SeniorBrinco
-
Posts
6 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by SeniorBrinco
-
Yes! I have Control Panel Icons back! YES! "Windows Resource Protection did not find any integrity violations." Thank you so much. At this point Malawarebytes keeps finding a file "update.exe" that I cant seem to get rid off. I really appreciate your help mate, but I think my best option here is to factory reset windows again, what do you think? Windows explorer keeps on acting strangely CBS.rar
-
The image roughly translates something like: No damage on the component store (?) were detected. The operation completed successfully.
-
I forgot this log, sorry: --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.60, May 2018 (build 5.60.14817.1) Started On Sun Jun 10 18:57:34 2018 Engine: 1.1.14800.3 Signatures: 1.267.242.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sun Jun 10 18:59:15 2018 Return code: 0 (0x0)
-
Hello Kevin! and thanks for the help Here are the logs: Fix result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01 Ran by Eric (10-06-2018 17:12:50) Run:1 Running from C:\Users\Eric\Desktop Loaded Profiles: Eric (Available Profiles: Eric) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: R2 YTA2MmMzZDE1MjB; rundll32.exe C:\WINDOWS\smwgkfidpmjjaqow.smwgk HAKwrnJNP [X] S2 ZWViNmQxZDM3NzBjMWQ; C:\Program Files\ZWViNmQxZDM3NzBjMWQ\NTJhM2Y1Nj.exe [X] C:\Program Files\ZWViNmQxZDM3NzBjMWQ C:\Users\Eric\AppData\Roaming\5rjdlimipj1 2018-06-09 20:18 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\ebnjnmr2nph 2018-06-09 20:18 - 2018-06-09 21:01 - 000000000 ____D C:\Users\Eric\AppData\Local\kAUNCUkNWH 2018-06-09 20:17 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\znm2ddhcgvh 2018-06-09 20:17 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\orvx4pexvbk 2018-06-09 20:17 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\01ppmvbsuu2 C:\WINDOWS\system32\unknown Task: {30565007-A7C4-4FC8-9178-9EB09188F47A} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION C:\WINDOWS\smwgkfidpmjjaqow.smwgk FirewallRules: [{89A8808F-8A4A-4CD6-8FFD-B8643FC13ABF}] => (Allow) LPort=1900 FirewallRules: [{963C85A6-046F-40AB-92E5-424F10D98037}] => (Allow) LPort=2869 EmptyTemp: Hosts: CMD: ipconfig /flushDNS end ***************** Processes closed successfully. Restore point was successfully created. YTA2MmMzZDE1MjB => Unable to stop service. "HKLM\System\CurrentControlSet\Services\YTA2MmMzZDE1MjB" => removed successfully YTA2MmMzZDE1MjB => service removed successfully "HKLM\System\CurrentControlSet\Services\ZWViNmQxZDM3NzBjMWQ" => removed successfully ZWViNmQxZDM3NzBjMWQ => service removed successfully C:\Program Files\ZWViNmQxZDM3NzBjMWQ => moved successfully C:\Users\Eric\AppData\Roaming\5rjdlimipj1 => moved successfully C:\Users\Eric\AppData\Roaming\ebnjnmr2nph => moved successfully C:\Users\Eric\AppData\Local\kAUNCUkNWH => moved successfully C:\Users\Eric\AppData\Roaming\znm2ddhcgvh => moved successfully C:\Users\Eric\AppData\Roaming\orvx4pexvbk => moved successfully C:\Users\Eric\AppData\Roaming\01ppmvbsuu2 => moved successfully C:\WINDOWS\system32\unknown => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{30565007-A7C4-4FC8-9178-9EB09188F47A}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30565007-A7C4-4FC8-9178-9EB09188F47A}" => removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully C:\WINDOWS\smwgkfidpmjjaqow.smwgk => moved successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89A8808F-8A4A-4CD6-8FFD-B8643FC13ABF}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{963C85A6-046F-40AB-92E5-424F10D98037}" => removed successfully C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= ipconfig /flushDNS ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9730560 B Java, Flash, Steam htmlcache => 763 B Windows/system/drivers => 5853281 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 413208866 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 37 B systemprofile32 => 128 B LocalService => 81248 B NetworkService => 0 B Eric => 31126510 B RecycleBin => 1101904 B EmptyTemp: => 447.7 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 17:14:49 ==== Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/10/18 Scan Time: 5:42 PM Log File: ccd60b3e-6cee-11e8-a761-74d02b0d904e.json Administrator: Yes -Software Information- Version: 3.5.1.2522 Components Version: 1.0.374 Update Package Version: 1.0.5426 License: Trial -System Information- OS: Windows 8.1 CPU: x64 File System: NTFS User: REW\Eric -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 244108 Threats Detected: 23 Threats Quarantined: 23 Time Elapsed: 9 min, 33 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 Adware.Zdengo, C:\PROGRAM FILES\ZWVINMQXZDM3NZBJMWQ\NTJHM2Y1NJ.EXE, Quarantined, [7917], [518978],1.0.5426 Module: 1 Adware.Zdengo, C:\PROGRAM FILES\ZWVINMQXZDM3NZBJMWQ\NTJHM2Y1NJ.EXE, Quarantined, [7917], [518978],1.0.5426 Registry Key: 8 PUP.Optional.Wajam, HKU\S-1-5-21-1259819905-3050770896-629996550-1002\SOFTWARE\WajIEnhance, Quarantined, [209], [244670],1.0.5426 PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [209], [-1],0.0.0 Adware.SearchAwesome, HKLM\SOFTWARE\SrcAAAesom Browser Enhancer, Quarantined, [7333], [424837],1.0.5426 Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, Quarantined, [7333], [424837],1.0.5426 Adware.Zdengo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ZWViNmQxZDM3NzBjMWQ, Quarantined, [7917], [518978],1.0.5426 PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [209], [170024],1.0.5426 PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [209], [170024],1.0.5426 PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [209], [170024],1.0.5426 Registry Value: 3 PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [209], [-1],0.0.0 PUP.Optional.Wajam, HKU\S-1-5-21-1259819905-3050770896-629996550-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [209], [-1],0.0.0 PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [209], [-1],0.0.0 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL, Quarantined, [388], [479103],1.0.5426 File: 9 Adware.Zdengo, C:\WINDOWS\System32\drivers\NmNmNGNjODh.sys, Quarantined, [7917], [529376],0.0.0 Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL\XV.DB, Quarantined, [388], [479103],1.0.5426 Trojan.Agent, C:\Windows\SysWOW64\SSL\cert.db, Quarantined, [388], [479103],1.0.5426 Trojan.Agent, C:\Windows\SysWOW64\SSL\x.db, Quarantined, [388], [479103],1.0.5426 Trojan.Agent, C:\Windows\SysWOW64\SSL\ZmNlZWYzZjFlNWVl 2.cer, Quarantined, [388], [479103],1.0.5426 MachineLearning/Anomalous.100%, C:\WINDOWS\ODUZMWU5YMFLY.EXE, Quarantined, [0], [392687],1.0.5426 Adware.Zdengo, C:\PROGRAM FILES\ZWVINMQXZDM3NZBJMWQ\NTJHM2Y1NJ.EXE, Quarantined, [7917], [518978],1.0.5426 Adware.Zdengo, C:\PROGRAM FILES\ZWVINMQXZDM3NZBJMWQ\YJK3YWU3YTE4YWNK.EXE, Quarantined, [7917], [518978],1.0.5426 MachineLearning/Anomalous.100%, C:\WINDOWS\ODUZMWU5YMFLY.EXE, Quarantined, [0], [392687],1.0.5426 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) # ------------------------------- # Malwarebytes AdwCleaner 7.2.0.0 # ------------------------------- # Build: 06-05-2018 # Database: 2018-06-07.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 06-10-2018 # Duration: 00:00:04 # OS: Windows 8.1 # Cleaned: 2 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 Deleted HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1419 octets] - [10/06/2018 18:37:27] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## I'm still having the same issue as before, Control Panel is empty, and a windows explorer is functioning oddly (I attached a screenshot, its wierd the icons of the left side panel with that magnifying glass, never seen that before). Sorry for the spanish version of my windows, I'm from Argentina.
-
FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01 Ran by Eric (administrator) on REW (10-06-2018 16:09:00) Running from C:\Users\Eric\Desktop Loaded Profiles: Eric (Available Profiles: Eric) Platform: Windows 8.1 (Update) (X64) Language: Inglés (Estados Unidos) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (McAfee, LLC) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe (McAfee, LLC) C:\Windows\System32\mfevtps.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\PEF\CORE\PEFService.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (McAfee, LLC) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_8\mcapexe.exe (McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\2.9.175.0\McCSPServiceHost.exe (McAfee LLC.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe Failed to access process -> mbam.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe (Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s**RtHDVCpl****C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s**kernel32.dll* HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation) HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [602288 2018-04-11] (McAfee, Inc.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-04-16] (ASUS) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] (Atheros Communications) AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [182600 2018-06-02] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [159712 2018-06-02] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7504B86C-4C3A-4377-94D2-C57DAAD82633}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1259819905-3050770896-629996550-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1259819905-3050770896-629996550-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKU\S-1-5-21-1259819905-3050770896-629996550-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24] (Qualcomm Atheros Commnucations) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-06-05] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-06-05] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2018-04-11] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2018-04-11] (McAfee, Inc.) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-06-10] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-10] () FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-04-11] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-10] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-11] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-11] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-04-11] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) [File not signed] S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-11] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-11] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-06-05] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728808 2018-04-09] (McAfee, Inc.) S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe [2141912 2018-04-06] (McAfee, Inc.) S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-23] (McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-23] (McAfee, LLC) R2 mfevtp; C:\windows\system32\mfevtps.exe [473040 2018-02-23] (McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669328 2018-04-02] (McAfee, Inc.) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1061528 2018-03-06] (McAfee, Inc.) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2018-06-09] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2018-06-09] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [File not signed] R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" R2 YTA2MmMzZDE1MjB; rundll32.exe C:\WINDOWS\smwgkfidpmjjaqow.smwgk HAKwrnJNP [X] S2 ZWViNmQxZDM3NzBjMWQ; C:\Program Files\ZWViNmQxZDM3NzBjMWQ\NTJhM2Y1Nj.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation) S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-02-28] (McAfee, LLC) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-05-24] (Malwarebytes) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc.) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-06-09] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112872 2018-06-10] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-06-10] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-09] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103656 2018-06-10] (Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [497568 2018-02-28] (McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [360352 2018-02-28] (McAfee, LLC) U3 mfeavfk01; no ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-02-28] (McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [529312 2018-02-28] (McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [953248 2018-02-28] (McAfee, LLC) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [543632 2018-01-22] (McAfee LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108432 2018-01-22] (McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115616 2018-02-28] (McAfee, LLC) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-02-28] (McAfee, LLC) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-04-01] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [66608 2017-03-31] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2018-06-09] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2018-06-09] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2018-06-09] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-10 16:09 - 2018-06-10 16:09 - 000019186 _____ C:\Users\Eric\Desktop\FRST.txt 2018-06-10 16:08 - 2018-06-10 16:09 - 000000000 ____D C:\FRST 2018-06-10 15:00 - 2018-06-10 15:00 - 002413056 _____ (Farbar) C:\Users\Eric\Desktop\FRST64.exe 2018-06-10 14:26 - 2018-06-10 14:30 - 000002134 _____ C:\Users\Eric\Desktop\Rkill.txt 2018-06-10 14:26 - 2018-06-10 14:26 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Eric\Desktop\rkill.exe 2018-06-10 14:20 - 2018-06-10 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2018-06-10 14:04 - 2018-06-10 14:04 - 000000828 _____ C:\AdwCleaner[R1].txt 2018-06-10 14:02 - 2018-06-10 14:09 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2018-06-10 13:04 - 2018-06-10 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 2018-06-10 13:02 - 2018-06-10 13:02 - 000001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk 2018-06-10 12:56 - 2018-06-10 12:56 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2018-06-10 12:56 - 2018-06-10 12:56 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll 2018-06-10 12:48 - 2018-06-10 13:07 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Visual Studio Setup 2018-06-10 12:48 - 2018-06-10 12:48 - 000001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2018-06-10 12:48 - 2018-06-10 12:48 - 000000000 ____D C:\Users\Eric\AppData\Roaming\vstelemetry 2018-06-10 12:48 - 2018-06-10 12:48 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft Visual Studio 2018-06-10 12:48 - 2018-06-10 12:48 - 000000000 ____D C:\Users\Eric\AppData\Local\ServiceHub 2018-06-10 12:47 - 2018-06-10 12:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2018-06-10 12:46 - 2018-06-10 12:46 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio 2018-06-10 12:37 - 2018-06-10 15:28 - 000103656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-06-10 12:34 - 2018-06-10 12:34 - 001208304 _____ (Microsoft Corporation) C:\Users\Eric\Desktop\vs_Community.exe 2018-06-10 12:22 - 2018-06-10 12:22 - 000996864 _____ C:\WINDOWS\smwgkfidpmjjaqow.smwgk 2018-06-10 12:09 - 2018-06-10 12:09 - 000003160 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1259819905-3050770896-629996550-1002 2018-06-10 12:09 - 2018-06-10 12:09 - 000002364 _____ C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk 2018-06-10 00:16 - 2018-06-10 00:16 - 000004480 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-06-10 00:06 - 2018-06-10 00:20 - 000000000 ____D C:\Users\Eric\AppData\LocalLow\Mozilla 2018-06-09 21:48 - 2018-06-10 14:02 - 000000000 ____D C:\Program Files\ZWViNmQxZDM3NzBjMWQ 2018-06-09 21:32 - 2018-06-10 14:15 - 000112872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-06-09 21:32 - 2018-06-10 14:15 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-06-09 21:32 - 2018-06-09 21:32 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2018-06-09 21:31 - 2018-06-09 21:31 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-06-09 21:31 - 2018-06-09 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-06-09 21:31 - 2018-06-09 21:31 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-06-09 21:31 - 2018-06-09 21:31 - 000000000 ____D C:\Program Files\Malwarebytes 2018-06-09 21:31 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-06-09 21:18 - 2018-06-10 00:17 - 000000000 ____D C:\Users\Eric\AppData\Local\Adobe 2018-06-09 21:18 - 2018-06-09 21:18 - 000000000 ____D C:\Users\Eric\AppData\LocalLow\Adobe 2018-06-09 20:45 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\5rjdlimipj1 2018-06-09 20:43 - 2018-06-09 20:43 - 000337976 _____ C:\WINDOWS\Minidump\060918-59890-01.dmp 2018-06-09 20:36 - 2018-06-09 20:36 - 000000000 ____D C:\Windows.old 2018-06-09 20:36 - 2018-06-09 17:08 - 000000000 ___DC C:\WINDOWS\Panther 2018-06-09 20:34 - 2018-06-10 13:14 - 000183934 _____ C:\WINDOWS\system32\prfh0404.dat 2018-06-09 20:34 - 2018-06-10 13:14 - 000057006 _____ C:\WINDOWS\system32\prfc0404.dat 2018-06-09 20:34 - 2018-06-09 20:34 - 000119664 _____ C:\WINDOWS\system32\prfi0404.dat 2018-06-09 20:34 - 2018-06-09 20:34 - 000033362 _____ C:\WINDOWS\system32\prfd0404.dat 2018-06-09 20:34 - 2018-06-09 16:17 - 000000000 ____D C:\Program Files\Windows Journal 2018-06-09 20:32 - 2018-06-09 20:32 - 000310792 _____ C:\Users\Eric\Downloads\b75c2630-2563-411c-b421-7a00e8d142d8.tmp 2018-06-09 20:28 - 2018-06-09 20:28 - 000000000 ____D C:\Users\Eric\Documents\ProcAlyzer Dumps 2018-06-09 20:28 - 2018-06-09 20:28 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-06-09 20:27 - 2018-06-09 20:27 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2018-06-09 20:26 - 2018-06-09 20:26 - 004710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-06-09 20:26 - 2018-06-09 20:26 - 004068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2018-06-09 20:26 - 2018-06-09 20:26 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 004837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 001574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2018-06-09 20:25 - 2018-06-09 20:25 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL 2018-06-09 20:25 - 2018-06-09 20:25 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL 2018-06-09 20:25 - 2018-06-09 20:25 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL 2018-06-09 20:25 - 2018-06-09 20:25 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL 2018-06-09 20:25 - 2018-06-09 20:25 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2018-06-09 20:25 - 2018-06-09 20:25 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2018-06-09 20:25 - 2018-06-09 20:25 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll 2018-06-09 20:25 - 2018-06-09 20:25 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 004417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 002985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 002745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 002528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 002450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 002447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 002334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 002324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 001288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 001207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 001115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 001037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2018-06-09 20:24 - 2018-06-09 20:24 - 000275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2018-06-09 20:24 - 2018-06-09 20:24 - 000244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2018-06-09 20:24 - 2018-06-09 20:24 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2018-06-09 20:24 - 2018-06-09 20:24 - 000116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2018-06-09 20:24 - 2018-06-09 20:24 - 000090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2018-06-09 20:24 - 2018-06-09 20:24 - 000076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 001090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 000672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2018-06-09 20:23 - 2018-06-09 20:23 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2018-06-09 20:23 - 2018-06-09 20:23 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2018-06-09 20:23 - 2018-06-09 20:23 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2018-06-09 20:23 - 2018-06-09 20:23 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2018-06-09 20:23 - 2018-06-09 20:23 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll 2018-06-09 20:23 - 2018-06-09 20:23 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2018-06-09 20:22 - 2018-06-09 20:22 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2018-06-09 20:22 - 2018-06-09 20:22 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2018-06-09 20:22 - 2018-06-09 20:22 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2018-06-09 20:22 - 2018-06-09 20:22 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2018-06-09 20:22 - 2018-06-09 20:22 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2018-06-09 20:22 - 2018-06-09 20:22 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys 2018-06-09 20:22 - 2018-06-09 20:22 - 000059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys 2018-06-09 20:22 - 2018-06-09 20:22 - 000051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys 2018-06-09 20:22 - 2018-06-09 20:22 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2018-06-09 20:22 - 2018-06-09 20:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys 2018-06-09 20:22 - 2018-06-09 20:22 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys 2018-06-09 20:21 - 2018-06-09 20:21 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2018-06-09 20:21 - 2018-06-09 20:21 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 018823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 015159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2018-06-09 20:20 - 2018-06-09 20:20 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2018-06-09 20:20 - 2018-06-09 20:20 - 000046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2018-06-09 20:19 - 2018-06-09 20:19 - 000951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll 2018-06-09 20:19 - 2018-06-09 20:19 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsparse.dll 2018-06-09 20:18 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\ebnjnmr2nph 2018-06-09 20:18 - 2018-06-09 21:01 - 000000000 ____D C:\Users\Eric\AppData\Local\kAUNCUkNWH 2018-06-09 20:18 - 2018-06-09 20:18 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2018-06-09 20:18 - 2018-06-09 20:18 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll 2018-06-09 20:18 - 2018-06-09 20:18 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll 2018-06-09 20:18 - 2018-06-09 20:18 - 000239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2018-06-09 20:18 - 2018-06-09 20:18 - 000179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2018-06-09 20:18 - 2018-06-09 20:18 - 000154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2018-06-09 20:18 - 2018-06-09 20:18 - 000140800 _____ C:\Users\Eric\AppData\Local\installer.dat 2018-06-09 20:18 - 2018-06-09 20:18 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2018-06-09 20:18 - 2018-06-09 20:18 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2018-06-09 20:18 - 2018-06-09 20:18 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2018-06-09 20:18 - 2018-06-09 20:18 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2018-06-09 20:18 - 2018-06-09 20:18 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2018-06-09 20:17 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\znm2ddhcgvh 2018-06-09 20:17 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\orvx4pexvbk 2018-06-09 20:17 - 2018-06-09 21:37 - 000000000 ____D C:\Users\Eric\AppData\Roaming\01ppmvbsuu2 2018-06-09 20:17 - 2018-06-09 20:17 - 001611944 _____ (Secure Download Ltd. ) C:\Users\Eric\Downloads\KMSpico_patch 2018-06-09 20:17 - 2018-06-09 20:17 - 000218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2018-06-09 20:17 - 2018-06-09 20:17 - 000192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2018-06-09 20:17 - 2018-06-09 20:17 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2018-06-09 20:17 - 2018-06-09 20:17 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2018-06-09 20:17 - 2018-06-09 20:17 - 000000000 ____D C:\Program Files\My Program 2018-06-09 20:16 - 2018-06-09 20:16 - 002067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2018-06-09 20:16 - 2018-06-09 20:16 - 001969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2018-06-09 20:16 - 2018-06-09 20:16 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll 2018-06-09 20:16 - 2018-06-09 20:16 - 001464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll 2018-06-09 20:16 - 2018-06-09 20:16 - 001230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll 2018-06-09 20:16 - 2018-06-09 20:16 - 001204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll 2018-06-09 20:16 - 2018-06-09 20:16 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2018-06-09 20:16 - 2018-06-09 20:16 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2018-06-09 20:16 - 2018-06-09 20:16 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2018-06-09 20:15 - 2018-06-09 21:38 - 000000000 ____D C:\Program Files (x86)\KMSPico 2018-06-09 20:15 - 2018-06-09 20:15 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2018-06-09 20:15 - 2018-06-09 20:15 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2018-06-09 20:15 - 2018-06-09 20:15 - 000155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2018-06-09 20:15 - 2018-06-09 20:15 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll 2018-06-09 20:15 - 2018-06-09 20:15 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 002819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 002757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-06-09 20:14 - 2018-06-09 20:14 - 002592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 002412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-06-09 20:14 - 2018-06-09 20:14 - 002171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 001673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 001278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2018-06-09 20:14 - 2018-06-09 20:14 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2018-06-09 20:14 - 2018-06-09 20:14 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2018-06-09 20:14 - 2018-06-09 20:14 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2018-06-09 20:14 - 2018-06-09 20:14 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2018-06-09 20:14 - 2018-06-09 20:14 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2018-06-09 20:13 - 2018-06-09 20:13 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2018-06-09 20:13 - 2018-06-09 20:13 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2018-06-09 20:13 - 2018-06-09 20:13 - 000292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL 2018-06-09 20:13 - 2018-06-09 20:13 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2018-06-09 20:13 - 2018-06-09 20:13 - 000243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL 2018-06-09 20:13 - 2018-06-09 20:13 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2018-06-09 20:13 - 2018-06-09 20:13 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2018-06-09 20:13 - 2018-06-09 20:13 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2018-06-09 20:13 - 2018-06-09 20:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2018-06-09 20:12 - 2018-06-09 20:12 - 000468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2018-06-09 20:12 - 2018-06-09 20:12 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll 2018-06-09 20:12 - 2018-06-09 20:12 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2018-06-09 20:12 - 2018-06-09 20:12 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 025744896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 020286464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 015431680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 015283200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 013679616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 013317632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 009323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2018-06-09 20:11 - 2018-06-09 20:11 - 009323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2018-06-09 20:11 - 2018-06-09 20:11 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 004690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 003548160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002513408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002295296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-06-09 20:11 - 2018-06-09 20:11 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-06-09 20:11 - 2018-06-09 20:11 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 001102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000995272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000955016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000787688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2018-06-09 20:11 - 2018-06-09 20:11 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2018-06-09 20:11 - 2018-06-09 20:11 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2018-06-09 20:11 - 2018-06-09 20:11 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2018-06-09 20:11 - 2018-06-09 20:11 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000274776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2018-06-09 20:11 - 2018-06-09 20:11 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000117592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2018-06-09 20:11 - 2018-06-09 20:11 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2018-06-09 20:11 - 2018-06-09 20:11 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2018-06-09 20:11 - 2018-06-09 20:11 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2018-06-09 20:11 - 2018-06-09 20:11 - 000072408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2018-06-09 20:11 - 2018-06-09 20:11 - 000069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000046600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2018-06-09 20:11 - 2018-06-09 20:11 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys 2018-06-09 20:11 - 2018-06-09 20:11 - 000020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll 2018-06-09 20:11 - 2018-06-09 20:11 - 000012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 022374248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 019790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 014466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 012879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 007797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 007406936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 007079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 007033344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 006214144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 005275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 005270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 004298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 003757056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003717632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003610112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 003084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002923520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002530400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002452824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 002013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 002003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001902328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-06-09 20:10 - 2018-06-09 20:10 - 001662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001565520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001549136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001536112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001500424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-06-09 20:10 - 2018-06-09 20:10 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001384216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001371344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001364552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001308336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001192960 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001171456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001137872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001115648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 001108480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001086976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001084928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2018-06-09 20:10 - 2018-06-09 20:10 - 001063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 001049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000922968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2018-06-09 20:10 - 2018-06-09 20:10 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000803696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2018-06-09 20:10 - 2018-06-09 20:10 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000612600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000567656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000537200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2018-06-09 20:10 - 2018-06-09 20:10 - 000533856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000531632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000513456 _____ C:\WINDOWS\SysWOW64\locale.nls 2018-06-09 20:10 - 2018-06-09 20:10 - 000513456 _____ C:\WINDOWS\system32\locale.nls 2018-06-09 20:10 - 2018-06-09 20:10 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2018-06-09 20:10 - 2018-06-09 20:10 - 000507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000461144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000450392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml 2018-06-09 20:10 - 2018-06-09 20:10 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2018-06-09 20:10 - 2018-06-09 20:10 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2018-06-09 20:10 - 2018-06-09 20:10 - 000420440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx 2018-06-09 20:10 - 2018-06-09 20:10 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000380248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000377688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000377344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000376656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000374096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000356184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000341384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000315736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000308872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000276816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2018-06-09 20:10 - 2018-06-09 20:10 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000242520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000214392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmitomi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000164296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS 2018-06-09 20:10 - 2018-06-09 20:10 - 000162850 _____ C:\WINDOWS\system32\C_932.NLS 2018-06-09 20:10 - 2018-06-09 20:10 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL 2018-06-09 20:10 - 2018-06-09 20:10 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmitomi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000158552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000140016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000136832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS 2018-06-09 20:10 - 2018-06-09 20:10 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL 2018-06-09 20:10 - 2018-06-09 20:10 - 000121168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000091992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000080078 _____ C:\WINDOWS\system32\normidna.nls 2018-06-09 20:10 - 2018-06-09 20:10 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000075440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000066112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS 2018-06-09 20:10 - 2018-06-09 20:10 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000057688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp 2018-06-09 20:10 - 2018-06-09 20:10 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp 2018-06-09 20:10 - 2018-06-09 20:10 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys 2018-06-09 20:10 - 2018-06-09 20:10 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-06-09 20:10 - 2018-06-09 20:10 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2018-06-09 20:10 - 2018-06-09 20:10 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll 2018-06-09 20:04 - 2018-06-10 13:14 - 000803102 _____ C:\WINDOWS\system32\perfh00A.dat 2018-06-09 20:04 - 2018-06-10 13:14 - 000163596 _____ C:\WINDOWS\system32\perfc00A.dat 2018-06-09 20:04 - 2018-06-09 20:34 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2018-06-09 20:04 - 2018-06-09 20:04 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2018-06-09 20:04 - 2018-06-09 20:04 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2018-06-09 20:04 - 2018-06-09 20:04 - 000487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2018-06-09 20:04 - 2018-06-09 20:04 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2018-06-09 20:04 - 2018-06-09 20:04 - 000410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-06-09 20:04 - 2018-06-09 20:04 - 000393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll 2018-06-09 20:04 - 2018-06-09 20:04 - 000346516 _____ C:\WINDOWS\system32\perfi00A.dat 2018-06-09 20:04 - 2018-06-09 20:04 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2018-06-09 20:04 - 2018-06-09 20:04 - 000043804 _____ C:\WINDOWS\system32\perfd00A.dat 2018-06-09 20:04 - 2018-06-09 20:04 - 000000000 ___RD C:\Users\Eric\OneDrive 2018-06-09 20:04 - 2018-06-09 20:04 - 000000000 ____D C:\WINDOWS\SysWOW64\es 2018-06-09 20:04 - 2018-06-09 20:04 - 000000000 ____D C:\WINDOWS\system32\es 2018-06-09 20:00 - 2018-06-09 23:42 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2018-06-09 20:00 - 2018-06-09 23:42 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2018-06-09 20:00 - 2018-06-09 23:42 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2018-06-09 19:57 - 2018-06-09 19:57 - 003820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 003273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 002162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2018-06-09 19:57 - 2018-06-09 19:57 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll 2018-06-09 19:57 - 2018-06-09 19:57 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2018-06-09 19:57 - 2018-06-09 19:57 - 000072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2018-06-09 19:57 - 2018-06-09 19:57 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 002256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 001455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2018-06-09 19:56 - 2018-06-09 19:56 - 000723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2018-06-09 19:56 - 2018-06-09 19:56 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2018-06-09 19:56 - 2018-06-09 19:56 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys 2018-06-09 19:56 - 2018-06-09 19:56 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2018-06-09 19:56 - 2018-06-09 19:56 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll 2018-06-09 19:56 - 2018-06-09 19:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe 2018-06-09 19:56 - 2018-06-09 19:56 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2018-06-09 19:55 - 2018-06-09 19:55 - 001728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2018-06-09 19:55 - 2018-06-09 19:55 - 000316760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2018-06-09 19:55 - 2018-06-09 19:55 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000262144 _____ C:\WINDOWS\system32\config\userdiff 2018-06-09 19:55 - 2018-06-09 19:55 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2018-06-09 19:55 - 2018-06-09 19:55 - 000038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2018-06-09 19:55 - 2018-06-09 19:55 - 000033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2018-06-09 19:51 - 2018-06-09 19:56 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-06-09 19:51 - 2018-06-09 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-06-09 19:48 - 2018-06-10 13:04 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-06-09 19:48 - 2018-06-09 19:48 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-06-09 19:48 - 2018-06-09 19:48 - 000000000 ____D C:\Program Files\MSBuild 2018-06-09 19:48 - 2018-06-09 19:48 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-06-09 19:48 - 2013-08-03 01:48 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2018-06-09 19:48 - 2013-08-03 01:48 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2018-06-09 19:48 - 2013-08-03 01:41 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2018-06-09 19:48 - 2013-08-03 01:41 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2018-06-09 19:47 - 2018-06-09 19:47 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe 2018-06-09 19:47 - 2018-06-09 19:47 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe 2018-06-09 19:33 - 2018-06-09 20:42 - 000000000 ____D C:\Program Files\WinRAR 2018-06-09 19:33 - 2018-06-09 19:51 - 000000000 ____D C:\Users\Eric\AppData\Roaming\WinRAR 2018-06-09 19:23 - 2018-06-09 19:53 - 000000000 ____D C:\Users\Eric\AppData\Roaming\qBittorrent 2018-06-09 19:23 - 2018-06-09 19:24 - 000000000 ____D C:\Users\Eric\AppData\Local\qBittorrent 2018-06-09 19:23 - 2018-06-09 19:23 - 000000000 ____D C:\Program Files\qBittorrent 2018-06-09 18:11 - 2018-06-10 12:10 - 000096768 ___SH C:\Users\Eric\Desktop\Thumbs.db 2018-06-09 18:09 - 2018-06-09 18:09 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2018-06-09 17:48 - 2018-06-09 20:43 - 000000000 ____D C:\WINDOWS\Minidump 2018-06-09 17:48 - 2018-06-09 17:48 - 001118584 _____ C:\WINDOWS\Minidump\060918-28515-01.dmp 2018-06-09 17:47 - 2018-06-09 20:42 - 984723409 _____ C:\WINDOWS\MEMORY.DMP 2018-06-09 17:08 - 2018-06-09 17:08 - 000001428 _____ C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2018-06-09 17:08 - 2018-06-09 17:08 - 000000020 ___SH C:\Users\Eric\ntuser.ini 2018-06-09 17:04 - 2018-06-09 17:04 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-06-09 16:20 - 2018-06-09 16:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2018-06-09 16:20 - 2018-06-09 16:20 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2018-06-09 16:19 - 2018-06-09 16:19 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2018-06-09 16:15 - 2018-06-09 16:15 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2018-06-09 16:14 - 2018-06-10 14:15 - 000000000 ____D C:\Users\Eric 2018-06-09 16:14 - 2014-11-21 05:52 - 000000369 _____ C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2018-06-09 16:14 - 2014-11-21 05:52 - 000000369 _____ C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2018-06-09 16:12 - 2018-06-09 17:05 - 000020958 _____ C:\WINDOWS\diagwrn.xml 2018-06-09 16:12 - 2018-06-09 17:05 - 000020958 _____ C:\WINDOWS\diagerr.xml 2018-06-09 16:02 - 2018-06-09 16:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-06-09 16:02 - 2018-06-09 16:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-06-09 16:02 - 2018-06-09 16:17 - 000000000 ____D C:\Program Files (x86)\Intel 2018-06-09 16:02 - 2018-06-09 16:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2018-06-09 16:02 - 2018-06-01 05:39 - 005947976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2018-06-09 16:02 - 2018-06-01 05:39 - 002612352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2018-06-09 16:02 - 2018-06-01 05:39 - 001767552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2018-06-09 16:02 - 2018-06-01 05:39 - 000634152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2018-06-09 16:02 - 2018-06-01 05:39 - 000450856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2018-06-09 16:02 - 2018-06-01 05:39 - 000124304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2018-06-09 16:02 - 2018-06-01 05:39 - 000083528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2018-06-09 16:02 - 2018-05-31 06:44 - 008193252 _____ C:\WINDOWS\system32\nvcoproc.bin 2018-06-09 16:02 - 2018-05-24 14:44 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2018-06-09 16:01 - 2018-06-09 16:01 - 000359626 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat 2018-06-09 16:01 - 2018-06-09 16:01 - 000006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat 2018-06-09 16:01 - 2018-06-09 16:01 - 000002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat 2018-06-09 16:01 - 2018-06-09 16:01 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2018-06-09 16:01 - 2018-06-09 16:01 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-06-09 16:01 - 2018-06-09 16:01 - 000000000 ____D C:\Program Files\Realtek 2018-06-09 16:01 - 2013-10-01 13:02 - 000064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2018-06-09 16:01 - 2013-10-01 13:02 - 000060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2018-06-09 13:23 - 2018-06-09 13:23 - 000098239 _____ C:\WINDOWS\uninstaller.dat 2018-06-09 13:12 - 2018-06-09 17:08 - 000000000 ____D C:\WINDOWS\SysWOW64\NV 2018-06-09 13:12 - 2018-06-09 17:08 - 000000000 ____D C:\WINDOWS\system32\NV 2018-06-09 13:10 - 2018-06-09 13:10 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-06-09 13:09 - 2018-06-09 13:09 - 000000000 ____D C:\WINDOWS\system32\unknown 2018-06-09 13:07 - 2018-06-02 00:06 - 040090152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2018-06-09 13:07 - 2018-06-02 00:06 - 032360304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2018-06-09 13:07 - 2018-06-02 00:06 - 016999360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2018-06-09 13:07 - 2018-06-02 00:06 - 001419200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2018-06-09 13:07 - 2018-06-02 00:06 - 001092008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2018-06-09 13:07 - 2018-06-02 00:06 - 000627240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2018-06-09 13:07 - 2018-06-02 00:06 - 000517544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2018-06-09 13:07 - 2018-06-02 00:06 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2018-06-09 13:07 - 2018-06-02 00:05 - 040346536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 035250624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 031276296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 025990104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 023298224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 020323576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 013727800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 011272944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 003964328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 003497024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 002014144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439811.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 001562208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 001468272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439811.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 001216448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 001157216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000904720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000505928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000420008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000182600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000165136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000159712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2018-06-09 13:07 - 2018-06-02 00:05 - 000142824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 019081176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 017782576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 015691144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 015192816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 004613600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 004081440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 000544296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 000462648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 000170376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdlistx.dll 2018-06-09 13:07 - 2018-06-02 00:04 - 000148352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvdlist.dll 2018-06-09 13:07 - 2018-06-01 07:27 - 000041598 _____ C:\WINDOWS\system32\nvinfo.pb 2018-06-09 13:07 - 2018-06-01 07:27 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2018-06-09 13:07 - 2018-06-01 07:27 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json 2018-06-09 12:50 - 2018-06-09 17:10 - 000000000 ____D C:\Users\Eric\AppData\Local\NVIDIA Corporation 2018-06-09 12:50 - 2018-06-09 12:50 - 000000000 ____D C:\Users\Eric\AppData\Local\NVIDIA 2018-06-09 12:50 - 2018-06-09 12:50 - 000000000 ____D C:\Users\Eric\AppData\Local\CEF 2018-06-09 12:49 - 2018-06-09 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-06-09 12:49 - 2018-06-09 12:49 - 000004146 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2018-06-09 12:49 - 000003852 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2018-06-09 12:49 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2018-06-09 12:49 - 000003738 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2018-06-09 12:49 - 000003730 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2018-06-09 12:49 - 000003554 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2018-06-09 12:49 - 000003494 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-06-09 12:49 - 2017-04-01 00:20 - 001882168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2018-06-09 12:49 - 2017-04-01 00:20 - 001756728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2018-06-09 12:49 - 2017-04-01 00:20 - 001470520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2018-06-09 12:49 - 2017-04-01 00:20 - 001318968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2018-06-09 12:49 - 2017-04-01 00:20 - 000121912 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2018-06-09 12:49 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2018-06-09 12:49 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2018-06-09 12:49 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2018-06-09 12:49 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2018-06-09 12:48 - 2017-04-01 00:20 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2018-06-09 12:46 - 2017-04-01 00:20 - 003588376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\SETD7C9.tmp 2018-06-09 12:46 - 2017-04-01 00:20 - 001988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll 2018-06-09 12:46 - 2017-04-01 00:20 - 001591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll 2018-06-09 12:46 - 2017-03-31 21:41 - 000172592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2018-06-09 12:46 - 2017-03-31 21:41 - 000146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2018-06-09 12:46 - 2017-03-31 21:41 - 000076840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2018-06-09 12:46 - 2017-03-31 21:41 - 000066608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2018-06-09 12:12 - 2018-06-09 12:12 - 000003180 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice 2018-06-09 12:12 - 2018-06-09 12:12 - 000003168 _____ C:\WINDOWS\System32\Tasks\RTKCPL 2018-06-09 12:12 - 2018-06-09 12:12 - 000003152 _____ C:\WINDOWS\System32\Tasks\RtHDVBg 2018-06-09 11:35 - 2018-06-09 21:46 - 000000000 ____D C:\WINDOWS\system32\AutoUpdateLicense 2018-06-09 11:27 - 2018-06-09 11:27 - 000000000 ____D C:\sources 2018-06-09 10:40 - 2018-06-09 10:40 - 000000000 ____D C:\NVIDIA 2018-06-09 04:41 - 2015-03-04 04:26 - 000011105 _____ C:\WINDOWS\system32\AutoconfigV2.cab 2018-06-09 04:07 - 2018-06-10 13:07 - 000003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2018-06-09 04:07 - 2018-06-10 13:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2018-06-09 04:04 - 2018-06-09 11:04 - 000003312 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare) 2018-06-09 04:04 - 2018-06-09 04:04 - 000000000 ____D C:\Program Files\Common Files\AV 2018-06-09 03:20 - 2018-06-09 03:20 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-06-09 03:04 - 2017-10-09 23:14 - 000218336 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2018-06-09 02:13 - 2018-06-09 02:14 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-06-09 02:13 - 2018-06-09 02:13 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-06-09 02:12 - 2018-06-09 02:12 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-06-09 00:24 - 2013-05-04 01:51 - 000014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs 2018-06-09 00:24 - 2013-05-04 01:10 - 000014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs 2018-06-09 00:17 - 2016-06-25 15:28 - 000050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2018-06-09 00:17 - 2016-06-25 12:55 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2018-06-09 00:13 - 2018-06-09 16:21 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake 2018-06-09 00:12 - 2018-06-09 00:13 - 000000000 ____D C:\Program Files\HandBrake 2018-06-08 23:42 - 2018-06-10 12:48 - 000000000 ____D C:\Program Files\Opera 2018-06-08 23:42 - 2018-06-08 23:42 - 000003812 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1528512163 2018-06-08 23:42 - 2018-06-08 23:42 - 000001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2018-06-08 23:42 - 2018-06-08 23:42 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Opera Software 2018-06-08 23:42 - 2018-06-08 23:42 - 000000000 ____D C:\Users\Eric\AppData\Local\Opera Software 2018-06-08 23:38 - 2018-06-10 14:20 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1259819905-3050770896-629996550-1002 2018-06-08 23:33 - 2018-06-10 14:16 - 000000074 _____ C:\Users\Eric\AppData\Roaming\sp_data.sys 2018-06-08 23:33 - 2018-06-08 23:33 - 000000000 ____D C:\Users\Eric\Documents\Bluetooth Folder 2018-06-08 23:33 - 2018-06-08 23:33 - 000000000 ____D C:\Users\Eric\AppData\Roaming\ASUS WebStorage 2018-06-08 23:33 - 2018-06-08 23:33 - 000000000 ____D C:\Users\Eric\AppData\Roaming\ASUS 2018-06-08 23:33 - 2018-06-08 23:33 - 000000000 ____D C:\Users\Eric\AppData\Local\BMExplorer 2018-06-08 23:32 - 2018-06-09 21:18 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Adobe 2018-06-08 23:32 - 2018-06-09 17:09 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD 2018-06-08 23:32 - 2018-06-08 23:32 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Macromedia 2018-06-08 23:32 - 2018-06-08 23:32 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Atheros 2018-06-08 23:32 - 2018-06-08 23:32 - 000000000 ____D C:\ProgramData\FolderView 2018-06-08 23:31 - 2018-06-09 20:55 - 000000000 ____D C:\Users\Eric\AppData\Local\VirtualStore 2018-06-08 23:30 - 2018-06-09 22:14 - 000000000 ____D C:\Users\Eric\AppData\Local\Packages 2018-06-08 23:30 - 2018-06-09 16:21 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2018-06-08 23:30 - 2018-06-08 23:32 - 000000000 ____D C:\Users\Eric\AppData\Local\ASUS ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-10 14:15 - 2013-06-01 06:38 - 000000000 ____D C:\ProgramData\NVIDIA 2018-06-10 14:14 - 2013-08-22 11:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-06-10 14:14 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf 2018-06-10 13:56 - 2013-08-22 12:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-06-10 13:56 - 2012-11-27 15:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-06-10 13:20 - 2012-11-27 15:28 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-06-10 13:13 - 2012-11-27 15:28 - 000000000 ____D C:\Program Files\mcafee 2018-06-10 13:13 - 2012-11-27 15:28 - 000000000 ____D C:\Program Files\Common Files\mcafee 2018-06-10 13:08 - 2012-11-27 15:28 - 000000000 ____D C:\ProgramData\McAfee 2018-06-10 13:05 - 2012-07-26 05:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-06-10 13:03 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-06-10 13:01 - 2012-07-26 04:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-06-10 00:16 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-06-10 00:16 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-06-09 23:42 - 2013-08-22 12:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-09 22:58 - 2014-11-21 05:44 - 002055862 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-06-09 22:22 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-06-09 21:09 - 2013-06-01 06:44 - 000000000 ____D C:\Program Files (x86)\Bluetooth Suite 2018-06-09 20:42 - 2013-08-22 11:44 - 000365504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-06-09 20:36 - 2013-08-22 12:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template 2018-06-09 20:34 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2018-06-09 20:34 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2018-06-09 20:34 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2018-06-09 20:34 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\system32\winrm 2018-06-09 20:34 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\system32\slmgr 2018-06-09 20:34 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ___SD C:\WINDOWS\system32\dsc 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\WinStore 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\migwiz 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\Com 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\FileManager 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files\Windows Defender 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-06-09 20:34 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2018-06-09 20:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2018-06-09 20:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2018-06-09 20:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\Dism 2018-06-09 20:34 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\servicing 2018-06-09 20:12 - 2014-11-21 05:39 - 002473472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2018-06-09 20:12 - 2013-08-22 12:36 - 000000000 ___RD C:\WINDOWS\ToastData 2018-06-09 20:12 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2018-06-09 20:12 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\setup 2018-06-09 19:55 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2018-06-09 17:30 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2018-06-09 17:05 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\Registration 2018-06-09 17:02 - 2013-08-22 12:36 - 000000000 __RSD C:\WINDOWS\Media 2018-06-09 17:02 - 2013-08-22 12:36 - 000000000 __RHD C:\Users\Public\Libraries 2018-06-09 16:21 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2018-06-09 16:21 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM 2018-06-09 16:21 - 2013-06-01 06:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2018-06-09 16:21 - 2012-11-27 15:28 - 000000000 ____D C:\WINDOWS\fr 2018-06-09 16:21 - 2012-11-27 15:28 - 000000000 ____D C:\WINDOWS\es 2018-06-09 16:21 - 2012-11-27 15:28 - 000000000 ____D C:\WINDOWS\en 2018-06-09 16:21 - 2012-11-27 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2018-06-09 16:20 - 2012-07-26 02:37 - 000000000 ____D C:\Users\Default.migrated 2018-06-09 16:19 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2018-06-09 16:19 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2018-06-09 16:19 - 2014-11-21 05:00 - 000000000 ____D C:\WINDOWS\system32\WCN 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\spool 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\MUI 2018-06-09 16:19 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\system32\IME 2018-06-09 16:19 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2018-06-09 16:19 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-06-09 16:19 - 2013-06-01 06:40 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2018-06-09 16:17 - 2013-08-22 12:43 - 000000000 ____D C:\WINDOWS\DigitalLocker 2018-06-09 16:17 - 2013-08-22 12:36 - 000000000 __SHD C:\Program Files\Windows Sidebar 2018-06-09 16:17 - 2013-08-22 12:36 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2018-06-09 16:17 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2018-06-09 16:17 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\IME 2018-06-09 16:17 - 2013-08-22 12:36 - 000000000 ____D C:\WINDOWS\Help 2018-06-09 16:17 - 2013-08-22 12:36 - 000000000 ____D C:\Program Files\Common Files\System 2018-06-09 16:17 - 2013-06-01 06:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2018-06-09 16:17 - 2012-08-01 22:24 - 000000000 ____D C:\ProgramData\PRICache 2018-06-09 14:32 - 2014-11-21 19:09 - 000000000 ___HD C:\$Windows.~BT 2018-06-09 13:58 - 2012-07-26 05:12 - 000000000 ____D C:\WINDOWS\AUInstallAgent 2018-06-09 13:11 - 2013-06-01 06:37 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-06-09 12:49 - 2013-06-01 06:49 - 000003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2018-06-09 12:49 - 2013-06-01 06:49 - 000003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2018-06-08 23:35 - 2012-11-27 15:26 - 000000000 ____D C:\ProgramData\ChangeFolderView 2018-06-08 23:33 - 2013-06-01 06:48 - 000000000 ____D C:\ProgramData\Atheros 2018-06-08 23:32 - 2012-08-01 22:36 - 000000000 ____D C:\WINDOWS\Log ==================== Files in the root of some directories ======= 2018-06-08 23:33 - 2018-06-10 14:16 - 000000074 _____ () C:\Users\Eric\AppData\Roaming\sp_data.sys 2018-06-09 20:18 - 2018-06-09 20:18 - 000140800 _____ () C:\Users\Eric\AppData\Local\installer.dat Some files in TEMP: ==================== 2018-06-09 19:48 - 2018-06-09 19:48 - 000141824 _____ () C:\Users\Eric\AppData\Local\Temp\rarext.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-06-09 15:56 ==================== End of FRST.txt ============================ Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01 Ran by Eric (10-06-2018 16:10:31) Running from C:\Users\Eric\Desktop Windows 8.1 (Update) (X64) (2018-06-09 20:08:18) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1259819905-3050770896-629996550-500 - Administrator - Disabled) Eric (S-1-5-21-1259819905-3050770896-629996550-1002 - Administrator - Enabled) => C:\Users\Eric Guest (S-1-5-21-1259819905-3050770896-629996550-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1259819905-3050770896-629996550-1006 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Actualización de NVIDIA 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation) Hidden Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated) Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated) ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.0 - ASUS) ASUS FaceKey (HKLM-x32\...\{ACE24C70-743B-43B0-8045-817FF050800B}) (Version: 4.1.0.0 - ) ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.1 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.0.1 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.0 - ASUS) ASUS Video DSP (HKLM-x32\...\{B80DB514-46E5-43AA-B68C-1EBBF5CF7D34}) (Version: 1.0.000 - ) ASUS Video Magic (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.) Hidden ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.) Hidden ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0028 - ASUS) CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3718_45957 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.5817a - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden Galería de fotos (HKLM-x32\...\{8F7FECEC-088F-431D-A5FB-2B59E1E69943}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{446CC8CE-0E90-44F7-ADD0-774B243EF090}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden HandBrake 1.1.0 (HKLM-x32\...\HandBrake) (Version: 1.1.0 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Malwarebytes versión 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 16.0 R11 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.203 - McAfee, Inc.) Microsoft OneDrive (HKU\S-1-5-21-1259819905-3050770896-629996550-1002\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1247.518 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{022C7C52-B294-4346-88BC-C7C2FF7FF1B7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{13F3CEA5-9E2C-4C4E-9F0F-D0DB389CF4A9}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A17946CA-18E5-4CF0-8D55-A56D804718F8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{E0B5FDF0-6940-44B2-8204-CFA746A6B4AF}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) NVIDIA Controlador de gráficos 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation) NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden Opera Stable 53.0.2907.68 (HKLM-x32\...\Opera 53.0.2907.68) (Version: 53.0.2907.68 - Opera Software) qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1040 - SUPERAntiSpyware.com) Visual Studio Community 2017 (HKLM-x32\...\6b4c9def) (Version: 15.7.27703.2026 - Microsoft Corporation) vs_filehandler_amd64 (HKLM-x32\...\{B6600254-A9D1-4265-826B-28B0E28C1F37}) (Version: 15.7.27617 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{EF15DAFE-8E43-48E6-AE94-CBA196675318}) (Version: 15.7.27617 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1}) (Version: 15.7.27617 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) 影像中心 (HKLM-x32\...\{631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden 照片库 (HKLM-x32\...\{017E337D-D709-437C-83DB-71F82AA78BF6}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-04-24] (Qualcomm Atheros Commnucations) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-04-24] (Qualcomm Atheros Commnucations) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-01] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2018-04-11] (McAfee, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0F20CED3-5028-4474-8973-CDE399F186A0} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [2018-03-27] (McAfee, Inc.) Task: {182B318C-9F69-4147-85B9-8A9CADE85354} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-01] (NVIDIA Corporation) Task: {1AAD7520-3451-4E4B-B50E-2C5FBF4CE5BB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-01] (NVIDIA Corporation) Task: {24F73D6F-FDD4-43C5-8FDA-89770FD5A855} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-04-12] (ASUSTek Computer Inc.) Task: {28D1C1B0-A927-4C9E-A857-A3F306AA078E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {30565007-A7C4-4FC8-9178-9EB09188F47A} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION Task: {443DD9F3-3CF3-4524-8E8A-E994C94529DB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {4BB72D2E-7D35-446D-BDDF-65ADFCB8DBE0} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-02-06] (AsusTek) Task: {50744602-0641-4206-9C70-9F18EBB7B162} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.) Task: {64E0FE42-F9EA-4E22-A54C-2D0F641D2C3E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {66797CA5-8A83-41A5-866F-EED82AA7ACE1} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: {674746BD-A7EA-43A0-BD8B-28282F672B52} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-01] (NVIDIA Corporation) Task: {7EC566D8-BC4C-4780-B0E1-CC342E6B8251} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-03-26] (ASUSTek Computer Inc.) Task: {85DD7543-190B-4C87-8921-56F048523000} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] () Task: {90F795EB-8535-4892-8577-1FDFCDDEB74F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-04-29] (ASUS) Task: {91064BB7-616B-4F09-A20F-E3DAC297DB63} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-01] (NVIDIA Corporation) Task: {936118E1-2963-4CBD-BA4B-C5E41E661422} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-01] (NVIDIA Corporation) Task: {A5296403-7E0C-49F6-A457-E829E329D689} - System32\Tasks\Opera scheduled Autoupdate 1528512163 => C:\Program Files\Opera\launcher.exe [2018-05-23] (Opera Software) Task: {C18A4959-2823-461E-8967-07A503569E6A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-10] (Adobe Systems Incorporated) Task: {C6C0371E-F73D-4700-8D1D-2747ED7232B6} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.) Task: {CFC77388-D21B-45D5-BA67-B3E0A7CB1932} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS) Task: {DA28D737-6870-4F62-AEBE-4DDD5B80970D} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {DA8BA56F-40FB-471B-BA20-BF2142A8E5C9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {E336262B-BB10-440F-8769-ABE332FCC851} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe Task: {E3B3907A-C113-453F-847D-627A82F0DDBB} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.) Task: {E40D6E24-BA8C-456C-A509-1472F761EBDB} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {EE433EEC-288E-480A-AEC4-85D68183582B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-01] (NVIDIA Corporation) Task: {F4201FB3-8081-4411-A3B3-D3913B4E2339} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-01] (NVIDIA Corporation) Task: {FBD977D7-9D11-482E-AE4B-049757CAC9A7} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-03-13] (McAfee, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-06-01 06:53 - 2009-04-17 07:01 - 000247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2018-06-09 21:31 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-06-09 21:31 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-04-06 08:05 - 2018-04-06 08:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll 2013-04-29 20:03 - 2013-04-29 20:03 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2018-06-08 23:42 - 2018-05-23 01:59 - 101425752 _____ () C:\Program Files\Opera\53.0.2907.68\opera_browser.dll 2018-06-08 23:42 - 2018-05-23 01:59 - 004447832 _____ () C:\Program Files\Opera\53.0.2907.68\libglesv2.dll 2018-06-08 23:42 - 2018-05-23 01:59 - 000100440 _____ () C:\Program Files\Opera\53.0.2907.68\libegl.dll 2018-06-10 12:22 - 2018-06-10 12:22 - 000996864 _____ () C:\WINDOWS\smwgkfidpmjjaqow.smwgk 2018-06-09 12:49 - 2017-04-01 00:20 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2018-06-09 12:49 - 2017-04-01 00:20 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2018-06-09 12:49 - 2017-04-01 00:20 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2018-06-09 12:49 - 2017-04-01 00:20 - 002443320 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2018-06-09 12:49 - 2017-04-01 00:20 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2018-06-09 12:49 - 2017-04-01 00:20 - 000543288 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2018-06-09 12:49 - 2017-04-01 00:20 - 000468536 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 10:25 - 2018-06-09 21:19 - 000000818 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1259819905-3050770896-629996550-1002\Control Panel\Desktop\\Wallpaper -> D:\IMAGENES\Geometry Daily\fondo.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{AAEBA0EA-2750-49ED-879E-27240D5D2CF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E9C45924-882D-40A6-843D-620E4D4CEA39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0ACC4582-DD67-4A51-BC99-4CF9063F9C82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{07411457-0F1C-4E2B-877A-4E896134EB5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0CE08B5B-A0D4-4B42-842C-7F6CDE0A7597}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{4EB4DDE1-62AB-4E9B-BBAD-3937E7C7FBB5}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{882B9A3E-B556-4058-AE8B-07A907386E26}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{3A5B0432-E1F6-453A-B5D9-F103D236FCFC}] => (Allow) C:\Program Files\Opera\53.0.2907.68\opera.exe FirewallRules: [{73E0E5E0-6EA3-41FB-B8D9-6A05451FA638}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{8E182202-4C6B-4EF9-A0E7-8E750233D341}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{1BD1389A-3459-424B-A516-9F7F04DB6EDB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE FirewallRules: [{818DD9CA-B86C-4651-8C48-BB6A28E34DEE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{63B3D8F2-BDF8-441E-993F-3ECA05CDFA5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{1E2B0167-C004-409D-8E55-72C2409D12B1}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{381E8562-61F2-430C-9154-FB9EA4AC6E37}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{89A8808F-8A4A-4CD6-8FFD-B8643FC13ABF}] => (Allow) LPort=1900 FirewallRules: [{963C85A6-046F-40AB-92E5-424F10D98037}] => (Allow) LPort=2869 FirewallRules: [{B817702A-CB1E-4ABB-8461-53568BAEC851}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3A89D7A8-9F39-4F1A-80D8-0E09D6FAF09C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{5248ECD9-ACC3-42B8-88B9-4A3E8D280971}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{EA51280E-E379-41AC-99C2-189D6316D0E8}] => (Allow) C:\Users\Eric\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{782F7376-3082-446F-9D80-077111F9E292}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe FirewallRules: [{DB5591F2-4BFA-4BF9-88CB-1B8D2D011066}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe ==================== Restore Points ========================= 09-06-2018 20:03:37 Windows Update ==================== Faulty Device Manager Devices ============= Name: HL-DT-ST DVDRAM GU71N Description: Unidad de CD-ROM Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Unidades de CD-ROM estándar) Service: cdrom Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/10/2018 02:15:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: mbam.exe, versión: 3.0.0.1496, marca de tiempo: 0x5b0f3943 Nombre del módulo con errores: KERNELBASE.dll, versión: 6.3.9600.18895, marca de tiempo: 0x5a4b127e Código de excepción: 0xc0000142 Desplazamiento de errores: 0x0009d4e2 Identificador del proceso con errores: 0x768 Hora de inicio de la aplicación con errores: 0x01d400deb064b3f5 Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Ruta de acceso del módulo con errores: KERNELBASE.dll Identificador del informe: f09bde0f-6cd1-11e8-be82-74d02b0d904e Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (06/10/2018 02:05:47 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa SUPERAntiSpyware.exe, versión 5.6.0.1040, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades. Identificador de proceso: ea0 Hora de inicio: 01d400dcf092d234 Hora de finalización: 0 Ruta de acceso de la aplicación: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Identificador de informe: 8257f454-6cd0-11e8-be81-74d02b0d904e Nombre completo de paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (06/10/2018 01:04:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: REW) Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219" Error: (06/10/2018 01:03:33 PM) (Source: MsiInstaller) (EventID: 1002) (User: REW) Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219" Error: (06/10/2018 01:03:28 PM) (Source: MsiInstaller) (EventID: 1002) (User: REW) Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219" Error: (06/10/2018 01:02:28 PM) (Source: MsiInstaller) (EventID: 1002) (User: REW) Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219" Error: (06/10/2018 01:02:27 PM) (Source: MsiInstaller) (EventID: 1002) (User: REW) Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219" Error: (06/10/2018 01:02:12 PM) (Source: MsiInstaller) (EventID: 1002) (User: REW) Description: Valor inesperado o no encontrado (nombre: "PackageCode", valor: "GUID") en la clave "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219" System errors: ============= Error: (06/10/2018 04:09:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 04:07:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 04:05:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 04:03:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 04:01:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 03:59:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 03:57:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} no se registró con DCOM dentro del tiempo de espera requerido. Error: (06/10/2018 03:55:51 PM) (Source: DCOM) (EventID: 10010) (User: REW) Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2018-06-09 03:25:46.872 Description: Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas. Firmas intentadas: Actual Código de error: 0x80073aba Descripción del error: The resource is too old to be compatible. Versión de firma: 1.129.21.0;1.129.21.0 Versión de motor: 1.1.8502.0 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz Percentage of memory in use: 37% Total physical RAM: 8075.25 MB Available physical RAM: 5047.87 MB Total Virtual: 16267.25 MB Available Virtual: 11758.13 MB ==================== Drives ================================ Drive ? (OS) (Fixed) (Total:371.82 GB) (Free:277.49 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (DATA) (Fixed) (Total:537.6 GB) (Free:464.88 GB) NTFS \\?\Volume{67507a76-cf75-4355-a48b-b51e9e72b142}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.42 GB) NTFS \\?\Volume{292448be-de6d-4e1e-be42-4bbf3b5a49bb}\ () (Fixed) (Total:0.44 GB) (Free:0.15 GB) NTFS \\?\Volume{c18348b5-8e85-4bcd-892e-0739018986bb}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS \\?\Volume{e6b194ed-304e-4879-a1c9-94814153f5a3}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.28 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 115DA0F7) Partition: GPT. ==================== End of Addition.txt ============================
-
Hello! I recently made a factory reset to my lapot. I'm running Windows 8.1 on an Asus. Yesterday trying to crack the office package I made a huge mistake installing some crack, I managed to get rid of most of it with huge help from Malwarebytes software, but I still have a huge issue with Windows Explorer. For some reason all icons are not showing, Control Panel is blank, thus I can't figure out how to do another factory reset. This i my current hijack log: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 01:51:54 p.m., on 10/06/2018 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.18817) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe D:\DESCARGAS\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: McAfee Application Installer Cleanup (0100421528647615) (0100421528647615mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\010042~1.EXE O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: ClientAnalyticsService - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\mcafee\msc\McAWFwk.exe O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Service Controller (mfemms) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing) O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: McAfee PEF Service (PEFService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: YTA2MmMzZDE1MjB - Unknown owner - rundll32.exe (file missing) O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: ZWViNmQxZDM3NzBjMWQ - Unknown owner - C:\Program Files\ZWViNmQxZDM3NzBjMWQ\NTJhM2Y1Nj.exe (file missing) -- End of file - 28314 bytes I am suprised to see how many svchost.exe there are. Please any help would be much appreciated. Thanks in advance.
