers\mslldp.sys E40B960078A15D4901265D32E071C42D C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys B4860AB91DC4E73936F0FF504D6B4B07 C:\WINDOWS\system32\DRIVERS\MSPQM.sys 8EDC45C3F7F64A51C98B59E24648F74B C:\Windows\System32\Drivers\MsRPC.sys 7DA5FAC2A49D30CA5B7B96B8B26281AC C:\WINDOWS\System32\drivers\mssmbios.sys 7E3365C8BC83DCE88D6226BB5C7170C4 C:\WINDOWS\system32\DRIVERS\MSTEE.sys 09D51564E49181E9928910D6B91C920E C:\WINDOWS\System32\drivers\MTConfig.sys 793AE56A3946EAD5F906C28D294FEFE6 C:\WINDOWS\System32\Drivers\mup.sys E35F51C7474A26680627477462715206 C:\WINDOWS\System32\drivers\mvumis.sys 74BD1149BF50F1E24934042A3BD17C90 C:\WINDOWS\System32\DRIVERS\nwifi.sys 39C772E20B8C61858F969E4D60699D89 C:\WINDOWS\System32\drivers\ndfltr.sys 0FFE8AF1B94C5FD54E6ACC6DAE990D31 C:\WINDOWS\System32\drivers\ndis.sys 59F3D5FEF4A24871C07C279762DA8624 C:\WINDOWS\System32\drivers\ndiscap.sys 4EA73CFDEE4A628D387D95464A131F29 C:\WINDOWS\System32\drivers\NdisImPlatform.sys EB127689AF6F24091AB73538A556257F C:\WINDOWS\System32\DRIVERS\ndistapi.sys 73B4C72FB6170A08C64BDA92DE93ECF7 C:\WINDOWS\System32\drivers\ndisuio.sys 6704F27EB15A5B30AA7FA5A4F4D1FD47 C:\WINDOWS\System32\drivers\NdisVirtualBus.sys FE87CCAA89433FC306A80F15E848F4B2 C:\WINDOWS\System32\drivers\ndiswan.sys 94517BC9F29A1B73D377F1BF1C3DCA34 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94517BC9F29A1B73D377F1BF1C3DCA34 C:\WINDOWS\System32\DRIVERS\NDProxy.sys AC6AC99075732F5C29DB0004DD5B1AC6 C:\WINDOWS\System32\drivers\Ndu.sys 9AC090451D92E6081EB89CDA83D74189 C:\WINDOWS\System32\drivers\NetAdapterCx.sys A115DDB2C7805C41EEC9A5276FF5764E C:\WINDOWS\System32\drivers\netbios.sys F420B6CAB5151A38E4DBBFFB500C11DA C:\WINDOWS\System32\DRIVERS\netbt.sys 30C2F67EC84EB11B22011620107E0325 C:\WINDOWS\System32\drivers\netvsc.sys 8C03F2F5A9E93AEB08B3AEE51552394A C:\WINDOWS\system32\DRIVERS\Netwbw02.sys 89017196324ABC97B4A02A06919C12AC C:\Windows\System32\Drivers\Npfs.sys 6D8F6A9C53CFB0C49E8251A442B7283F C:\WINDOWS\System32\drivers\npsvctrig.sys BABF7E1757D6908941C9F9CBD66A5EF0 C:\WINDOWS\System32\drivers\nsiproxy.sys 7A6BA778B48DF9FB7AC231D4FF6E3248 C:\Windows\System32\Drivers\NTFS.sys 075F8C81457804BB79DD33FE69A96C57 C:\Windows\System32\Drivers\Null.sys 4FFB2D5655D10700D5B8E205C4DB86BD C:\WINDOWS\System32\drivers\nvdimmn.sys 99EB6376EC2C03CE5F668577651E3454 C:\WINDOWS\System32\drivers\nvraid.sys 3DB2E9E207358BFBD09B77B5119ECA5B C:\WINDOWS\System32\drivers\nvstor.sys 4C04BFBD4DB2EECCC47F5FA39D65BB6E C:\WINDOWS\System32\drivers\parport.sys 2CC6C325B271C7CA60F374F8F868CB45 C:\WINDOWS\System32\drivers\partmgr.sys 664B7DDEE982ADF5EAB480C75B9F6218 C:\WINDOWS\System32\drivers\pci.sys C5B74C6D87E77BC64DEBD1BF57DEB375 C:\WINDOWS\System32\drivers\pciide.sys CFB85CB7A6F6926EA0EB96EDFB3C8A91 C:\WINDOWS\System32\drivers\pcmcia.sys 13B7D84B397A90E82682C47A15C3A98D C:\WINDOWS\System32\drivers\pcw.sys 76EA512FD9D4673CF7A57775EE8922E2 C:\WINDOWS\System32\drivers\pdc.sys 10E48E45A03A7F4C2B7C11738BE87816 C:\WINDOWS\System32\drivers\peauth.sys 4F190BA3C9BD2F0277BCBF480F396091 C:\WINDOWS\System32\drivers\percsas2i.sys FE52FF97A094609429FEF098EDC6FB08 C:\WINDOWS\System32\drivers\percsas3i.sys FCA143274792F12383C35902E801E83A C:\WINDOWS\System32\drivers\pmem.sys 414CA4DCC31D795882B25ADC1DACE779 C:\WINDOWS\System32\drivers\raspptp.sys D292D7FADCEE481CC64A9DE8FE9C3347 C:\WINDOWS\System32\drivers\processr.sys D57CF871B3977731A91FE9611A54C7C1 C:\WINDOWS\System32\drivers\pacer.sys B60431D2A046AD97F8427F6E568370F5 C:\WINDOWS\system32\drivers\qwavedrv.sys A2B0F46FBA2521E7E732BDBDB1238515 C:\WINDOWS\System32\DRIVERS\rasacd.sys EA9EB06EFC325CD2ACF5DF2F26A4894E C:\WINDOWS\System32\drivers\AgileVpn.sys 4E9379389D0A851DD19D130C8FAEFBD0 C:\WINDOWS\System32\drivers\rasl2tp.sys 5279EC98F6218D29EADDFECCC0D80E9A C:\WINDOWS\System32\DRIVERS\raspppoe.sys D7FF75ED7A48FD60A573C9E959CF4DB5 C:\WINDOWS\System32\drivers\rassstp.sys 6A4E45A7F17FA0B4B1B48C550E311944 C:\WINDOWS\System32\DRIVERS\rdbss.sys F2C575A9657F7B2E027C6CE7BC8F1A2D C:\WINDOWS\System32\drivers\rdpbus.sys 9414B22E093243636D362BF8C8C12A67 C:\WINDOWS\System32\drivers\rdpdr.sys 53A01D3FDB701AC5D9DDE4140227E3D9 C:\WINDOWS\System32\drivers\rdpvideominiport.sys DF32ED51DC0C3F6F3B1C4CEF71B8B426 C:\WINDOWS\System32\drivers\rdyboost.sys 2369A5B651308E0C3458143976E9B03B C:\Windows\System32\Drivers\ReFS.sys 3581FB9529035F8EC6DB681664CA70B1 C:\Windows\System32\Drivers\ReFSv1.sys 79E1ADE19D8B7C56EF29D098EAF57AD0 C:\WINDOWS\System32\drivers\rspndr.sys E87EECED9287C275B6CF30EB598B1D77 C:\WINDOWS\System32\drivers\vms3cap.sys 6308366D3CDEA5F427CFF4BCF0081B4E C:\WINDOWS\System32\drivers\sbp2port.sys 33B2DC5C2F19DA89F862484E23D9833D C:\WINDOWS\System32\DRIVERS\scfilter.sys 5CFEEFCC6FAD1FD09ACCFBD652DDD85B C:\WINDOWS\System32\drivers\scmbus.sys 5C8620FAC0E3C1658C8EF7AD7BB7EA5F C:\WINDOWS\System32\drivers\sdbus.sys 71A494A502F24465317E88E80F6C0C2C C:\WINDOWS\System32\drivers\SDFRd.sys 464B615872981015AC4FEEBDEA83A063 C:\WINDOWS\System32\drivers\sdstor.sys 6BC219F1D9CDE08CEB9084ADB41FBA01 C:\WINDOWS\System32\drivers\WUDFRd.sys 5068DAA8F67A62E964C9C9F88B159EA9 C:\WINDOWS\System32\drivers\SerCx.sys 585329F62195A4B7AAD0A95F6EC89751 C:\WINDOWS\System32\drivers\SerCx2.sys C8F4FDA8B3D039D7947344614FF5BFB2 C:\WINDOWS\System32\drivers\serenum.sys E5B450E4E0DC1591254BF9CCF6C57B40 C:\WINDOWS\System32\drivers\serial.sys 628D8DD136F92316BFEB58FA005338B7 C:\WINDOWS\System32\drivers\sermouse.sys E5BA0B7353ADC5C95AB466D2E4DC89B1 C:\WINDOWS\System32\drivers\sfloppy.sys 15CFCC4692DA8887B977CE5FC5181084 C:\WINDOWS\System32\drivers\SiSRaid2.sys 2339F6B45E1D863B1D327F3AFD75A675 C:\WINDOWS\System32\drivers\sisraid4.sys F520D50AD7266ED31D25DF4C8EA6BC2D C:\WINDOWS\System32\drivers\spaceport.sys 2334ED0B61CAE7E7B1B454674206CDAC C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys F3F0B8CAC1F3E6C3382EAFCE762475AD C:\WINDOWS\System32\drivers\SpbCx.sys 83E82B0E292DCDE4C75B9241BF0FB300 C:\WINDOWS\System32\DRIVERS\srv.sys 36EAC4FE629FC036632F13EC14788FD1 C:\WINDOWS\System32\DRIVERS\srv2.sys A84B05C7C2A233497BE1D518A662C326 C:\WINDOWS\System32\DRIVERS\srvnet.sys 0351B28EEDFBD6C8CC69A7224A098CFA C:\WINDOWS\System32\DRIVERS\stdcfltn.sys F03B03AA7A18DEB0538D242F1DA01481 C:\WINDOWS\System32\drivers\stexstor.sys D40C589F80EB1C511263D0547C0259AE C:\WINDOWS\system32\DRIVERS\serscan.sys 01726E4BD1D1A5AF1F23833C79528555 C:\WINDOWS\System32\drivers\storahci.sys 576A818562069B1E091CC719C143AED2 C:\WINDOWS\System32\drivers\vmstorfl.sys E5F703788DFA05411F1469E96838F438 C:\WINDOWS\System32\drivers\stornvme.sys 0D0128244FF55EAD3F878D3FE542DBA5 C:\WINDOWS\System32\drivers\storqosflt.sys 3A62FF78619258E6126C5C4B4CC82C8E C:\WINDOWS\System32\drivers\storufs.sys C6097966F8EA3B288070CDF7C3C8C3E8 C:\WINDOWS\System32\drivers\storvsc.sys 3DC3B17E92DA02E36B4138733DF6C1AC C:\WINDOWS\system32\DRIVERS\ST_Accel.sys 26A27A24BD2544534810A71A2E80A0F4 C:\WINDOWS\System32\drivers\swenum.sys 2BC4D0EBC2467FE90302AE0AFAF23768 C:\WINDOWS\System32\drivers\Synth3dVsc.sys 572F81CF08972D53BAFFC2A110A2A586 C:\WINDOWS\System32\drivers\tap0901.sys 3C32FF010F869BC184DF71290477384E C:\WINDOWS\System32\drivers\tcpip.sys 02481DA7952E87F0EF007B54E0216DA8 C:\WINDOWS\System32\drivers\tcpip.sys 02481DA7952E87F0EF007B54E0216DA8 C:\WINDOWS\System32\drivers\tcpipreg.sys 1C35A5C62D110346379C55E39A3D547C C:\WINDOWS\system32\DRIVERS\tdx.sys D74756DD1518D28A09CDA99696273FA4 C:\WINDOWS\System32\drivers\terminpt.sys 96A35CDBA661D41C5A3914257CA1D200 C:\WINDOWS\System32\drivers\tpm.sys F76A92975340DAA99939DA297D677EA8 C:\WINDOWS\System32\drivers\tsusbflt.sys 9856BCCD1CD5DE4D17E8DBBA7CEFC688 C:\WINDOWS\System32\drivers\TsUsbGD.sys 837AD2B941E721BCCEB7EF137E2DEE18 C:\WINDOWS\System32\drivers\uaspstor.sys B4C846ABD462558D45CA578C855759C3 C:\WINDOWS\System32\Drivers\UcmCx.sys 5C2C0296D9EE7DC92A3F14642FBE656D C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 8BB64E04CD97AD8C68543181D93E2AFC C:\WINDOWS\System32\drivers\UcmUcsi.sys F083A400FB9CB8ADD1783848CB1C76F0 C:\WINDOWS\System32\drivers\ucx01000.sys 5D4EAF3D0911338CB8FDB088386D6DCA C:\WINDOWS\System32\drivers\udecx.sys 384E1F0D84B465820416338E52FE7C2B C:\WINDOWS\System32\DRIVERS\udfs.sys C82BE75239D412057C9E3DB1785680C6 C:\WINDOWS\System32\drivers\UEFI.sys CCDF6EFF952BF3BF34DC17600F479397 C:\WINDOWS\System32\drivers\ufx01000.sys 00BEF71C45FD6B06E7525E7B31EFA88C C:\WINDOWS\System32\drivers\UfxChipidea.sys 9450AB15C30CF7D1F23C8A42E778C3A2 C:\WINDOWS\System32\drivers\ufxsynopsys.sys CEE12C7A689BDF448715024A7E0EB9C3 C:\WINDOWS\System32\drivers\umbus.sys F39ED750EDF5948FA8CD99D1F4EC9372 C:\WINDOWS\System32\drivers\umpass.sys 55984D4E64C2F8E4223542CBCC15EDEB C:\WINDOWS\System32\drivers\urschipidea.sys 4D23214CB8B1C36B82061280EB8FDAB3 C:\WINDOWS\System32\drivers\urscx01000.sys 4329D880DB96B504F0DDC991A7374CCD C:\WINDOWS\System32\drivers\urssynopsys.sys 93FAD0AC5879F274FA248A49E3F3EA33 C:\WINDOWS\System32\drivers\usbccgp.sys 6B09AA6A04C8261E787B6523229E7159 C:\WINDOWS\System32\drivers\usbcir.sys ECE3AD18B4C22ED0C4AB1A2AD9AC32C8 C:\WINDOWS\System32\drivers\usbehci.sys F8BCB536866474C6D8008F4C69B778A1 C:\WINDOWS\System32\drivers\usbhub.sys 1F723DA014062DBF3288B408A7611845 C:\WINDOWS\System32\drivers\UsbHub3.sys 0939AD44244AA9D348187015083E17DF C:\WINDOWS\System32\drivers\usbohci.sys BE6ED98FD0D3FE5FB11762AD7CCD6C96 C:\WINDOWS\System32\drivers\usbprint.sys CEE43CD5357DB8786CE6E2C430841AE4 C:\WINDOWS\System32\drivers\usbser.sys 99F0738B320B7A8D11351A32F68AA5F1 C:\WINDOWS\System32\drivers\USBSTOR.SYS 67E26F56CF7EACCBD9C9F75343A3D7C2 C:\WINDOWS\System32\drivers\usbuhci.sys 7BA802C9F73A84B75BB22538ADA495BE C:\WINDOWS\System32\Drivers\usbvideo.sys 7DB399A665C703B053930A4B5FFBA0E7 C:\WINDOWS\System32\drivers\USBXHCI.SYS 50E70B3A95138AA4A30B095270EE0DE6 C:\WINDOWS\System32\drivers\vdrvroot.sys C1EC9211C7759D2487FD30934AA3EE96 C:\WINDOWS\System32\drivers\VerifierExt.sys C83F3BC00651448DB127D497CF955089 C:\WINDOWS\System32\drivers\vhdmp.sys 0E12F5F6B1C813D17AFDA197C4394423 C:\WINDOWS\System32\drivers\vhf.sys 1AD096A5C00E522398D0092D875A8CB6 C:\WINDOWS\System32\drivers\vmbus.sys EE9A22CFD9AEDD7B52F98B0272494609 C:\WINDOWS\System32\drivers\VMBusHID.sys BFBD0895926FD98A03AD6BB845B569B7 C:\WINDOWS\System32\drivers\vmgid.sys C123C97D351C56C75FE5335AB18255EE C:\WINDOWS\System32\drivers\volmgr.sys 0AB9C264F13E2A070A8CF10EDD099ED2 C:\WINDOWS\System32\drivers\volmgrx.sys 6EE608257C1137A25B402EF8FC77E83A C:\WINDOWS\System32\drivers\volsnap.sys E3429DBBEA3965BB96E24B16EF4A2551 C:\WINDOWS\System32\drivers\volume.sys 86E790B503C771E674C7DF8FFCBFEFDB C:\WINDOWS\System32\drivers\vpci.sys B25589A0892E6DF8CC07E5CB48BFC954 C:\WINDOWS\System32\drivers\vsmraid.sys AA4466A47D2CA7ECE3DCF5256017DCC3 C:\WINDOWS\System32\drivers\vstxraid.sys 98BB6C9AD39D8F2E883093F28282FAEC C:\WINDOWS\System32\drivers\vwifibus.sys B47026E109828102266CBE2F5F9AD113 C:\WINDOWS\System32\drivers\vwififlt.sys 799ECD541A9B2764B36A22A095885365 C:\WINDOWS\System32\drivers\vwifimp.sys 82CA088A33517D1C8571D6850CC13D7E C:\WINDOWS\System32\drivers\wacompen.sys F0F477541F7AF67CC05DA1CF4921A500 C:\WINDOWS\System32\DRIVERS\wanarp.sys FDD16EF9177A8A2EF08A7FA3D3EFAA13 C:\WINDOWS\System32\DRIVERS\wanarp.sys FDD16EF9177A8A2EF08A7FA3D3EFAA13 C:\WINDOWS\system32\drivers\wcifs.sys 923200B78F5284D674A3712204D0FEFA C:\WINDOWS\system32\drivers\wcnfs.sys 1737BEF60CA384423CE4B32AF1C2BFFC C:\WINDOWS\system32\drivers\WdBoot.sys 38130C1C5FE0E08820EE57E1B087B659 C:\WINDOWS\System32\drivers\Wdf01000.sys 0C6CBF3490EE5F0D62B5820568CA30B8 C:\WINDOWS\system32\drivers\WdFilter.sys F7B6CB0F9ECD28848E2BDACEAB0D9204 C:\WINDOWS\System32\DRIVERS\wdiwifi.sys BF45B43BA47D0FA769CE5AFBF7104F01 C:\WINDOWS\System32\Drivers\WdNisDrv.sys 82A4F22C884B4BAE8B531640859F9871 C:\WINDOWS\System32\drivers\wfplwfs.sys 3C8F0ABD00E197101DCF43FEF8FB0D76 C:\WINDOWS\System32\drivers\wimmount.sys 75014BF6510D4C6C69EEE5B7743A52AF C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys C8EBCFED8FD2CDF725E44AF93016621E C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys D318557F9D7CA3836104F0B8ECB1F32E C:\WINDOWS\System32\drivers\winmad.sys 31DDF1D001336B2DCE7DF24E99EF1D04 C:\WINDOWS\System32\drivers\winnat.sys 2E1A614EFB0523E20860AE7978DDA0A4 C:\WINDOWS\System32\drivers\WinUSB.SYS 03858B18BB6DF6A400D9FC5153FD28A8 C:\WINDOWS\System32\drivers\winverbs.sys 0BF4A43CF1F3A4D50AFA4561C3B4628D C:\WINDOWS\System32\drivers\wmiacpi.sys 0D6E1347A891607759340B1E55BA2A77 C:\Windows\System32\Drivers\Wof.sys 1AE1076034392218EE89D2744EC2A071 C:\WINDOWS\System32\drivers\WpdUpFltr.sys 1FD80CBB192A20375F3664639DEB57B5 C:\WINDOWS\system32\drivers\ws2ifsl.sys DAF4451760B46CB383D287C4FAFFE97D C:\WINDOWS\System32\drivers\WSDPrint.sys F6E37A2C168A58F0172DA50018959228 C:\WINDOWS\system32\DRIVERS\WSDScan.sys F454BF3F0D3F19057B8612CA523D22D5 C:\WINDOWS\System32\drivers\WudfPf.sys 455609BF60DA3B57EEAB863DEFCCF14D C:\WINDOWS\System32\drivers\WUDFRd.sys 5068DAA8F67A62E964C9C9F88B159EA9 C:\WINDOWS\System32\drivers\WUDFRd.sys 5068DAA8F67A62E964C9C9F88B159EA9 C:\WINDOWS\System32\drivers\xboxgip.sys B10655A4C2EFDC25483D670EF52A4854 C:\WINDOWS\System32\drivers\xinputhid.sys 2E50A379A8E4F6C5D85E87C26C08D329 ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-21 09:20 - 2017-08-21 09:20 - 000037586 _____ C:\Users\James\Desktop\FRST.txt 2017-08-21 09:19 - 2017-08-21 09:20 - 000000000 ____D C:\FRST 2017-08-21 09:18 - 2017-08-21 09:18 - 002395648 _____ (Farbar) C:\Users\James\Desktop\FRST64.exe 2017-08-21 09:16 - 2017-08-21 09:16 - 000001205 _____ C:\Users\James\Desktop\report.txt 2017-08-21 08:47 - 2017-08-21 08:47 - 000000000 ___HD C:\OneDriveTemp 2017-08-20 21:22 - 2017-08-20 22:06 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2017-08-20 21:22 - 2017-08-20 21:23 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2017-08-20 21:22 - 2017-08-20 21:22 - 000001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2017-08-20 21:22 - 2017-08-20 21:22 - 000001459 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2017-08-20 21:22 - 2017-08-20 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2017-08-20 21:22 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe 2017-08-19 13:49 - 2017-08-19 13:54 - 000528822 _____ C:\TDSSKiller.3.1.0.12_19.08.2017_13.49.45_log.txt 2017-08-19 13:47 - 2017-08-19 13:48 - 000006674 _____ C:\TDSSKiller.3.1.0.12_19.08.2017_13.47.49_log.txt 2017-08-18 23:35 - 2017-08-18 23:39 - 000529574 _____ C:\TDSSKiller.3.1.0.12_18.08.2017_23.35.38_log.txt 2017-08-16 12:02 - 2017-08-16 12:02 - 000026476 _____ C:\Users\James\Downloads\zebra yeezy sneaker shirts.jpeg 2017-08-15 14:32 - 2017-08-21 08:51 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-08-15 14:32 - 2017-08-20 15:41 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-08-15 14:32 - 2017-08-20 15:41 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-08-15 14:32 - 2017-08-20 15:41 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-08-15 14:32 - 2017-08-15 14:33 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-08-15 14:32 - 2017-08-15 14:32 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-08-15 14:32 - 2017-08-15 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-08-15 14:32 - 2017-08-15 14:32 - 000000000 ____D C:\Program Files\Malwarebytes 2017-08-15 14:32 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-08-13 14:33 - 2017-08-13 14:34 - 000265526 _____ C:\TDSSKiller.3.1.0.12_13.08.2017_14.33.24_log.txt 2017-08-13 14:32 - 2017-08-13 14:32 - 000000434 _____ C:\TDSSKiller.3.1.0.9_13.08.2017_14.32.36_log.txt 2017-08-13 14:28 - 2017-08-13 14:28 - 000000434 _____ C:\TDSSKiller.3.1.0.9_13.08.2017_14.28.28_log.txt 2017-08-11 17:17 - 2017-08-11 17:18 - 000451060 _____ C:\WINDOWS\Minidump\081117-30578-01.dmp 2017-08-08 13:30 - 2017-07-31 21:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-08-08 13:30 - 2017-07-31 21:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-08-08 13:30 - 2017-07-31 21:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-08-08 13:30 - 2017-07-31 21:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-08 13:30 - 2017-07-31 21:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-08-08 13:30 - 2017-07-31 21:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2017-08-08 13:30 - 2017-07-31 21:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-08 13:30 - 2017-07-31 21:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-08-08 13:30 - 2017-07-31 21:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-08-08 13:30 - 2017-07-31 21:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-08 13:30 - 2017-07-31 21:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-08-08 13:30 - 2017-07-31 21:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-08-08 13:30 - 2017-07-31 21:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-08-08 13:30 - 2017-07-31 21:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-08-08 13:30 - 2017-07-31 21:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-08-08 13:30 - 2017-07-31 21:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-08-08 13:30 - 2017-07-31 21:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-08-08 13:30 - 2017-07-31 21:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll 2017-08-08 13:30 - 2017-07-31 21:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-08-08 13:30 - 2017-07-31 21:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-08-08 13:30 - 2017-07-31 21:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-08-08 13:30 - 2017-07-31 21:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll 2017-08-08 13:30 - 2017-07-31 21:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-08 13:30 - 2017-07-31 21:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-08-08 13:30 - 2017-07-31 21:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-08-08 13:30 - 2017-07-31 21:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-08-08 13:30 - 2017-07-31 21:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2017-08-08 13:30 - 2017-07-31 21:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-08 13:30 - 2017-07-31 21:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-08 13:30 - 2017-07-31 21:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-08-08 13:30 - 2017-07-31 21:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-08-08 13:30 - 2017-07-31 21:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-08 13:30 - 2017-07-31 21:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-08 13:30 - 2017-07-31 20:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-08-08 13:30 - 2017-07-31 20:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-08-08 13:30 - 2017-07-31 20:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-08 13:30 - 2017-07-31 20:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-08-08 13:30 - 2017-07-31 20:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-08-08 13:30 - 2017-07-31 20:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-08-08 13:30 - 2017-07-31 20:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-08 13:30 - 2017-07-31 20:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-08 13:30 - 2017-07-31 20:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-08 13:30 - 2017-07-31 17:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-08 13:30 - 2017-07-28 00:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-08-08 13:30 - 2017-07-28 00:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2017-08-08 13:30 - 2017-07-28 00:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-08-08 13:30 - 2017-07-28 00:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-08-08 13:30 - 2017-07-28 00:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-08-08 13:30 - 2017-07-28 00:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-08-08 13:30 - 2017-07-28 00:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-08-08 13:30 - 2017-07-28 00:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-08-08 13:30 - 2017-07-27 23:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-08-08 13:30 - 2017-07-27 23:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2017-08-08 13:30 - 2017-07-27 23:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-08-08 13:30 - 2017-07-27 23:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-08-08 13:30 - 2017-07-27 23:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-08-08 13:30 - 2017-07-27 23:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-08-08 13:30 - 2017-07-27 23:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2017-08-08 13:30 - 2017-07-27 23:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll 2017-08-08 13:30 - 2017-07-27 23:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-08-08 13:30 - 2017-07-27 23:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll 2017-08-08 13:30 - 2017-07-27 23:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-08-08 13:30 - 2017-07-27 23:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-08-08 13:30 - 2017-07-27 23:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-08-08 13:30 - 2017-07-27 23:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2017-08-08 13:30 - 2017-07-27 23:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2017-08-08 13:30 - 2017-07-27 23:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-08-08 13:30 - 2017-07-27 23:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-08-08 13:30 - 2017-07-27 23:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-08-08 13:30 - 2017-07-27 23:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-08-08 13:30 - 2017-07-27 23:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll 2017-08-08 13:30 - 2017-07-27 23:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-08-08 13:30 - 2017-07-27 23:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll 2017-08-08 13:30 - 2017-07-27 23:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-08-08 13:30 - 2017-07-27 23:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-08-08 13:30 - 2017-07-27 23:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-08-08 13:30 - 2017-07-27 23:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2017-08-08 13:30 - 2017-07-27 23:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-08-08 13:30 - 2017-07-27 23:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-08-08 13:30 - 2017-07-27 23:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-08-08 13:30 - 2017-07-27 23:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-08-08 13:30 - 2017-07-27 23:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-08-08 13:30 - 2017-07-27 23:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll 2017-08-08 13:30 - 2017-07-27 23:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-08-08 13:30 - 2017-07-27 23:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-08-08 13:30 - 2017-07-27 23:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-08-08 13:30 - 2017-07-27 23:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-08-08 13:30 - 2017-07-27 23:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-08-08 13:30 - 2017-07-27 23:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-08-08 13:30 - 2017-07-27 23:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2017-08-08 13:30 - 2017-07-27 23:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-08-08 13:30 - 2017-07-27 23:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-08-08 13:30 - 2017-07-27 23:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-08-08 13:30 - 2017-07-27 23:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-08-08 13:30 - 2017-07-27 23:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-08-08 13:30 - 2017-07-27 23:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-08-08 13:30 - 2017-07-27 23:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-08-08 13:30 - 2017-07-27 23:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-08-08 13:30 - 2017-07-27 23:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-08-08 13:30 - 2017-07-27 23:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-08-08 13:30 - 2017-07-27 23:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-08-08 13:30 - 2017-07-27 23:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll 2017-08-08 13:30 - 2017-07-27 23:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-08-08 13:30 - 2017-07-27 23:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-08-08 13:30 - 2017-07-27 23:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-08-08 13:30 - 2017-07-27 23:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-08-08 13:30 - 2017-07-27 23:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-08-08 13:30 - 2017-07-27 23:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2017-08-08 13:30 - 2017-07-27 23:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-08-08 13:30 - 2017-07-27 23:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-08-08 13:30 - 2017-07-27 23:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-08-08 13:30 - 2017-07-27 23:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-08-08 13:30 - 2017-07-27 23:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-08-08 13:30 - 2017-07-27 23:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-08-08 13:30 - 2017-07-27 23:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2017-08-08 13:29 - 2017-07-31 21:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-08 13:29 - 2017-07-31 21:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-08 13:29 - 2017-07-31 21:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-08-08 13:29 - 2017-07-31 21:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-08-08 13:29 - 2017-07-31 21:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-08-08 13:29 - 2017-07-31 21:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-08-08 13:29 - 2017-07-31 21:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-08-08 13:29 - 2017-07-31 21:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-08-08 13:29 - 2017-07-31 21:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-08 13:29 - 2017-07-31 21:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-08-08 13:29 - 2017-07-31 21:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-08-08 13:29 - 2017-07-31 21:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-08-08 13:29 - 2017-07-31 21:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-08 13:29 - 2017-07-31 21:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2017-08-08 13:29 - 2017-07-31 21:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-08-08 13:29 - 2017-07-31 21:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-08-08 13:29 - 2017-07-31 21:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-08-08 13:29 - 2017-07-31 21:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-08 13:29 - 2017-07-31 20:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-08-08 13:29 - 2017-07-31 20:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-08-08 13:29 - 2017-07-31 20:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-08-08 13:29 - 2017-07-31 20:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-08-08 13:29 - 2017-07-31 20:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-08-08 13:29 - 2017-07-31 20:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-08-08 13:29 - 2017-07-31 20:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-08-08 13:29 - 2017-07-31 20:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-08-08 13:29 - 2017-07-31 20:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2017-08-08 13:29 - 2017-07-31 20:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll 2017-08-08 13:29 - 2017-07-31 20:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-08-08 13:29 - 2017-07-31 20:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2017-08-08 13:29 - 2017-07-31 20:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-08-08 13:29 - 2017-07-31 20:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll 2017-08-08 13:29 - 2017-07-31 20:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2017-08-08 13:29 - 2017-07-31 20:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2017-08-08 13:29 - 2017-07-31 20:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-08-08 13:29 - 2017-07-31 20:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-08-08 13:29 - 2017-07-31 20:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-08-08 13:29 - 2017-07-31 20:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2017-08-08 13:29 - 2017-07-31 20:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-08 13:29 - 2017-07-31 20:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-08-08 13:29 - 2017-07-31 20:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-08 13:29 - 2017-07-31 20:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-08-08 13:29 - 2017-07-31 20:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-08-08 13:29 - 2017-07-31 20:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-08-08 13:29 - 2017-07-31 20:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-08-08 13:29 - 2017-07-31 20:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-08-08 13:29 - 2017-07-31 20:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-08 13:29 - 2017-07-31 20:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2017-08-08 13:29 - 2017-07-31 20:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2017-08-08 13:29 - 2017-07-31 20:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-08-08 13:29 - 2017-07-31 20:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2017-08-08 13:29 - 2017-07-31 20:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2017-08-08 13:29 - 2017-07-31 20:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2017-08-08 13:29 - 2017-07-28 00:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-08-08 13:29 - 2017-07-28 00:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-08 13:29 - 2017-07-28 00:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-08-08 13:29 - 2017-07-28 00:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2017-08-08 13:29 - 2017-07-28 00:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2017-08-08 13:29 - 2017-07-28 00:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-08-08 13:29 - 2017-07-28 00:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-08-08 13:29 - 2017-07-28 00:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-08-08 13:29 - 2017-07-28 00:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-08-08 13:29 - 2017-07-28 00:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-08-08 13:29 - 2017-07-28 00:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-08-08 13:29 - 2017-07-28 00:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-08-08 13:29 - 2017-07-28 00:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-08-08 13:29 - 2017-07-28 00:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-08-08 13:29 - 2017-07-28 00:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-08-08 13:29 - 2017-07-28 00:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-08-08 13:29 - 2017-07-28 00:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-08-08 13:29 - 2017-07-28 00:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2017-08-08 13:29 - 2017-07-28 00:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2017-08-08 13:29 - 2017-07-28 00:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll 2017-08-08 13:29 - 2017-07-28 00:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-08-08 13:29 - 2017-07-28 00:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-08-08 13:29 - 2017-07-28 00:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-08-08 13:29 - 2017-07-28 00:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll 2017-08-08 13:29 - 2017-07-28 00:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-08-08 13:29 - 2017-07-28 00:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2017-08-08 13:29 - 2017-07-28 00:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-08-08 13:29 - 2017-07-28 00:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-08-08 13:29 - 2017-07-27 23:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2017-08-08 13:29 - 2017-07-27 23:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2017-08-08 13:29 - 2017-07-27 23:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2017-08-08 13:29 - 2017-07-27 23:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-08-08 13:29 - 2017-07-27 23:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2017-08-08 13:29 - 2017-07-27 23:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll 2017-08-08 13:29 - 2017-07-27 23:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-08-08 13:29 - 2017-07-27 23:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe 2017-08-08 13:29 - 2017-07-27 23:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll 2017-08-08 13:29 - 2017-07-27 23:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2017-08-08 13:29 - 2017-07-27 23:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2017-08-08 13:29 - 2017-07-27 23:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-08-08 13:29 - 2017-07-27 23:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-08-08 13:29 - 2017-07-27 23:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2017-08-08 13:29 - 2017-07-27 23:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-08-08 13:29 - 2017-07-27 23:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-08-08 13:29 - 2017-07-27 23:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-08-08 13:29 - 2017-07-27 23:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2017-08-08 13:29 - 2017-07-27 23:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-08-08 13:29 - 2017-07-27 23:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2017-08-08 13:29 - 2017-07-27 23:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-08-08 13:29 - 2017-07-27 23:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2017-08-08 13:29 - 2017-07-27 23:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll 2017-08-08 13:29 - 2017-07-27 23:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-08-08 13:29 - 2017-07-27 23:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2017-08-08 13:29 - 2017-07-27 23:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-08-08 13:29 - 2017-07-27 23:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-08-08 13:29 - 2017-07-27 23:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-08-08 13:29 - 2017-07-27 23:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-08-08 13:29 - 2017-07-27 23:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2017-08-08 13:29 - 2017-07-27 23:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll 2017-08-08 13:29 - 2017-07-27 23:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2017-08-08 13:29 - 2017-07-27 23:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2017-08-08 13:29 - 2017-07-27 23:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-08-08 13:29 - 2017-07-27 23:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-08-08 13:29 - 2017-07-27 23:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-08-08 13:29 - 2017-07-27 23:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2017-08-08 13:29 - 2017-07-27 23:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-08-08 13:29 - 2017-07-27 23:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-08-08 13:29 - 2017-07-27 23:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-08-08 13:29 - 2017-07-27 23:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-08-08 13:29 - 2017-07-27 23:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-08-08 13:29 - 2017-07-27 23:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-08-08 13:29 - 2017-07-27 23:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-08-08 13:29 - 2017-07-27 23:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-08-08 13:29 - 2017-07-27 23:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-08-08 13:29 - 2017-07-27 23:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2017-08-08 13:29 - 2017-07-27 23:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-08-08 13:29 - 2017-07-27 23:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-08-08 13:29 - 2017-07-27 23:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-08-08 13:29 - 2017-07-27 23:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll 2017-08-08 13:29 - 2017-07-27 23:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-08-08 13:29 - 2017-07-27 23:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-08-08 13:29 - 2017-07-27 23:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-08-08 13:29 - 2017-07-27 23:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-08-08 13:29 - 2017-07-27 23:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-08-08 13:29 - 2017-07-27 23:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-08-08 13:29 - 2017-07-27 23:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-08-08 13:29 - 2017-07-27 23:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-08-08 13:29 - 2017-07-27 23:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-08-08 13:29 - 2017-07-27 23:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-08-08 13:29 - 2017-07-27 23:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-08-08 13:29 - 2017-07-27 23:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-08-08 13:29 - 2017-07-27 23:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-08-08 13:29 - 2017-07-27 23:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-08-08 13:29 - 2017-07-27 23:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-08-08 13:29 - 2017-07-27 23:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2017-08-08 13:29 - 2017-07-27 23:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2017-08-08 13:29 - 2017-07-27 23:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2017-08-08 13:29 - 2017-07-27 23:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll 2017-08-08 13:29 - 2017-07-27 23:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-08-08 13:29 - 2017-07-27 23:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2017-08-08 13:29 - 2017-07-27 23:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2017-08-08 13:29 - 2017-07-27 23:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-08-08 13:29 - 2017-07-27 23:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-08-08 13:29 - 2017-07-27 23:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-08-08 13:29 - 2017-07-27 23:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-08-08 13:29 - 2017-07-27 23:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2017-08-08 13:06 - 2017-08-21 08:47 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-08-08 11:50 - 2017-08-08 11:50 - 000003632 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher 2017-08-08 11:42 - 2017-08-08 11:43 - 000411548 _____ C:\WINDOWS\Minidump\080817-32625-01.dmp 2017-08-07 16:57 - 2017-08-07 16:57 - 008185288 _____ (Malwarebytes) C:\Users\James\Downloads\adwcleaner_7.0.1.0.exe 2017-07-27 13:47 - 2017-07-27 13:47 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3134094431-3575185100-3874724725-1001 2017-07-11 19:51 - 2017-07-07 02:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-07-11 19:51 - 2017-07-07 02:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-07-11 19:51 - 2017-07-07 02:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-07-11 19:51 - 2017-07-07 02:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-07-11 19:51 - 2017-07-07 02:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-07-11 19:51 - 2017-07-07 01:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-07-11 19:51 - 2017-07-07 01:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2017-07-11 19:51 - 2017-07-07 01:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll 2017-07-11 19:51 - 2017-07-07 01:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-07-11 19:51 - 2017-07-07 01:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-07-11 19:51 - 2017-07-07 01:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2017-07-11 19:51 - 2017-07-07 01:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll 2017-07-11 19:51 - 2017-07-07 01:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-07-11 19:51 - 2017-07-07 01:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll 2017-07-11 19:51 - 2017-07-07 01:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2017-07-11 19:51 - 2017-07-07 01:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-07-11 19:51 - 2017-07-07 01:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-07-11 19:51 - 2017-07-07 01:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-07-11 19:51 - 2017-07-07 01:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-07-11 19:51 - 2017-07-07 01:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-07-11 19:51 - 2017-07-07 01:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-07-11 19:51 - 2017-07-07 01:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll 2017-07-11 19:51 - 2017-07-07 01:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-07-11 19:51 - 2017-07-07 01:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-07-11 19:51 - 2017-07-07 01:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-07-11 19:51 - 2017-07-07 01:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll 2017-07-11 19:51 - 2017-07-07 01:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll 2017-07-11 19:51 - 2017-07-07 01:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-07-11 19:51 - 2017-07-07 01:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2017-07-11 19:51 - 2017-07-07 01:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-07-11 19:51 - 2017-07-07 01:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-07-11 19:51 - 2017-07-07 01:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-07-11 19:51 - 2017-07-07 01:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-07-11 19:51 - 2017-07-07 01:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-07-11 19:51 - 2017-07-07 01:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-07-11 19:51 - 2017-07-07 01:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-07-11 19:51 - 2017-07-07 00:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-07-11 19:51 - 2017-07-07 00:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-07-11 19:51 - 2017-07-07 00:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-07-11 19:51 - 2017-07-07 00:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-07-11 19:51 - 2017-07-07 00:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-07-11 19:51 - 2017-07-07 00:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2017-07-11 19:51 - 2017-07-07 00:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-07-11 19:51 - 2017-07-07 00:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2017-07-11 19:51 - 2017-07-07 00:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2017-07-11 19:51 - 2017-06-20 01:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-07-11 19:51 - 2017-06-20 00:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-07-11 19:51 - 2017-06-20 00:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-07-11 19:51 - 2017-06-20 00:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll 2017-07-11 19:51 - 2017-06-20 00:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-07-11 19:51 - 2017-06-20 00:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2017-07-11 19:51 - 2017-06-20 00:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-07-11 19:51 - 2017-06-20 00:12 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys 2017-07-11 19:51 - 2017-06-20 00:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2017-07-11 19:51 - 2017-06-20 00:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-07-11 19:51 - 2017-06-20 00:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-07-11 19:51 - 2017-06-20 00:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-07-11 19:51 - 2017-06-20 00:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll 2017-07-11 19:51 - 2017-06-20 00:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-07-11 19:51 - 2017-06-20 00:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-07-11 19:51 - 2017-06-20 00:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-07-11 19:51 - 2017-06-20 00:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2017-07-11 19:51 - 2017-06-20 00:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-07-11 19:51 - 2017-06-20 00:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-07-11 19:51 - 2017-06-20 00:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-07-11 19:51 - 2017-06-20 00:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2017-07-11 19:51 - 2017-06-20 00:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2017-07-11 19:51 - 2017-06-20 00:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-07-11 19:51 - 2017-06-20 00:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-07-11 19:51 - 2017-06-20 00:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-07-11 19:51 - 2017-06-20 00:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-07-11 19:51 - 2017-06-20 00:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2017-07-11 19:51 - 2017-06-20 00:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-07-11 19:51 - 2017-06-20 00:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-07-11 19:51 - 2017-06-20 00:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-07-11 19:51 - 2017-06-20 00:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2017-07-11 19:51 - 2017-06-20 00:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2017-07-11 19:51 - 2017-06-20 00:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll 2017-07-11 19:51 - 2017-06-20 00:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-07-11 19:51 - 2017-06-20 00:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll 2017-07-11 19:51 - 2017-06-20 00:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-07-11 19:51 - 2017-06-20 00:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2017-07-11 19:51 - 2017-06-20 00:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-07-11 19:51 - 2017-06-20 00:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-07-11 19:51 - 2017-06-20 00:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-07-11 19:51 - 2017-06-19 23:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-07-11 19:51 - 2017-06-19 23:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-07-11 19:51 - 2017-06-19 23:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2017-07-11 19:51 - 2017-06-19 23:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-07-11 19:51 - 2017-06-19 23:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll 2017-07-11 19:51 - 2017-06-19 23:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll 2017-07-11 19:51 - 2017-06-19 23:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2017-07-11 19:51 - 2017-06-19 23:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2017-07-11 19:51 - 2017-06-19 23:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll 2017-07-11 19:51 - 2017-06-19 23:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-07-11 19:51 - 2017-06-19 23:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-07-11 19:51 - 2017-06-19 23:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll 2017-07-11 19:51 - 2017-06-19 23:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll 2017-07-11 19:51 - 2017-06-19 23:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll 2017-07-11 19:51 - 2017-06-19 23:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-07-11 19:51 - 2017-06-19 23:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-07-11 19:51 - 2017-06-19 23:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2017-07-11 19:51 - 2017-06-19 23:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-07-11 19:51 - 2017-06-19 23:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2017-07-11 19:51 - 2017-06-19 23:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2017-07-11 19:51 - 2017-06-19 23:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-07-11 19:51 - 2017-06-19 23:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-07-11 19:51 - 2017-06-19 23:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-07-11 19:51 - 2017-06-19 23:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-07-11 19:51 - 2017-06-19 23:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2017-07-11 19:51 - 2017-06-19 23:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-07-11 19:51 - 2017-06-19 23:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2017-07-11 19:51 - 2017-06-19 23:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2017-07-11 19:51 - 2017-06-19 23:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2017-07-11 19:51 - 2017-06-19 23:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll 2017-07-11 19:51 - 2017-06-19 23:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-07-11 19:51 - 2017-06-19 23:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2017-07-11 19:51 - 2017-06-19 23:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2017-07-11 19:51 - 2017-06-19 23:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2017-07-11 19:51 - 2017-06-19 23:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-07-11 19:51 - 2017-06-19 23:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2017-07-11 19:51 - 2017-06-19 23:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-07-11 19:51 - 2017-06-19 23:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2017-07-11 19:51 - 2017-06-19 23:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-07-11 19:51 - 2017-06-19 23:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-07-11 19:51 - 2017-06-19 23:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-07-11 19:51 - 2017-06-19 23:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-07-11 19:51 - 2017-06-19 23:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-07-11 19:51 - 2017-06-19 23:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv 2017-07-11 19:51 - 2017-06-19 23:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-07-11 19:51 - 2017-06-19 23:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-07-11 19:51 - 2017-06-19 23:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2017-07-11 19:50 - 2017-07-07 09:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll 2017-07-11 19:50 - 2017-07-07 02:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-07-11 19:50 - 2017-07-07 02:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-07-11 19:50 - 2017-07-07 02:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-07-11 19:50 - 2017-07-07 02:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-07-11 19:50 - 2017-07-07 02:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-07-11 19:50 - 2017-07-07 02:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-07-11 19:50 - 2017-07-07 02:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-07-11 19:50 - 2017-07-07 02:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-07-11 19:50 - 2017-07-07 02:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2017-07-11 19:50 - 2017-07-07 02:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-07-11 19:50 - 2017-07-07 02:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-07-11 19:50 - 2017-07-07 02:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-07-11 19:50 - 2017-07-07 02:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2017-07-11 19:50 - 2017-07-07 02:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll 2017-07-11 19:50 - 2017-07-07 02:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-07-11 19:50 - 2017-07-07 02:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-07-11 19:50 - 2017-07-07 02:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-07-11 19:50 - 2017-07-07 02:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll 2017-07-11 19:50 - 2017-07-07 02:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-07-11 19:50 - 2017-07-07 02:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-07-11 19:50 - 2017-07-07 01:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll 2017-07-11 19:50 - 2017-07-07 01:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-07-11 19:50 - 2017-07-07 01:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-07-11 19:50 - 2017-07-07 01:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2017-07-11 19:50 - 2017-07-07 01:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2017-07-11 19:50 - 2017-07-07 01:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll 2017-07-11 19:50 - 2017-07-07 01:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-07-11 19:50 - 2017-07-07 01:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll 2017-07-11 19:50 - 2017-07-07 01:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-07-11 19:50 - 2017-07-07 01:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll 2017-07-11 19:50 - 2017-07-07 01:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll 2017-07-11 19:50 - 2017-07-07 01:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-07-11 19:50 - 2017-07-07 01:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-07-11 19:50 - 2017-07-07 01:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll 2017-07-11 19:50 - 2017-07-07 01:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-07-11 19:50 - 2017-07-07 01:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2017-07-11 19:50 - 2017-07-07 01:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll 2017-07-11 19:50 - 2017-07-07 01:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-07-11 19:50 - 2017-07-07 01:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-07-11 19:50 - 2017-07-07 01:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2017-07-11 19:50 - 2017-07-07 01:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-07-11 19:50 - 2017-07-07 01:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-07-11 19:50 - 2017-07-07 01:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-07-11 19:50 - 2017-07-07 01:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-07-11 19:50 - 2017-07-07 01:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-07-11 19:50 - 2017-07-07 01:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-07-11 19:50 - 2017-07-07 01:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-07-11 19:50 - 2017-07-07 01:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-07-11 19:50 - 2017-07-07 01:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-07-11 19:50 - 2017-07-07 01:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-07-11 19:50 - 2017-07-07 01:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-07-11 19:50 - 2017-07-07 01:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-07-11 19:50 - 2017-07-07 01:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-07-11 19:50 - 2017-07-07 01:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-07-11 19:50 - 2017-07-07 01:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2017-07-11 19:50 - 2017-07-07 01:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-07-11 19:50 - 2017-07-07 01:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2017-07-11 19:50 - 2017-07-07 01:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2017-07-11 19:50 - 2017-07-07 01:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2017-07-11 19:50 - 2017-07-07 01:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2017-07-11 19:50 - 2017-07-07 01:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2017-07-11 19:50 - 2017-07-07 01:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2017-07-11 19:50 - 2017-07-01 17:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-07-11 19:50 - 2017-06-20 01:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-07-11 19:50 - 2017-06-20 01:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-07-11 19:50 - 2017-06-20 01:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-07-11 19:50 - 2017-06-20 01:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-07-11 19:50 - 2017-06-20 01:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-07-11 19:50 - 2017-06-20 01:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-07-11 19:50 - 2017-06-20 01:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-07-11 19:50 - 2017-06-20 01:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-07-11 19:50 - 2017-06-20 01:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-07-11 19:50 - 2017-06-20 01:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-07-11 19:50 - 2017-06-20 01:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-07-11 19:50 - 2017-06-20 01:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2017-07-11 19:50 - 2017-06-20 01:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-07-11 19:50 - 2017-06-20 01:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-07-11 19:50 - 2017-06-20 01:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-07-11 19:50 - 2017-06-20 01:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-07-11 19:50 - 2017-06-20 01:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-07-11 19:50 - 2017-06-20 01:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe 2017-07-11 19:50 - 2017-06-20 01:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-07-11 19:50 - 2017-06-20 01:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-07-11 19:50 - 2017-06-20 01:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-07-11 19:50 - 2017-06-20 01:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2017-07-11 19:50 - 2017-06-20 00:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2017-07-11 19:50 - 2017-06-20 00:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2017-07-11 19:50 - 2017-06-20 00:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2017-07-11 19:50 - 2017-06-20 00:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-07-11 19:50 - 2017-06-20 00:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-07-11 19:50 - 2017-06-20 00:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2017-07-11 19:50 - 2017-06-20 00:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-07-11 19:50 - 2017-06-20 00:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-07-11 19:50 - 2017-06-20 00:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-07-11 19:50 - 2017-06-20 00:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2017-07-11 19:50 - 2017-06-20 00:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll 2017-07-11 19:50 - 2017-06-20 00:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2017-07-11 19:50 - 2017-06-20 00:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll 2017-07-11 19:50 - 2017-06-20 00:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-07-11 19:50 - 2017-06-20 00:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-07-11 19:50 - 2017-06-20 00:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2017-07-11 19:50 - 2017-06-20 00:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe 2017-07-11 19:50 - 2017-06-20 00:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2017-07-11 19:50 - 2017-06-20 00:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll 2017-07-11 19:50 - 2017-06-20 00:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll 2017-07-11 19:50 - 2017-06-20 00:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll 2017-07-11 19:50 - 2017-06-20 00:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2017-07-11 19:50 - 2017-06-20 00:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2017-07-11 19:50 - 2017-06-20 00:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-07-11 19:50 - 2017-06-20 00:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-07-11 19:50 - 2017-06-20 00:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2017-07-11 19:50 - 2017-06-20 00:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-07-11 19:50 - 2017-06-20 00:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-07-11 19:50 - 2017-06-20 00:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-07-11 19:50 - 2017-06-20 00:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-07-11 19:50 - 2017-06-20 00:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2017-07-11 19:50 - 2017-06-20 00:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-07-11 19:50 - 2017-06-20 00:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2017-07-11 19:50 - 2017-06-20 00:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-07-11 19:50 - 2017-06-20 00:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2017-07-11 19:50 - 2017-06-20 00:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2017-07-11 19:50 - 2017-06-20 00:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-07-11 19:50 - 2017-06-20 00:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2017-07-11 19:50 - 2017-06-20 00:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2017-07-11 19:50 - 2017-06-20 00:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2017-07-11 19:50 - 2017-06-20 00:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-07-11 19:50 - 2017-06-20 00:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-07-11 19:50 - 2017-06-20 00:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2017-07-11 19:50 - 2017-06-20 00:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-07-11 19:50 - 2017-06-20 00:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2017-07-11 19:50 - 2017-06-20 00:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-07-11 19:50 - 2017-06-20 00:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-07-11 19:50 - 2017-06-20 00:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-07-11 19:50 - 2017-06-20 00:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-07-11 19:50 - 2017-06-20 00:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-07-11 19:50 - 2017-06-20 00:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-07-11 19:50 - 2017-06-20 00:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-07-11 19:50 - 2017-06-19 23:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2017-07-11 19:50 - 2017-06-19 23:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll 2017-07-11 19:50 - 2017-06-19 23:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv 2017-07-11 19:50 - 2017-06-19 23:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-06-13 14:46 - 2017-06-03 05:09 - 001003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-06-13 14:46 - 2017-06-03 05:00 - 000219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2017-06-13 14:46 - 2017-06-03 04:59 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-06-13 14:46 - 2017-06-03 04:59 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-06-13 14:46 - 2017-06-03 04:59 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-06-13 14:46 - 2017-06-03 04:26 - 000266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll 2017-06-13 14:46 - 2017-06-03 04:23 - 000573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2017-06-13 14:46 - 2017-06-03 04:14 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2017-06-13 14:46 - 2017-06-03 04:12 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-06-13 14:46 - 2017-06-03 04:11 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-06-13 14:46 - 2017-06-03 04:11 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-06-13 14:46 - 2017-06-03 04:11 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-06-13 14:46 - 2017-06-03 04:11 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-06-13 14:46 - 2017-06-03 04:10 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-06-13 14:46 - 2017-06-03 04:09 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-06-13 14:46 - 2017-06-03 04:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2017-06-13 14:46 - 2017-06-03 04:05 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-06-13 14:46 - 2017-06-03 04:05 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll 2017-06-13 14:46 - 2017-06-03 04:00 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-06-13 14:46 - 2017-06-03 03:58 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-06-13 14:46 - 2017-06-03 03:57 - 006535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-06-13 14:46 - 2017-06-03 03:57 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-06-13 14:46 - 2017-06-03 03:54 - 002341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-06-13 14:46 - 2017-05-20 04:13 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-06-13 14:46 - 2017-05-20 03:55 - 000606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-06-13 14:46 - 2017-05-20 03:47 - 001474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-06-13 14:46 - 2017-05-20 03:46 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-06-13 14:46 - 2017-05-20 03:43 - 004672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-06-13 14:46 - 2017-05-20 03:43 - 001455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-06-13 14:46 - 2017-05-20 03:27 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-06-13 14:46 - 2017-05-20 03:26 - 000059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll 2017-06-13 14:46 - 2017-05-20 03:26 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-06-13 14:46 - 2017-05-20 03:25 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll 2017-06-13 14:46 - 2017-05-20 03:25 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-06-13 14:46 - 2017-05-20 03:22 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2017-06-13 14:46 - 2017-05-20 03:22 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll 2017-06-13 14:46 - 2017-05-20 03:21 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2017-06-13 14:46 - 2017-05-20 03:21 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2017-06-13 14:46 - 2017-05-20 03:21 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll 2017-06-13 14:46 - 2017-05-20 03:20 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-06-13 14:46 - 2017-05-20 03:17 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-06-13 14:46 - 2017-05-20 03:16 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-06-13 14:46 - 2017-05-20 03:15 - 002088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2017-06-13 14:46 - 2017-05-20 03:14 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-06-13 14:46 - 2017-05-20 03:10 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-06-13 14:46 - 2017-05-20 03:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll 2017-06-13 14:46 - 2017-05-20 03:08 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll 2017-06-13 14:46 - 2017-05-20 02:07 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-06-13 14:46 - 2017-05-20 01:58 - 000188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-06-13 14:46 - 2017-05-20 01:55 - 001911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-06-13 14:46 - 2017-05-20 01:54 - 000730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-06-13 14:46 - 2017-05-20 01:54 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-06-13 14:46 - 2017-05-20 01:54 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-06-13 14:46 - 2017-05-20 01:10 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll 2017-06-13 14:46 - 2017-05-20 01:08 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys 2017-06-13 14:46 - 2017-05-20 01:07 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2017-06-13 14:46 - 2017-05-20 01:07 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll 2017-06-13 14:46 - 2017-05-20 01:07 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2017-06-13 14:46 - 2017-05-20 01:06 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-06-13 14:46 - 2017-05-20 01:00 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-06-13 14:45 - 2017-06-03 05:15 - 001596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-06-13 14:45 - 2017-06-03 05:15 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-06-13 14:45 - 2017-06-03 05:10 - 000130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2017-06-13 14:45 - 2017-06-03 05:00 - 000321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll 2017-06-13 14:45 - 2017-06-03 04:58 - 000660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2017-06-13 14:45 - 2017-06-03 04:14 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-06-13 14:45 - 2017-06-03 04:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2017-06-13 14:45 - 2017-06-03 04:10 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe 2017-06-13 14:45 - 2017-06-03 04:09 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-06-13 14:45 - 2017-06-03 04:09 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll 2017-06-13 14:45 - 2017-06-03 04:01 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-06-13 14:45 - 2017-06-03 03:59 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-06-13 14:45 - 2017-06-03 03:59 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-06-13 14:45 - 2017-06-03 03:58 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-06-13 14:45 - 2017-06-03 03:51 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe 2017-06-13 14:45 - 2017-05-20 02:08 - 001459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-06-13 14:45 - 2017-05-20 02:08 - 000543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-06-13 14:45 - 2017-05-20 02:03 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-06-13 14:45 - 2017-05-20 01:59 - 000112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2017-06-13 14:45 - 2017-05-20 01:56 - 000370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-06-13 14:45 - 2017-05-20 01:55 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-06-13 14:45 - 2017-05-20 01:53 - 000363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2017-06-13 14:45 - 2017-05-20 01:52 - 004709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-06-13 14:45 - 2017-05-20 01:52 - 001700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-06-13 14:45 - 2017-05-20 01:10 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll 2017-06-13 14:45 - 2017-05-20 01:10 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys 2017-06-13 14:45 - 2017-05-20 01:09 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-06-13 14:45 - 2017-05-20 01:08 - 000086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll 2017-06-13 14:45 - 2017-05-20 01:08 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-06-13 14:45 - 2017-05-20 01:06 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll 2017-06-13 14:45 - 2017-05-20 01:06 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 2017-06-13 14:45 - 2017-05-20 01:03 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2017-06-13 14:45 - 2017-05-20 01:03 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll 2017-06-13 14:45 - 2017-05-20 01:02 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2017-06-13 14:45 - 2017-05-20 01:02 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll 2017-06-13 14:45 - 2017-05-20 01:01 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2017-06-13 14:45 - 2017-05-20 01:01 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2017-06-13 14:45 - 2017-05-20 01:01 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2017-06-13 14:45 - 2017-05-20 01:01 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll 2017-06-13 14:45 - 2017-05-20 01:00 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2017-06-13 14:45 - 2017-05-20 00:59 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2017-06-13 14:45 - 2017-05-20 00:59 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-06-13 14:45 - 2017-05-20 00:59 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2017-06-13 14:45 - 2017-05-20 00:58 - 003135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2017-06-13 14:45 - 2017-05-20 00:58 - 000909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2017-06-13 14:45 - 2017-05-20 00:56 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-06-13 14:45 - 2017-05-20 00:55 - 001102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-06-13 14:45 - 2017-05-20 00:54 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-06-13 14:45 - 2017-05-20 00:52 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2017-06-13 14:45 - 2017-05-20 00:52 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-06-13 14:45 - 2017-05-20 00:51 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2017-06-13 14:45 - 2017-05-20 00:50 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-06-13 14:45 - 2017-05-20 00:50 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll 2017-06-13 14:45 - 2017-05-20 00:48 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-06-13 14:45 - 2017-05-20 00:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-06-13 14:45 - 2017-05-20 00:47 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2017-06-13 14:45 - 2017-05-20 00:47 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll 2017-06-11 13:11 - 2017-06-11 13:12 - 000616676 _____ C:\WINDOWS\Minidump\061117-27093-01.dmp 2017-06-06 09:46 - 2017-06-06 09:47 - 000581932 _____ C:\WINDOWS\Minidump\060617-24250-01.dmp 2017-05-27 07:52 - 2017-08-11 17:17 - 000000000 ____D C:\WINDOWS\Minidump 2017-05-27 07:52 - 2017-05-27 07:54 - 000608868 _____ C:\WINDOWS\Minidump\052717-25187-01.dmp ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-21 09:20 - 2017-05-10 17:16 - 000004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{74DE97B6-1675-4C15-9D73-7E92227EF823} 2017-08-21 09:13 - 2017-05-10 16:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-21 08:47 - 2017-05-10 17:01 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-08-21 08:47 - 2015-01-27 21:34 - 000000094 _____ C:\Users\James\AppData\Roaming\sp_data.sys 2017-08-21 08:47 - 2015-01-27 21:34 - 000000000 __RDO C:\Users\James\OneDrive 2017-08-21 08:47 - 2015-01-27 21:33 - 000000000 __SHD C:\Users\James\IntelGraphicsProfiles 2017-08-20 22:07 - 2015-12-24 11:57 - 000000000 ____D C:\AdwCleaner 2017-08-20 18:22 - 2015-12-24 12:13 - 000000000 ____D C:\Users\James\AppData\Roaming\AVAST Software 2017-08-20 15:41 - 2017-05-10 17:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-20 15:40 - 2017-03-18 06:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2017-08-20 13:28 - 2017-03-18 16:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-20 13:28 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-19 13:48 - 2017-05-10 16:58 - 000217000 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-19 13:46 - 2017-05-10 17:16 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-08-19 08:44 - 2016-03-27 17:19 - 011584088 _____ (SurfRight B.V.) C:\Users\James\Downloads\hitmanpro_x64.exe 2017-08-18 23:34 - 2015-12-26 12:35 - 000000000 ____D C:\Users\James\Documents\Site Files 2017-08-18 12:05 - 2015-01-27 21:56 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-08-15 15:00 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-08-15 14:32 - 2015-06-28 22:28 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-08-14 15:15 - 2016-07-21 02:25 - 000000000 ___RD C:\Users\James\Downloads\Star 2017-08-13 14:30 - 2017-05-08 17:47 - 000000000 ____D C:\Users\James\Downloads\MJ 2017-08-13 14:24 - 2017-05-10 17:17 - 001277450 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-13 14:19 - 2017-05-10 17:02 - 000000000 ____D C:\Users\James 2017-08-11 17:19 - 2017-03-18 16:01 - 000000000 ____D C:\WINDOWS\INF 2017-08-11 17:17 - 2015-12-17 22:05 - 912870310 _____ C:\WINDOWS\MEMORY.DMP 2017-08-10 21:34 - 2016-05-10 22:03 - 000000000 ____D C:\Users\James\AppData\Roaming\vlc 2017-08-10 14:11 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\rescache 2017-08-09 19:34 - 2015-07-12 21:13 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2017-08-09 14:23 - 2015-01-28 12:25 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-08-09 14:18 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-08-09 09:38 - 2015-01-27 21:33 - 000000000 ____D C:\Users\James\AppData\Local\Packages 2017-08-08 13:33 - 2017-03-18 15:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-08 13:32 - 2015-02-08 16:26 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-08 13:31 - 2015-02-08 16:26 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-08 11:49 - 2015-08-31 13:58 - 000000000 ____D C:\ProgramData\SetupTPDriver 2017-08-08 11:49 - 2014-11-18 22:03 - 000000000 ____D C:\Program Files (x86)\ASUS 2017-07-31 10:15 - 2017-03-18 16:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-07-31 10:15 - 2017-03-18 16:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-27 13:47 - 2015-08-31 14:00 - 000002409 _____ C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Files in the root of some directories ======= 2015-01-27 21:34 - 2017-08-21 08:47 - 000000094 _____ () C:\Users\James\AppData\Roaming\sp_data.sys 2017-05-10 17:01 - 2017-05-10 17:01 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2014-04-25 17:24 - 2012-09-07 06:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd 2014-04-25 17:24 - 2009-07-22 05:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe 2014-04-25 17:24 - 2012-09-07 06:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {2c79d1f2-6f97-11e4-8254-806e6f6e6963} {2c79d1f3-6f97-11e4-8254-806e6f6e6963} {2c79d1f4-6f97-11e4-8254-806e6f6e6963} timeout 0 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {913c5c20-6f9e-11e4-a120-c58909c68b4e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {2c79d1f2-6f97-11e4-8254-806e6f6e6963} description UEFI:CD/DVD Drive Firmware Application (101fffff) ------------------------------- identifier {2c79d1f3-6f97-11e4-8254-806e6f6e6963} description UEFI:Removable Device Firmware Application (101fffff) ------------------------------- identifier {2c79d1f4-6f97-11e4-8254-806e6f6e6963} description UEFI:Network Device Windows Boot Loader ------------------- identifier {913c5c0f-6f9e-11e4-a120-c58909c68b4e} device ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions} path \windows\system32\boot\winload.efi description WinPE osdevice ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions} systemroot \windows nx OptIn detecthal Yes winpe Yes Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale en-US inherit {bootloadersettings} recoverysequence {913c5c22-6f9e-11e4-a120-c58909c68b4e} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {913c5c20-6f9e-11e4-a120-c58909c68b4e} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {913c5c22-6f9e-11e4-a120-c58909c68b4e} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{913c5c23-6f9e-11e4-a120-c58909c68b4e} path \windows\system32\winload.efi description Windows Recovery Environment locale en-US inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{913c5c23-6f9e-11e4-a120-c58909c68b4e} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {913c5c20-6f9e-11e4-a120-c58909c68b4e} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {913c5c22-6f9e-11e4-a120-c58909c68b4e} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {913c5c23-6f9e-11e4-a120-c58909c68b4e} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi Setup Ramdisk Options --------------------- identifier {ramdiskoptions} description Ramdisk options ramdisksdidevice partition=\Device\HarddiskVolume2 ramdisksdipath \boot\boot.sdi LastRegBack: 2017-08-11 17:29 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017 Ran by James (21-08-2017 09:21:00) Running from C:\Users\James\Desktop Windows 10 Home Version 1703 (X64) (2017-05-10 22:29:44) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3134094431-3575185100-3874724725-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3134094431-3575185100-3874724725-503 - Limited - Disabled) Guest (S-1-5-21-3134094431-3575185100-3874724725-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3134094431-3575185100-3874724725-1003 - Limited - Enabled) James (S-1-5-21-3134094431-3575185100-3874724725-1001 - Administrator - Enabled) => C:\Users\James ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Alcor Micro USB Card Reader Driver (HKLM-x32\...\{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5CA55DFC-2008-460F-B7A7-FB92100C4494}) (Version: 20.4.10117.43857 - Alcor Micro Corp.) ASUS FlipLock (HKLM\...\{9BF8EF7C-4AA1-4CA7-93DB-8F543EB35F4E}) (Version: 1.0.5 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1419.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation) Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3134094431-3575185100-3874724725-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.07.0057 - ST Microelectronics) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01FC79B3-14F2-4877-88A5-79E8D1DB1C4D} - System32\Tasks\HP AR Program Upload - ac113b146cef413aaca8e83d06627ba2b0ce57c6ba9747c6a29eefc541dd02cd => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>) Task: {0254E9E0-4046-4830-98C0-B567B055C2E6} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {1522CBE7-C449-4892-BB03-CABB26BB7402} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {1ED71119-981E-47BB-8E40-B54825F3C760} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {319888EC-21FC-41C6-835E-8C24F373CCCF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {370E97E4-60C2-403C-97F0-079AF29CDB84} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {47D8F4AE-CAF2-42E9-B827-29F2C5425037} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {50E53FB8-2DA3-418C-BFFA-E817B6ED245E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {5940F0CC-D64C-4246-8803-B810D2917BC1} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.) Task: {73BEC68C-D31A-4A6A-A3AA-5634BFCCA209} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {94AB4B20-9415-4AAD-8B5D-8E45598861AD} - System32\Tasks\HP AR Program Upload - b1f7a33c03864282ad272811079d87fb60b4fcbef4fc48a0b1e5bad98243af44 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>) Task: {9B677D21-31FD-4496-A2E9-173F63230FE4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {9F56757C-F78D-4964-A973-7593E14A7647} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation) Task: {AECB59D8-5EBB-4178-B488-1F4D46B8685E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {B4CA9ACE-64B2-47BA-9139-69B92BBD631A} - System32\Tasks\HP AR Program Upload - 4c3e89f9889046288275a99f18c34256fb2b88a698014677813c980509fdd6aa => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>) Task: {B51B63F3-9659-4DF7-BED9-1FA4D8CE9FDD} - System32\Tasks\HP AR Program Upload - aa296d25312148a8aed2f3cd427fda7b50def7a6588847fd8579a3aeb232521e => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>) Task: {BFAC7C37-67A5-41CA-B7B8-3F5B60B258B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {C5260A8D-95EC-4B77-AC17-5D003C1DE0C3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor) Task: {C880CBC1-3648-4BDB-BFA9-9F4AFA52D42E} - System32\Tasks\HP AR Program Upload - 5ea3b77c211c4f7cb7f39be42768f318b14ec24d85524a8bb217438bf6b11f34 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>) Task: {CE0D3F61-B5FD-49E1-8471-639720DA0F36} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {D6C24789-6217-4AF4-8401-2FAC8390E75C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {DA9FEAD9-F545-446B-8AA4-EA79817C2BBC} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek) Task: {F0A5305B-C906-490E-8C6F-318643A3CE45} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor) Task: {F1ECBAF5-2F9B-49AB-ACD6-4A1D36B9070B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {F1F5F2F0-1B42-4F43-9D39-95975556F33A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {F27F0578-74E6-4100-B121-60BFB84A821E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {F752C26D-1DA6-4D77-AF3F-47C1FFCEAC25} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {FDD2F58D-D99E-45A3-A99C-8D566AE6E14A} - System32\Tasks\HP AR Program Upload - dcbccd4a15614058a07c9d5362d340f7145ef94600ec469392b1fea226ab92b3 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-08-15 14:32 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-03-18 15:58 - 2017-03-18 15:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 15:59 - 2017-03-18 21:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-07-14 11:42 - 2017-07-14 11:42 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-07-14 11:42 - 2017-07-14 11:42 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-07-14 11:42 - 2017-07-14 11:42 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-07-14 11:42 - 2017-07-14 11:42 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll 2014-11-18 22:14 - 2014-02-12 19:19 - 000243200 _____ () C:\Program Files (x86)\ST Microelectronics\ST_ACCEL\FFP_DT.dll 2017-05-23 15:49 - 2017-05-23 15:49 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-07-25 10:32 - 2017-07-25 10:32 - 010631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-07-25 10:32 - 2017-07-25 10:32 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-08-17 09:36 - 2017-08-17 09:36 - 029627904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 000358912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 002536448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 020719104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 002415104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 003065856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-05-23 15:49 - 2017-05-23 15:49 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-15 08:43 - 2017-06-15 08:43 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-08-17 09:36 - 2017-08-17 09:36 - 001370112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2014-07-08 17:17 - 2014-07-08 17:17 - 000009216 _____ () C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll 2017-08-20 21:22 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2017-08-20 21:22 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2017-08-20 21:22 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2017-08-20 21:22 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-04-02 17:46 - 2014-04-02 17:46 - 000018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 17:46 - 2014-04-02 17:46 - 000117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 17:46 - 2014-04-02 17:46 - 000020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2014-04-02 17:46 - 2014-04-02 17:46 - 000037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\63532179.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\63532179.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3134094431-3575185100-3874724725-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\James\Downloads\420516-burn-notice-burn-notice.jpg DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{026FBB03-C0E6-45C8-A0BC-78B534CCD2C0}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe FirewallRules: [TCP Query User{B6F21425-B258-49D1-85BC-EA1E56D2D6A3}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe FirewallRules: [UDP Query User{2F0AF79C-017E-48BF-8ABC-D2B704D25E7F}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe FirewallRules: [TCP Query User{696601CE-547B-486C-859A-62DF942E49DB}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe FirewallRules: [UDP Query User{5E7D59C5-3E90-4DAA-9B4D-EEF287AF90C6}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe FirewallRules: [TCP Query User{611DC16D-81FE-4F22-90CE-6F133E6AD52E}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe FirewallRules: [{D6D1A9CF-8B46-408A-88F6-3C25653E1048}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS3F53\HPDiagnosticCoreUI.exe FirewallRules: [{887D6A32-9260-469F-A73D-4C00D8F5F224}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS3F53\HPDiagnosticCoreUI.exe FirewallRules: [{02C0D297-352D-4B5A-A5C1-FECBD05864C5}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{0CD1D048-00D1-45A0-86FA-D5606E1ACF4A}] => (Allow) LPort=5357 FirewallRules: [{6E2DB0DC-91C4-4632-9135-B71FE8ACA3D7}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{5F18A157-2780-4897-9EEF-269D374FA33F}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS632C\HPDiagnosticCoreUI.exe FirewallRules: [{5EA41590-FD41-494A-A8CE-2D5249321FB7}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS632C\HPDiagnosticCoreUI.exe FirewallRules: [{29F784F1-5D53-45BA-A2B8-C18F24260544}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS6DDD\HPDiagnosticCoreUI.exe FirewallRules: [{6881FDA4-0582-4520-90B3-733130AAD1DC}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS6DDD\HPDiagnosticCoreUI.exe FirewallRules: [{D18A7333-2467-4B04-BD56-2ABAB05C04D5}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS41A0\HPDiagnosticCoreUI.exe FirewallRules: [{72D56C29-6BCA-4A4C-90B3-7D4B5A5833E3}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS41A0\HPDiagnosticCoreUI.exe FirewallRules: [{555A4261-AE66-40DC-B77E-F805B8041738}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS4486\HPDiagnosticCoreUI.exe FirewallRules: [{A9B98D80-695B-4B78-95A2-F1874D467EC5}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS4486\HPDiagnosticCoreUI.exe FirewallRules: [{60FEB6A7-FDBC-44B3-A7FA-8C34B309D523}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS44B3\HPDiagnosticCoreUI.exe FirewallRules: [{E1732877-E174-4C35-BDBC-A57C418C7157}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS44B3\HPDiagnosticCoreUI.exe FirewallRules: [{861B18AD-F8F4-4AD5-9DE1-6570208A2529}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS4CF1\HPDiagnosticCoreUI.exe FirewallRules: [{A34D4781-E44E-474B-B8D9-0F8E96FEBC41}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS4CF1\HPDiagnosticCoreUI.exe FirewallRules: [{DB0A2B17-A5BC-4B51-BB8C-CA18446B28AB}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS2BD2\HPDiagnosticCoreUI.exe FirewallRules: [{70ED0703-D7D6-4269-BB73-C046B8228302}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS2BD2\HPDiagnosticCoreUI.exe FirewallRules: [{8C6E3A89-E1C9-4A7F-B4CA-FDDA6A7447E1}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS2F6F\HPDiagnosticCoreUI.exe FirewallRules: [{04CDC224-32F1-4A6E-AE64-197B596A0297}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS2F6F\HPDiagnosticCoreUI.exe FirewallRules: [{ADDF9FA4-9DFC-44A1-9263-7BC0A05172E0}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS0F8C\HPDiagnosticCoreUI.exe FirewallRules: [{AEE3DD6B-97EB-4FC7-9BE9-C47DAFA93F90}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS0F8C\HPDiagnosticCoreUI.exe FirewallRules: [{53F51FD9-0030-4577-A01C-1289E96D7661}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS0CCA\HPDiagnosticCoreUI.exe FirewallRules: [{0BFDB81F-5162-4998-A582-1548F916A8ED}] => (Allow) C:\Users\James\AppData\Local\Temp\7zS0CCA\HPDiagnosticCoreUI.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 04-08-2017 19:34:04 Scheduled Checkpoint 08-08-2017 11:48:54 Windows Update 20-08-2017 14:46:45 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Windows\System32\sdnclean64.exe".Error in manifest or policy file "C:\Windows\System32\sdnclean64.exe" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll" on line 2. The manifest file root element must be assembly. Error: (08/21/2017 08:46:56 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe" on line 2. The manifest file root element must be assembly. System errors: ============= Error: (08/21/2017 09:19:47 AM) (Source: DCOM) (EventID: 10010) (User: MY23) Description: The server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} did not register with DCOM within the required timeout. Error: (08/21/2017 08:50:27 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (08/20/2017 03:44:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (08/20/2017 03:41:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/20/2017 03:41:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (08/20/2017 03:41:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. Error: (08/20/2017 03:40:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/20/2017 03:40:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (08/20/2017 03:40:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The CyberGhost 6 Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/20/2017 03:40:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The TransformService service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-08-21 09:18:32.964 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:55:49.058 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:53:04.739 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:52:15.540 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:52:15.389 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:51:14.134 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:51:13.316 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-21 08:51:13.117 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-20 22:45:37.755 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-08-20 22:42:55.859 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage of memory in use: 33% Total physical RAM: 8075.55 MB Available physical RAM: 5339.87 MB Total Virtual: 9355.55 MB Available Virtual: 6409.19 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:444.65 GB) (Free:399 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 55DEF7AE) Partition: GPT. ==================== End of Addition.txt ============================
  3. I've been having the same problem with PUP.Optional.Legacy appearing on a scan. Usually 6 elements. Sometimes 4. After cleaning and rebooting the elements are gone for a few hours but reappear.
  4. I also wanted to add that I don't have chrome installed on my laptop. I use Microsoft Edge as my browser on my laptop, but on my Android phone I have Chrome.
  5. For about the past week, when I run AdwCleaner it finds 4 or 6 elements of Pup.Optional.Legacy. I have NOT noticed any problems with my computer, so I'm hoping that this is just a false positive, but when I googled it one site said it "is a particularly well made Trojan horse keylogger virus". That has me worried. When I clean the files using AdwCleaner and reboot it says it deleted the files. When I run Adwcleaner again after the reboot the files do not appear, but after a few hours if I run the scan again the files for Pup.Optional.Legacy reappear. Here is the text file log of the last scan showing 4 elements. Usually there are 6 elements found. # AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 20 22:38:52 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 07-31-2017.1 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C1].txt - [6735 B] - [2015/12/24 17:2:55] C:/AdwCleaner/AdwCleaner[C2].txt - [5436 B] - [2016/4/28 20:22:48] C:/AdwCleaner/AdwCleaner[C3].txt - [7877 B] - [2016/6/10 17:19:2] C:/AdwCleaner/AdwCleaner[C4].txt - [12546 B] - [2016/11/12 3:44:28] C:/AdwCleaner/AdwCleaner[C5].txt - [13707 B] - [2016/11/15 14:52:42] C:/AdwCleaner/AdwCleaner[C6].txt - [14309 B] - [2016/11/21 5:46:35] C:/AdwCleaner/AdwCleaner[C7].txt - [20033 B] - [2017/3/11 20:47:12] C:/AdwCleaner/AdwCleaner[S100].txt - [8315 B] - [2016/7/14 10:23:43] C:/AdwCleaner/AdwCleaner[S101].txt - [8390 B] - [2016/7/14 15:57:47] C:/AdwCleaner/AdwCleaner[S102].txt - [8465 B] - [2016/7/15 14:5:27] C:/AdwCleaner/AdwCleaner[S103].txt - [8541 B] - [2016/7/16 12:47:23] C:/AdwCleaner/AdwCleaner[S104].txt - [8616 B] - [2016/7/18 5:41:45] C:/AdwCleaner/AdwCleaner[S105].txt - [8691 B] - [2016/7/19 12:48:1] C:/AdwCleaner/AdwCleaner[S106].txt - [8766 B] - [2016/7/19 22:43:2] C:/AdwCleaner/AdwCleaner[S107].txt - [8841 B] - [2016/7/20 15:16:15] C:/AdwCleaner/AdwCleaner[S108].txt - [8916 B] - [2016/7/21 7:29:16] C:/AdwCleaner/AdwCleaner[S109].txt - [8991 B] - [2016/7/21 23:1:51] C:/AdwCleaner/AdwCleaner[S10].txt - [3139 B] - [2016/1/18 20:48:59] C:/AdwCleaner/AdwCleaner[S110].txt - [9066 B] - [2016/7/22 12:17:43] C:/AdwCleaner/AdwCleaner[S111].txt - [9141 B] - [2016/7/23 16:38:12] C:/AdwCleaner/AdwCleaner[S112].txt - [9216 B] - [2016/7/25 13:39:8] C:/AdwCleaner/AdwCleaner[S113].txt - [9291 B] - [2016/7/26 20:35:24] C:/AdwCleaner/AdwCleaner[S114].txt - [9366 B] - [2016/7/28 2:56:15] C:/AdwCleaner/AdwCleaner[S115].txt - [9441 B] - [2016/7/29 12:3:45] C:/AdwCleaner/AdwCleaner[S116].txt - [9516 B] - [2016/7/30 12:33:22] C:/AdwCleaner/AdwCleaner[S117].txt - [9591 B] - [2016/8/2 0:1:39] C:/AdwCleaner/AdwCleaner[S118].txt - [9666 B] - [2016/8/5 10:20:30] C:/AdwCleaner/AdwCleaner[S119].txt - [9741 B] - [2016/8/8 15:21:52] C:/AdwCleaner/AdwCleaner[S11].txt - [3139 B] - [2016/1/20 19:46:9] C:/AdwCleaner/AdwCleaner[S120].txt - [9816 B] - [2016/8/11 2:18:37] C:/AdwCleaner/AdwCleaner[S121].txt - [9891 B] - [2016/8/11 14:51:51] C:/AdwCleaner/AdwCleaner[S122].txt - [10317 B] - [2016/8/15 12:41:13] C:/AdwCleaner/AdwCleaner[S123].txt - [10393 B] - [2016/8/16 14:7:59] C:/AdwCleaner/AdwCleaner[S124].txt - [10469 B] - [2016/8/16 15:17:32] C:/AdwCleaner/AdwCleaner[S125].txt - [10545 B] - [2016/8/18 17:20:50] C:/AdwCleaner/AdwCleaner[S126].txt - [10621 B] - [2016/8/20 14:48:21] C:/AdwCleaner/AdwCleaner[S127].txt - [10697 B] - [2016/8/21 3:5:32] C:/AdwCleaner/AdwCleaner[S128].txt - [10773 B] - [2016/8/27 17:55:31] C:/AdwCleaner/AdwCleaner[S129].txt - [10849 B] - [2016/8/29 14:32:22] C:/AdwCleaner/AdwCleaner[S12].txt - [4340 B] - [2016/1/22 20:23:52] C:/AdwCleaner/AdwCleaner[S130].txt - [10925 B] - [2016/8/30 14:29:15] C:/AdwCleaner/AdwCleaner[S131].txt - [11001 B] - [2016/9/1 23:1:42] C:/AdwCleaner/AdwCleaner[S132].txt - [11077 B] - [2016/9/6 3:7:20] C:/AdwCleaner/AdwCleaner[S133].txt - [11153 B] - [2016/9/6 23:34:56] C:/AdwCleaner/AdwCleaner[S134].txt - [11229 B] - [2016/9/9 3:54:48] C:/AdwCleaner/AdwCleaner[S135].txt - [11305 B] - [2016/9/11 14:13:34] C:/AdwCleaner/AdwCleaner[S136].txt - [11381 B] - [2016/9/14 17:56:0] C:/AdwCleaner/AdwCleaner[S137].txt - [11457 B] - [2016/9/19 15:52:32] C:/AdwCleaner/AdwCleaner[S138].txt - [11533 B] - [2016/9/26 13:26:7] C:/AdwCleaner/AdwCleaner[S139].txt - [11609 B] - [2016/9/30 14:46:3] C:/AdwCleaner/AdwCleaner[S13].txt - [4340 B] - [2016/1/24 4:36:50] C:/AdwCleaner/AdwCleaner[S140].txt - [11685 B] - [2016/10/7 1:53:17] C:/AdwCleaner/AdwCleaner[S141].txt - [11761 B] - [2016/10/7 22:53:31] C:/AdwCleaner/AdwCleaner[S142].txt - [11837 B] - [2016/10/10 21:10:9] C:/AdwCleaner/AdwCleaner[S143].txt - [11913 B] - [2016/10/19 3:25:44] C:/AdwCleaner/AdwCleaner[S144].txt - [12003 B] - [2016/10/19 16:40:33] C:/AdwCleaner/AdwCleaner[S145].txt - [12079 B] - [2016/10/21 12:48:26] C:/AdwCleaner/AdwCleaner[S146].txt - [12155 B] - [2016/10/21 23:28:25] C:/AdwCleaner/AdwCleaner[S147].txt - [12231 B] - [2016/10/22 22:4:36] C:/AdwCleaner/AdwCleaner[S148].txt - [12307 B] - [2016/10/26 22:31:0] C:/AdwCleaner/AdwCleaner[S149].txt - [12383 B] - [2016/10/31 22:34:4] C:/AdwCleaner/AdwCleaner[S14].txt - [4342 B] - [2016/1/26 15:41:19] C:/AdwCleaner/AdwCleaner[S150].txt - [12459 B] - [2016/11/3 15:32:30] C:/AdwCleaner/AdwCleaner[S151].txt - [12535 B] - [2016/11/9 21:27:54] C:/AdwCleaner/AdwCleaner[S152].txt - [12677 B] - [2016/11/12 3:44:3] C:/AdwCleaner/AdwCleaner[S153].txt - [12761 B] - [2016/11/12 4:8:55] C:/AdwCleaner/AdwCleaner[S154].txt - [12837 B] - [2016/11/12 5:20:56] C:/AdwCleaner/AdwCleaner[S155].txt - [12913 B] - [2016/11/12 23:38:15] C:/AdwCleaner/AdwCleaner[S156].txt - [13797 B] - [2016/11/15 14:47:52] C:/AdwCleaner/AdwCleaner[S157].txt - [13139 B] - [2016/11/15 15:48:37] C:/AdwCleaner/AdwCleaner[S158].txt - [13215 B] - [2016/11/16 2:27:46] C:/AdwCleaner/AdwCleaner[S159].txt - [13291 B] - [2016/11/16 15:12:6] C:/AdwCleaner/AdwCleaner[S15].txt - [4342 B] - [2016/1/30 4:11:20] C:/AdwCleaner/AdwCleaner[S160].txt - [13367 B] - [2016/11/17 4:27:40] C:/AdwCleaner/AdwCleaner[S161].txt - [13443 B] - [2016/11/18 15:54:41] C:/AdwCleaner/AdwCleaner[S162].txt - [13519 B] - [2016/11/19 13:54:31] C:/AdwCleaner/AdwCleaner[S163].txt - [14399 B] - [2016/11/21 5:45:41] C:/AdwCleaner/AdwCleaner[S164].txt - [13745 B] - [2016/11/22 19:25:9] C:/AdwCleaner/AdwCleaner[S165].txt - [13821 B] - [2016/11/23 2:38:9] C:/AdwCleaner/AdwCleaner[S166].txt - [13897 B] - [2016/11/24 1:49:7] C:/AdwCleaner/AdwCleaner[S167].txt - [13973 B] - [2016/11/24 1:51:11] C:/AdwCleaner/AdwCleaner[S168].txt - [14049 B] - [2016/11/24 21:35:53] C:/AdwCleaner/AdwCleaner[S169].txt - [14125 B] - [2016/11/26 3:33:9] C:/AdwCleaner/AdwCleaner[S16].txt - [1924 B] - [2016/3/31 15:27:33] C:/AdwCleaner/AdwCleaner[S170].txt - [14201 B] - [2016/11/26 16:15:56] C:/AdwCleaner/AdwCleaner[S171].txt - [14277 B] - [2016/11/27 0:58:9] C:/AdwCleaner/AdwCleaner[S172].txt - [14353 B] - [2016/11/27 21:36:48] C:/AdwCleaner/AdwCleaner[S173].txt - [14429 B] - [2016/11/27 23:16:37] C:/AdwCleaner/AdwCleaner[S174].txt - [14505 B] - [2016/11/28 0:51:41] C:/AdwCleaner/AdwCleaner[S175].txt - [14581 B] - [2016/11/28 16:37:26] C:/AdwCleaner/AdwCleaner[S176].txt - [14657 B] - [2016/11/29 3:37:59] C:/AdwCleaner/AdwCleaner[S177].txt - [14733 B] - [2016/11/30 0:34:53] C:/AdwCleaner/AdwCleaner[S178].txt - [14809 B] - [2016/11/30 17:46:45] C:/AdwCleaner/AdwCleaner[S179].txt - [14885 B] - [2016/11/30 21:16:1] C:/AdwCleaner/AdwCleaner[S17].txt - [1998 B] - [2016/3/31 16:52:18] C:/AdwCleaner/AdwCleaner[S180].txt - [14961 B] - [2016/12/3 0:27:54] C:/AdwCleaner/AdwCleaner[S181].txt - [15036 B] - [2016/12/3 16:13:22] C:/AdwCleaner/AdwCleaner[S182].txt - [15112 B] - [2016/12/3 17:41:16] C:/AdwCleaner/AdwCleaner[S183].txt - [15189 B] - [2016/12/4 23:36:25] C:/AdwCleaner/AdwCleaner[S184].txt - [15265 B] - [2016/12/6 16:40:9] C:/AdwCleaner/AdwCleaner[S185].txt - [15341 B] - [2016/12/7 23:9:13] C:/AdwCleaner/AdwCleaner[S186].txt - [15417 B] - [2016/12/9 16:49:12] C:/AdwCleaner/AdwCleaner[S187].txt - [15493 B] - [2016/12/10 6:15:32] C:/AdwCleaner/AdwCleaner[S188].txt - [15569 B] - [2016/12/13 22:6:33] C:/AdwCleaner/AdwCleaner[S189].txt - [15644 B] - [2016/12/13 23:8:41] C:/AdwCleaner/AdwCleaner[S18].txt - [2072 B] - [2016/3/31 20:24:15] C:/AdwCleaner/AdwCleaner[S190].txt - [15721 B] - [2016/12/14 18:51:10] C:/AdwCleaner/AdwCleaner[S191].txt - [15797 B] - [2016/12/16 19:45:7] C:/AdwCleaner/AdwCleaner[S192].txt - [15873 B] - [2016/12/24 16:23:29] C:/AdwCleaner/AdwCleaner[S193].txt - [15948 B] - [2016/12/25 3:47:7] C:/AdwCleaner/AdwCleaner[S194].txt - [16025 B] - [2016/12/27 15:16:0] C:/AdwCleaner/AdwCleaner[S195].txt - [16100 B] - [2016/12/29 3:48:25] C:/AdwCleaner/AdwCleaner[S196].txt - [16177 B] - [2016/12/30 15:20:17] C:/AdwCleaner/AdwCleaner[S197].txt - [16252 B] - [2016/12/30 17:39:11] C:/AdwCleaner/AdwCleaner[S198].txt - [16329 B] - [2017/1/1 22:45:5] C:/AdwCleaner/AdwCleaner[S199].txt - [16405 B] - [2017/1/4 14:41:10] C:/AdwCleaner/AdwCleaner[S19].txt - [2146 B] - [2016/4/1 13:42:0] C:/AdwCleaner/AdwCleaner[S1].txt - [3224 B] - [2015/12/24 16:57:20] C:/AdwCleaner/AdwCleaner[S200].txt - [16480 B] - [2017/1/6 14:46:54] C:/AdwCleaner/AdwCleaner[S201].txt - [16557 B] - [2017/1/9 4:9:27] C:/AdwCleaner/AdwCleaner[S202].txt - [16633 B] - [2017/1/10 18:12:41] C:/AdwCleaner/AdwCleaner[S203].txt - [16710 B] - [2017/1/12 0:48:39] C:/AdwCleaner/AdwCleaner[S204].txt - [16785 B] - [2017/1/13 19:10:11] C:/AdwCleaner/AdwCleaner[S205].txt - [16861 B] - [2017/1/13 22:52:26] C:/AdwCleaner/AdwCleaner[S206].txt - [16937 B] - [2017/1/14 17:10:23] C:/AdwCleaner/AdwCleaner[S207].txt - [17014 B] - [2017/1/16 14:21:43] C:/AdwCleaner/AdwCleaner[S208].txt - [17090 B] - [2017/1/17 16:49:9] C:/AdwCleaner/AdwCleaner[S209].txt - [17166 B] - [2017/1/19 4:26:15] C:/AdwCleaner/AdwCleaner[S20].txt - [2220 B] - [2016/4/1 23:5:18] C:/AdwCleaner/AdwCleaner[S210].txt - [17242 B] - [2017/1/21 1:18:53] C:/AdwCleaner/AdwCleaner[S211].txt - [17318 B] - [2017/1/23 19:41:39] C:/AdwCleaner/AdwCleaner[S212].txt - [17394 B] - [2017/1/29 20:31:20] C:/AdwCleaner/AdwCleaner[S213].txt - [17470 B] - [2017/2/1 14:36:21] C:/AdwCleaner/AdwCleaner[S214].txt - [17546 B] - [2017/2/3 19:0:55] C:/AdwCleaner/AdwCleaner[S215].txt - [17622 B] - [2017/2/5 0:29:48] C:/AdwCleaner/AdwCleaner[S216].txt - [17698 B] - [2017/2/10 3:21:41] C:/AdwCleaner/AdwCleaner[S217].txt - [17773 B] - [2017/2/11 15:16:45] C:/AdwCleaner/AdwCleaner[S218].txt - [17850 B] - [2017/2/14 15:4:30] C:/AdwCleaner/AdwCleaner[S219].txt - [17925 B] - [2017/2/19 20:44:29] C:/AdwCleaner/AdwCleaner[S21].txt - [2294 B] - [2016/4/2 5:1:59] C:/AdwCleaner/AdwCleaner[S220].txt - [18002 B] - [2017/2/22 14:26:7] C:/AdwCleaner/AdwCleaner[S221].txt - [18078 B] - [2017/2/23 21:24:42] C:/AdwCleaner/AdwCleaner[S222].txt - [18154 B] - [2017/2/28 14:49:55] C:/AdwCleaner/AdwCleaner[S223].txt - [18230 B] - [2017/3/6 21:1:21] C:/AdwCleaner/AdwCleaner[S224].txt - [18306 B] - [2017/3/9 15:38:19] C:/AdwCleaner/AdwCleaner[S225].txt - [18377 B] - [2017/3/11 20:43:31] C:/AdwCleaner/AdwCleaner[S226].txt - [18531 B] - [2017/3/11 23:53:59] C:/AdwCleaner/AdwCleaner[S227].txt - [18608 B] - [2017/3/13 0:49:36] C:/AdwCleaner/AdwCleaner[S228].txt - [18684 B] - [2017/3/15 23:11:1] C:/AdwCleaner/AdwCleaner[S229].txt - [18760 B] - [2017/3/26 2:47:51] C:/AdwCleaner/AdwCleaner[S22].txt - [2368 B] - [2016/4/3 4:51:5] C:/AdwCleaner/AdwCleaner[S230].txt - [18836 B] - [2017/4/2 18:31:37] C:/AdwCleaner/AdwCleaner[S231].txt - [18912 B] - [2017/4/8 10:29:38] C:/AdwCleaner/AdwCleaner[S232].txt - [18987 B] - [2017/4/9 18:24:0] C:/AdwCleaner/AdwCleaner[S233].txt - [19064 B] - [2017/4/16 23:51:37] C:/AdwCleaner/AdwCleaner[S234].txt - [19140 B] - [2017/4/19 19:22:52] C:/AdwCleaner/AdwCleaner[S235].txt - [19216 B] - [2017/4/26 18:41:48] C:/AdwCleaner/AdwCleaner[S236].txt - [19291 B] - [2017/5/2 21:59:9] C:/AdwCleaner/AdwCleaner[S237].txt - [19368 B] - [2017/5/4 15:14:10] C:/AdwCleaner/AdwCleaner[S238].txt - [19444 B] - [2017/5/8 22:50:42] C:/AdwCleaner/AdwCleaner[S239].txt - [19520 B] - [2017/5/9 22:1:12] C:/AdwCleaner/AdwCleaner[S23].txt - [2442 B] - [2016/4/4 14:27:39] C:/AdwCleaner/AdwCleaner[S240].txt - [19596 B] - [2017/5/16 14:32:56] C:/AdwCleaner/AdwCleaner[S241].txt - [19672 B] - [2017/5/20 18:50:42] C:/AdwCleaner/AdwCleaner[S242].txt - [19747 B] - [2017/5/29 15:31:56] C:/AdwCleaner/AdwCleaner[S243].txt - [19824 B] - [2017/6/5 14:57:22] C:/AdwCleaner/AdwCleaner[S244].txt - [19900 B] - [2017/6/18 22:53:22] C:/AdwCleaner/AdwCleaner[S245].txt - [19976 B] - [2017/6/24 18:29:4] C:/AdwCleaner/AdwCleaner[S246].txt - [20052 B] - [2017/6/30 4:52:29] C:/AdwCleaner/AdwCleaner[S247].txt - [20128 B] - [2017/7/8 15:3:55] C:/AdwCleaner/AdwCleaner[S248].txt - [18647 B] - [2017/7/12 3:37:10] C:/AdwCleaner/AdwCleaner[S24].txt - [2516 B] - [2016/4/5 19:40:33] C:/AdwCleaner/AdwCleaner[S25].txt - [2590 B] - [2016/4/6 14:57:15] C:/AdwCleaner/AdwCleaner[S26].txt - [2664 B] - [2016/4/6 20:25:23] C:/AdwCleaner/AdwCleaner[S27].txt - [2738 B] - [2016/4/7 15:34:24] C:/AdwCleaner/AdwCleaner[S28].txt - [2812 B] - [2016/4/7 20:4:0] C:/AdwCleaner/AdwCleaner[S29].txt - [2886 B] - [2016/4/9 3:34:46] C:/AdwCleaner/AdwCleaner[S2].txt - [3135 B] - [2015/12/24 20:19:50] C:/AdwCleaner/AdwCleaner[S30].txt - [2960 B] - [2016/4/9 15:25:9] C:/AdwCleaner/AdwCleaner[S31].txt - [3034 B] - [2016/4/10 1:38:33] C:/AdwCleaner/AdwCleaner[S32].txt - [3108 B] - [2016/4/10 2:47:26] C:/AdwCleaner/AdwCleaner[S33].txt - [3181 B] - [2016/4/10 3:20:31] C:/AdwCleaner/AdwCleaner[S34].txt - [3256 B] - [2016/4/10 16:5:14] C:/AdwCleaner/AdwCleaner[S35].txt - [3330 B] - [2016/4/11 14:13:18] C:/AdwCleaner/AdwCleaner[S36].txt - [3404 B] - [2016/4/12 2:59:1] C:/AdwCleaner/AdwCleaner[S37].txt - [3478 B] - [2016/4/13 14:21:6] C:/AdwCleaner/AdwCleaner[S38].txt - [3552 B] - [2016/4/17 3:41:30] C:/AdwCleaner/AdwCleaner[S39].txt - [3626 B] - [2016/4/18 4:26:30] C:/AdwCleaner/AdwCleaner[S3].txt - [6976 B] - [2016/1/1 19:1:8] C:/AdwCleaner/AdwCleaner[S40].txt - [3700 B] - [2016/4/18 17:36:16] C:/AdwCleaner/AdwCleaner[S41].txt - [3774 B] - [2016/4/19 20:55:48] C:/AdwCleaner/AdwCleaner[S42].txt - [3848 B] - [2016/4/21 1:1:0] C:/AdwCleaner/AdwCleaner[S43].txt - [3922 B] - [2016/4/21 20:29:23] C:/AdwCleaner/AdwCleaner[S44].txt - [3996 B] - [2016/4/22 17:15:50] C:/AdwCleaner/AdwCleaner[S45].txt - [4070 B] - [2016/4/24 15:21:46] C:/AdwCleaner/AdwCleaner[S46].txt - [4144 B] - [2016/4/24 20:51:31] C:/AdwCleaner/AdwCleaner[S47].txt - [4218 B] - [2016/4/26 14:48:55] C:/AdwCleaner/AdwCleaner[S48].txt - [4317 B] - [2016/4/28 18:31:59] C:/AdwCleaner/AdwCleaner[S49].txt - [5251 B] - [2016/4/28 20:20:30] C:/AdwCleaner/AdwCleaner[S4].txt - [3136 B] - [2016/1/5 0:45:21] C:/AdwCleaner/AdwCleaner[S50].txt - [4538 B] - [2016/4/28 20:55:7] C:/AdwCleaner/AdwCleaner[S51].txt - [4612 B] - [2016/4/29 17:6:10] C:/AdwCleaner/AdwCleaner[S52].txt - [4686 B] - [2016/4/29 20:32:51] C:/AdwCleaner/AdwCleaner[S53].txt - [4760 B] - [2016/4/30 3:13:46] C:/AdwCleaner/AdwCleaner[S54].txt - [4834 B] - [2016/4/30 14:10:33] C:/AdwCleaner/AdwCleaner[S55].txt - [4908 B] - [2016/4/30 21:37:21] C:/AdwCleaner/AdwCleaner[S56].txt - [4982 B] - [2016/5/1 2:44:6] C:/AdwCleaner/AdwCleaner[S57].txt - [5056 B] - [2016/5/1 12:39:49] C:/AdwCleaner/AdwCleaner[S58].txt - [5130 B] - [2016/5/2 22:35:58] C:/AdwCleaner/AdwCleaner[S59].txt - [5204 B] - [2016/5/3 0:28:31] C:/AdwCleaner/AdwCleaner[S5].txt - [3136 B] - [2016/1/6 16:11:44] C:/AdwCleaner/AdwCleaner[S60].txt - [5278 B] - [2016/5/3 5:37:57] C:/AdwCleaner/AdwCleaner[S61].txt - [5352 B] - [2016/5/4 14:20:32] C:/AdwCleaner/AdwCleaner[S62].txt - [5426 B] - [2016/5/6 15:9:52] C:/AdwCleaner/AdwCleaner[S63].txt - [5500 B] - [2016/5/6 23:20:7] C:/AdwCleaner/AdwCleaner[S64].txt - [5574 B] - [2016/5/7 19:0:20] C:/AdwCleaner/AdwCleaner[S65].txt - [5648 B] - [2016/5/9 4:13:55] C:/AdwCleaner/AdwCleaner[S66].txt - [5722 B] - [2016/5/10 1:41:19] C:/AdwCleaner/AdwCleaner[S67].txt - [5796 B] - [2016/5/11 18:43:1] C:/AdwCleaner/AdwCleaner[S68].txt - [5870 B] - [2016/5/12 14:39:7] C:/AdwCleaner/AdwCleaner[S69].txt - [5944 B] - [2016/5/13 15:39:11] C:/AdwCleaner/AdwCleaner[S6].txt - [3136 B] - [2016/1/8 5:12:15] C:/AdwCleaner/AdwCleaner[S70].txt - [6018 B] - [2016/5/14 13:58:59] C:/AdwCleaner/AdwCleaner[S71].txt - [6092 B] - [2016/5/15 23:33:1] C:/AdwCleaner/AdwCleaner[S72].txt - [6166 B] - [2016/5/21 17:20:52] C:/AdwCleaner/AdwCleaner[S73].txt - [6240 B] - [2016/5/23 0:3:48] C:/AdwCleaner/AdwCleaner[S74].txt - [6314 B] - [2016/5/24 14:40:30] C:/AdwCleaner/AdwCleaner[S75].txt - [6388 B] - [2016/5/26 16:9:40] C:/AdwCleaner/AdwCleaner[S76].txt - [6462 B] - [2016/5/28 2:37:44] C:/AdwCleaner/AdwCleaner[S77].txt - [6536 B] - [2016/5/31 16:10:40] C:/AdwCleaner/AdwCleaner[S78].txt - [6610 B] - [2016/6/3 3:54:5] C:/AdwCleaner/AdwCleaner[S79].txt - [6684 B] - [2016/6/4 3:22:17] C:/AdwCleaner/AdwCleaner[S7].txt - [3136 B] - [2016/1/10 19:9:24] C:/AdwCleaner/AdwCleaner[S80].txt - [6758 B] - [2016/6/6 16:42:34] C:/AdwCleaner/AdwCleaner[S81].txt - [7692 B] - [2016/6/10 17:17:2] C:/AdwCleaner/AdwCleaner[S82].txt - [6979 B] - [2016/6/10 17:45:34] C:/AdwCleaner/AdwCleaner[S83].txt - [7053 B] - [2016/6/10 22:19:29] C:/AdwCleaner/AdwCleaner[S84].txt - [7127 B] - [2016/6/13 14:4:4] C:/AdwCleaner/AdwCleaner[S85].txt - [7204 B] - [2016/6/15 15:12:28] C:/AdwCleaner/AdwCleaner[S86].txt - [7277 B] - [2016/6/18 20:31:32] C:/AdwCleaner/AdwCleaner[S87].txt - [7352 B] - [2016/6/18 20:42:35] C:/AdwCleaner/AdwCleaner[S88].txt - [7426 B] - [2016/6/20 13:54:32] C:/AdwCleaner/AdwCleaner[S89].txt - [7500 B] - [2016/6/23 16:27:41] C:/AdwCleaner/AdwCleaner[S8].txt - [3136 B] - [2016/1/12 4:40:31] C:/AdwCleaner/AdwCleaner[S90].txt - [7574 B] - [2016/6/24 3:13:47] C:/AdwCleaner/AdwCleaner[S91].txt - [7648 B] - [2016/6/27 16:45:17] C:/AdwCleaner/AdwCleaner[S92].txt - [7722 B] - [2016/7/2 3:52:36] C:/AdwCleaner/AdwCleaner[S93].txt - [7796 B] - [2016/7/2 17:12:16] C:/AdwCleaner/AdwCleaner[S94].txt - [7870 B] - [2016/7/4 1:56:24] C:/AdwCleaner/AdwCleaner[S95].txt - [7944 B] - [2016/7/7 21:28:12] C:/AdwCleaner/AdwCleaner[S96].txt - [8018 B] - [2016/7/8 10:46:17] C:/AdwCleaner/AdwCleaner[S97].txt - [8092 B] - [2016/7/10 2:38:45] C:/AdwCleaner/AdwCleaner[S98].txt - [8166 B] - [2016/7/11 21:3:51] C:/AdwCleaner/AdwCleaner[S99].txt - [8240 B] - [2016/7/13 3:6:40] C:/AdwCleaner/AdwCleaner[S9].txt - [3136 B] - [2016/1/17 20:26:2] ########## EOF - C:\AdwCleaner\AdwCleaner[S248].txt ##########
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.