Jump to content

Search the Community

Showing results for tags 'slow internet'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 8 results

  1. Hi, I'm dealing with this problem for some time now so i decided to ask for help. I have absolutely no idea why, or how this happened but these ads are killing me. The internet is running really slow and the ads are everywhere. On youtube I can only close them using inspect element. They are in foreign languages like fckin swedish or smt, german, even russian. Please...help me.
  2. Hi there, my laptop seems having slow internet connection but other device that is also connected to the same network have faster connection than my laptop. It happens everytime i installed Malwarebytes, but when i uninstalled, my internet is normal again but i still want to use Malwarebytes. Also, Malwarebytes keep detecting unbound connection like every minutes. I'm afraid if these unbound connection is the reason why my internet is slow on my laptop. I hope you can help me with these problems. This is log file from FRST and its Addition.txt FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01 Ran by husna swizzle (administrator) on HEMMOSWIFTHUSNA (27-01-2017 18:02:02) Running from D:\apps Loaded Profiles: husna swizzle (Available Profiles: husna swizzle) Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Windows\MultiSessions\1612262\Session.exe () C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (PhantomJS) C:\Windows\MultiSessions\1612262\phantomjs.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Apple Inc.) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-08-05] (ELAN Microelectronics Corp.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-26] (Microsoft Corporation) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-24] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.) HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1979072 2016-12-21] (BitTorrent Inc.) HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2017-01-27] (Spotify Ltd) HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\MountPoints2: {f8bb7296-a262-11e6-bfd4-54271e669dbc} - "F:\startme.exe" ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-25] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-25] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-25] () ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-25] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-25] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\User\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-25] () ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-24] (Microsoft Corporation) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-07-27] ShortcutTarget: MEGAsync.lnk -> C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{8c8cfca7-088a-44b3-b7b1-82147357239c}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9d41d250-d9cf-444a-b487-530f6d1b9122}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/ HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKU\S-1-5-21-1783475628-1044346471-1235079275-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-22] (Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-22] (Oracle Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6mu3f3ni.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zo736bja.default [2017-01-27] FF Homepage: Mozilla\Firefox\Profiles\zo736bja.default -> www.google.com FF Extension: (Test Pilot) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zo736bja.default\Extensions\testpilot@labs.mozilla.com.xpi [2014-07-30] [not signed] FF ProfilePath: C:\Users\User\AppData\Roaming\Profiles\6mu3f3ni.default [2016-07-08] FF Homepage: Profiles\6mu3f3ni.default -> about:home FF Extension: (Test Pilot) - C:\Users\User\AppData\Roaming\Profiles\6mu3f3ni.default\Extensions\testpilot@labs.mozilla.com.xpi [2014-07-30] [not signed] FF ProfilePath: C:\Users\User\AppData\Roaming\KompoZer\Profiles\79bqbv0l.default [2014-09-09] FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-07] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-07] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-10-21] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-24] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-24] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-13] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-18] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxp://www.google.com.my/ CHR StartupUrls: Profile 1 -> "chrome://apps/","hxxp://www.google.com.my/","hxxp://www.google.com","hxxps://www.youtube.com/watch?v=2sHu6vT-4q4","hxxp://fskkp.ump.edu.my/","hxxps://www.google.com/" CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\berjuspgraatherfufit [2017-01-10] <==== ATTENTION CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-01-25] CHR Extension: (Easy Auto Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-05-24] CHR Extension: (Validity) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbicmjjbohdfglopkidebfccilipgeif [2016-05-27] CHR Extension: (matt) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgnpfoohihphlofnmhkjnmmbnldnlnm [2016-03-12] CHR Extension: (Unlimited Free VPN - Betternet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2016-07-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Browsec VPN - Privacy and Security Online) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-06-30] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-27] CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-08] CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-08] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-08] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-08] CHR Extension: (Adblock for Youtube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-10-14] CHR Extension: (Justin Bieber Company) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dnbkaomllgcdpnpdkaekccajbijmaenc [2016-07-11] CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-08] CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-08] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjknjjomckknofjidppipffbpoekiipm [2017-01-27] CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-19] CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-08] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-29] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-25] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3697352 2017-01-21] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-08-05] (ELAN Microelectronics Corp.) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] () R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-10-21] () R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [735936 2015-08-17] (@ByELDI) [File not signed] R2 Sessions; C:\WINDOWS\MultiSessions\1612262\Session.exe [15872 2016-12-26] () [File not signed] S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] () R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-27] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-27] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-27] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-27] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-27] (Malwarebytes) R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [39944 2015-06-17] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-12-31] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation ) R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed] S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-07-08] (Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-27 18:01 - 2017-01-27 18:02 - 00000000 ____D C:\FRST 2017-01-27 16:53 - 2017-01-27 16:53 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\50F10524.sys 2017-01-27 16:13 - 2017-01-27 16:13 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-01-27 16:12 - 2017-01-27 17:00 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-01-27 16:12 - 2017-01-27 16:56 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-27 16:12 - 2017-01-27 16:56 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-01-27 16:12 - 2017-01-27 16:56 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-27 16:12 - 2017-01-27 16:12 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-01-27 16:12 - 2017-01-27 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-27 16:12 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-27 16:10 - 2017-01-27 16:10 - 00000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP 2017-01-27 11:15 - 2017-01-27 18:05 - 161668345 _____ C:\Users\User\Downloads\The.Legend.of.the.Blue.Sea.E20.mp4.crdownload 2017-01-26 08:59 - 2017-01-26 08:59 - 00000000 ____D C:\Users\User\AppData\LocalLow\uTorrent 2017-01-25 11:22 - 2016-12-21 15:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 11:22 - 2016-12-21 12:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-25 10:53 - 2017-01-25 10:53 - 00378032 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-25 10:14 - 2017-01-25 10:14 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-23 16:40 - 2017-01-23 16:40 - 00002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-01-23 16:40 - 2017-01-23 16:40 - 00002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-01-23 16:32 - 2017-01-24 16:54 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-01-23 16:32 - 2017-01-24 16:54 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-01-23 16:30 - 2017-01-23 16:30 - 01065376 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup (7).exe 2017-01-12 20:47 - 2017-01-12 20:47 - 01065376 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup (6).exe 2017-01-11 20:18 - 2017-01-11 20:19 - 01065376 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup (5).exe 2017-01-11 18:37 - 2016-12-14 12:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-11 18:37 - 2016-12-14 12:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-11 18:36 - 2016-12-21 16:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-11 18:36 - 2016-12-21 16:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-11 18:36 - 2016-12-21 15:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-11 18:36 - 2016-12-21 15:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-11 18:36 - 2016-12-21 15:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-11 18:36 - 2016-12-21 15:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-11 18:36 - 2016-12-21 15:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-11 18:36 - 2016-12-21 15:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-11 18:36 - 2016-12-21 15:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-11 18:36 - 2016-12-21 15:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-11 18:36 - 2016-12-21 15:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-11 18:36 - 2016-12-21 15:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-11 18:36 - 2016-12-21 15:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-11 18:36 - 2016-12-21 14:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-11 18:36 - 2016-12-21 14:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-11 18:36 - 2016-12-21 14:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-11 18:36 - 2016-12-21 14:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-11 18:36 - 2016-12-21 14:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-11 18:36 - 2016-12-21 14:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-11 18:36 - 2016-12-21 13:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-11 18:36 - 2016-12-21 13:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-11 18:36 - 2016-12-21 13:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-11 18:36 - 2016-12-21 12:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-11 18:36 - 2016-12-21 12:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-11 18:36 - 2016-12-21 12:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-11 18:36 - 2016-12-21 12:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-11 18:36 - 2016-12-21 12:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-11 18:36 - 2016-12-21 12:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-11 18:36 - 2016-12-21 12:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-11 18:36 - 2016-12-21 12:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-11 18:36 - 2016-12-21 12:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-11 18:36 - 2016-12-21 12:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-11 18:36 - 2016-12-21 12:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-11 18:36 - 2016-12-14 13:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-11 18:36 - 2016-12-14 13:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-11 18:36 - 2016-12-14 13:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-11 18:36 - 2016-12-14 13:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-11 18:36 - 2016-12-14 13:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-11 18:36 - 2016-12-14 12:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-11 18:36 - 2016-12-14 12:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-11 18:36 - 2016-12-14 12:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-11 18:36 - 2016-12-14 12:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-11 18:36 - 2016-12-14 12:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-11 18:36 - 2016-12-14 12:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-11 18:36 - 2016-12-14 12:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-11 18:36 - 2016-12-14 12:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-11 18:36 - 2016-12-14 12:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-11 18:36 - 2016-12-14 12:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-11 18:36 - 2016-12-14 12:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-11 18:36 - 2016-12-14 12:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-11 18:36 - 2016-12-14 12:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-11 18:36 - 2016-12-14 12:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-11 18:36 - 2016-12-14 12:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-11 18:36 - 2016-12-14 12:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-11 18:36 - 2016-12-14 12:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-11 18:36 - 2016-12-14 12:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-11 18:36 - 2016-12-14 12:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-11 18:36 - 2016-11-02 20:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-11 18:36 - 2016-08-02 12:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-11 18:35 - 2016-12-21 15:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-11 18:35 - 2016-12-21 15:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-11 18:35 - 2016-12-21 15:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-11 18:35 - 2016-12-21 15:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-11 18:35 - 2016-12-21 15:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-11 18:35 - 2016-12-21 15:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-11 18:35 - 2016-12-21 15:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-11 18:35 - 2016-12-21 15:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-11 18:35 - 2016-12-21 15:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-11 18:35 - 2016-12-21 15:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-11 18:35 - 2016-12-21 14:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-11 18:35 - 2016-12-21 14:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-11 18:35 - 2016-12-21 14:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-11 18:35 - 2016-12-21 14:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-11 18:35 - 2016-12-21 14:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-11 18:35 - 2016-12-21 14:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-11 18:35 - 2016-12-21 14:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-11 18:35 - 2016-12-21 14:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-11 18:35 - 2016-12-21 14:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-11 18:35 - 2016-12-21 13:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-11 18:35 - 2016-12-21 13:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-11 18:35 - 2016-12-21 12:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-11 18:35 - 2016-12-21 12:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-11 18:35 - 2016-12-21 12:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-11 18:35 - 2016-12-21 12:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-11 18:35 - 2016-12-21 12:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-11 18:35 - 2016-12-21 12:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-11 18:35 - 2016-12-21 12:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-11 18:35 - 2016-12-21 12:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-11 18:35 - 2016-12-21 12:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-11 18:35 - 2016-12-21 12:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-11 18:35 - 2016-12-21 12:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-11 18:35 - 2016-12-21 12:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-11 18:35 - 2016-12-14 13:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-11 18:35 - 2016-12-14 13:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-11 18:35 - 2016-12-14 13:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-11 18:35 - 2016-12-14 13:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-11 18:35 - 2016-12-14 12:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-11 18:35 - 2016-12-14 12:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 18:35 - 2016-12-14 12:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-11 18:35 - 2016-12-14 12:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-11 18:35 - 2016-12-14 12:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-11 18:35 - 2016-12-14 12:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-11 18:35 - 2016-12-14 12:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-11 18:35 - 2016-12-14 12:25 - 02795520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll 2017-01-11 18:35 - 2016-12-14 12:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-11 18:35 - 2016-12-14 12:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-11 18:35 - 2016-12-14 12:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-11 18:35 - 2016-12-14 12:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-11 18:35 - 2016-11-02 18:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-11 18:34 - 2016-12-21 16:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-11 18:34 - 2016-12-21 15:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-11 18:34 - 2016-12-21 15:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-11 18:34 - 2016-12-21 15:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-11 18:34 - 2016-12-21 15:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-11 18:34 - 2016-12-21 15:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-11 18:34 - 2016-12-21 15:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-11 18:34 - 2016-12-21 15:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-11 18:34 - 2016-12-21 15:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-11 18:34 - 2016-12-21 15:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-11 18:34 - 2016-12-21 15:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-11 18:34 - 2016-12-21 15:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-11 18:34 - 2016-12-21 15:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-11 18:34 - 2016-12-21 15:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-11 18:34 - 2016-12-21 15:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-11 18:34 - 2016-12-21 15:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-11 18:34 - 2016-12-21 14:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-11 18:34 - 2016-12-21 14:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-11 18:34 - 2016-12-21 14:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-11 18:34 - 2016-12-21 14:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-11 18:34 - 2016-12-21 14:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-11 18:34 - 2016-12-21 13:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-11 18:34 - 2016-12-21 13:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-11 18:34 - 2016-12-21 13:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-11 18:34 - 2016-12-21 13:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-11 18:34 - 2016-12-21 12:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-11 18:34 - 2016-12-21 12:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-11 18:34 - 2016-12-21 12:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-11 18:34 - 2016-12-21 12:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-11 18:34 - 2016-12-21 12:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-11 18:34 - 2016-12-14 13:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-11 18:34 - 2016-12-14 13:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-11 18:34 - 2016-12-14 13:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-11 18:34 - 2016-12-14 13:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-11 18:34 - 2016-12-14 13:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-11 18:34 - 2016-12-14 13:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-11 18:34 - 2016-12-14 13:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-11 18:34 - 2016-12-14 13:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-11 18:34 - 2016-12-14 13:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-11 18:34 - 2016-12-14 12:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-11 18:34 - 2016-12-14 12:42 - 00384000 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe 2017-01-11 18:34 - 2016-12-14 12:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-11 18:34 - 2016-12-14 12:41 - 00362496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe 2017-01-11 18:34 - 2016-12-14 12:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-11 18:34 - 2016-12-14 12:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-11 18:34 - 2016-12-14 12:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-11 18:34 - 2016-12-14 12:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 18:34 - 2016-12-14 12:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-11 18:34 - 2016-12-14 12:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-11 18:34 - 2016-12-14 12:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-11 18:34 - 2016-12-14 12:35 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll 2017-01-11 18:34 - 2016-12-14 12:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-11 18:34 - 2016-12-14 12:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-11 18:34 - 2016-12-14 12:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-11 18:34 - 2016-12-14 12:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-11 18:34 - 2016-12-14 12:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-11 18:34 - 2016-11-02 19:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-11 18:34 - 2016-11-02 18:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-11 18:34 - 2016-11-02 18:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-09 12:58 - 2017-01-09 12:58 - 00000000 ____D C:\quardata 2017-01-09 12:20 - 2017-01-09 12:20 - 00000000 ____D C:\Users\User\AppData\Roaming\PCProtect 2016-12-30 15:02 - 2016-12-09 17:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll 2016-12-30 15:02 - 2016-12-09 17:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll 2016-12-30 15:02 - 2016-12-09 17:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-30 15:02 - 2016-12-09 17:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll 2016-12-30 15:02 - 2016-11-11 15:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll 2016-12-30 15:02 - 2016-11-11 15:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-12-30 15:02 - 2016-11-11 15:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe 2016-12-30 15:02 - 2016-11-11 15:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-12-30 15:02 - 2016-11-11 15:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-12-30 15:02 - 2016-11-11 15:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2016-12-30 15:02 - 2016-11-11 15:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2016-12-30 15:02 - 2016-11-11 15:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2016-12-30 15:02 - 2016-11-11 15:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-12-30 15:02 - 2016-11-11 15:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-12-30 15:02 - 2016-11-11 15:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-12-30 15:02 - 2016-11-11 15:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-12-30 15:02 - 2016-11-11 15:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-12-30 15:01 - 2016-12-09 18:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-30 15:01 - 2016-12-09 18:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-30 15:01 - 2016-12-09 18:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-30 15:01 - 2016-12-09 18:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-30 15:01 - 2016-12-09 18:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-30 15:01 - 2016-12-09 17:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-12-30 15:01 - 2016-12-09 17:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-30 15:01 - 2016-12-09 17:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-30 15:01 - 2016-12-09 17:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-12-30 15:01 - 2016-12-09 17:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-30 15:01 - 2016-12-09 17:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-30 15:01 - 2016-12-09 17:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-30 15:01 - 2016-12-09 17:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-30 15:01 - 2016-12-09 17:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-30 15:01 - 2016-12-09 17:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-30 15:01 - 2016-12-09 17:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-30 15:01 - 2016-12-09 17:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-30 15:01 - 2016-12-09 17:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-30 15:01 - 2016-12-09 17:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-30 15:01 - 2016-12-09 17:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-12-30 15:01 - 2016-12-09 17:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-30 15:01 - 2016-12-09 17:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-12-30 15:01 - 2016-12-09 17:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-30 15:01 - 2016-12-09 17:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-12-30 15:01 - 2016-12-09 17:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-30 15:01 - 2016-12-09 17:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-30 15:01 - 2016-12-09 17:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-30 15:01 - 2016-12-09 16:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-30 15:01 - 2016-11-11 16:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2016-12-30 15:01 - 2016-11-11 16:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2016-12-30 15:01 - 2016-11-11 16:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-12-30 15:01 - 2016-11-11 15:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-12-30 15:01 - 2016-11-11 15:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2016-12-30 15:01 - 2016-11-11 15:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-12-30 15:01 - 2016-11-11 15:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-12-30 15:01 - 2016-11-11 15:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-12-30 15:01 - 2016-11-11 15:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-12-30 15:01 - 2016-11-11 15:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-12-30 15:01 - 2016-11-11 15:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2016-12-30 15:01 - 2016-11-11 15:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-12-30 15:01 - 2016-11-11 15:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2016-12-30 15:01 - 2016-11-11 15:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll 2016-12-30 15:01 - 2016-11-11 15:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll 2016-12-30 15:01 - 2016-11-11 15:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-12-30 15:01 - 2016-11-11 15:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe 2016-12-30 15:01 - 2016-11-11 15:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe 2016-12-30 15:01 - 2016-11-11 15:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-12-30 15:01 - 2016-11-11 15:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-12-30 15:01 - 2016-11-11 15:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2016-12-30 15:01 - 2016-11-11 15:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-12-30 15:01 - 2016-11-11 15:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-12-30 15:01 - 2016-11-11 15:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-12-30 15:01 - 2016-11-11 15:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-12-30 15:01 - 2016-11-11 15:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-12-30 15:01 - 2016-11-11 15:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-12-30 15:01 - 2016-11-11 15:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2016-12-30 15:01 - 2016-11-11 15:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-12-30 15:01 - 2016-11-11 15:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-30 15:01 - 2016-11-11 15:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2016-12-30 15:01 - 2016-11-11 15:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-12-30 15:01 - 2016-11-11 15:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-12-30 15:01 - 2016-11-11 15:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-12-30 15:01 - 2016-11-11 15:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-12-30 15:01 - 2016-11-11 15:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-12-30 15:01 - 2016-11-11 15:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2016-12-30 15:01 - 2016-11-11 15:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2016-12-30 15:01 - 2016-11-11 15:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll 2016-12-30 15:01 - 2016-11-11 15:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2016-12-30 15:01 - 2016-11-11 15:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2016-12-30 15:01 - 2016-11-11 15:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-30 15:01 - 2016-11-11 15:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-12-30 15:01 - 2016-11-11 15:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-12-30 15:01 - 2016-11-11 15:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2016-12-30 15:01 - 2016-11-11 15:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2016-12-30 15:01 - 2016-11-11 15:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2016-12-30 15:01 - 2016-11-11 15:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll 2016-12-30 15:01 - 2016-11-11 15:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-12-30 15:01 - 2016-11-11 15:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2016-12-30 15:01 - 2016-11-11 15:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-12-30 15:01 - 2016-11-11 15:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-12-30 15:01 - 2016-11-11 15:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll 2016-12-30 15:01 - 2016-11-11 15:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2016-12-30 15:01 - 2016-11-11 15:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2016-12-30 15:01 - 2016-11-11 15:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2016-12-30 15:01 - 2016-11-11 15:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll 2016-12-30 15:01 - 2016-11-11 15:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-12-30 15:01 - 2016-11-11 15:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-12-30 15:01 - 2016-11-11 15:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-12-30 15:01 - 2016-11-11 15:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2016-12-30 15:01 - 2016-11-11 15:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-12-30 15:01 - 2016-11-11 15:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-12-30 15:01 - 2016-11-11 15:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-12-30 15:01 - 2016-11-11 15:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-12-30 15:01 - 2016-11-11 15:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2016-12-30 15:01 - 2016-11-11 15:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-12-30 15:01 - 2016-11-11 15:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-12-30 15:01 - 2016-11-11 15:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-12-30 14:54 - 2016-12-09 18:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-30 14:54 - 2016-11-11 18:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2016-12-30 14:54 - 2016-11-11 17:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-12-30 14:54 - 2016-11-11 17:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-12-30 14:54 - 2016-11-11 17:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2016-12-30 14:54 - 2016-11-11 17:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-12-30 14:54 - 2016-11-11 17:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-12-30 14:53 - 2016-12-09 18:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-30 14:53 - 2016-12-09 18:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-30 14:53 - 2016-12-09 18:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-30 14:53 - 2016-12-09 17:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-12-30 14:53 - 2016-12-09 17:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-30 14:53 - 2016-12-09 17:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-30 14:53 - 2016-11-11 18:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-12-30 14:53 - 2016-11-11 18:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2016-12-30 14:53 - 2016-11-11 18:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-12-30 14:53 - 2016-11-11 18:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-12-30 14:53 - 2016-11-11 18:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-12-30 14:53 - 2016-11-11 18:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-12-30 14:53 - 2016-11-11 18:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-12-30 14:53 - 2016-11-11 17:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-12-30 14:53 - 2016-11-11 17:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll 2016-12-30 14:53 - 2016-11-11 17:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2016-12-30 14:53 - 2016-11-11 17:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-12-30 14:53 - 2016-11-11 17:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-12-30 14:53 - 2016-11-11 17:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-12-30 14:53 - 2016-11-11 17:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-12-30 14:53 - 2016-11-11 17:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys 2016-12-30 14:53 - 2016-11-11 17:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2016-12-30 14:53 - 2016-11-11 17:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-12-30 14:53 - 2016-11-11 17:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2016-12-30 14:53 - 2016-11-11 17:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2016-12-30 14:53 - 2016-11-11 17:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-12-30 14:53 - 2016-11-11 17:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-12-30 14:53 - 2016-11-11 17:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2016-12-30 14:53 - 2016-11-11 17:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2016-12-30 14:53 - 2016-11-11 17:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-12-30 14:53 - 2016-11-11 17:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2016-12-30 14:53 - 2016-11-11 17:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2016-12-30 14:53 - 2016-11-11 17:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-12-30 14:53 - 2016-11-11 17:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-12-30 14:53 - 2016-11-11 17:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2016-12-30 14:53 - 2016-11-11 17:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-12-30 14:53 - 2016-11-11 17:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2016-12-30 14:53 - 2016-11-11 17:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2016-12-30 14:53 - 2016-11-11 17:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-12-30 14:53 - 2016-11-11 17:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2016-12-30 14:53 - 2016-11-11 17:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-12-30 14:53 - 2016-11-11 17:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2016-12-30 14:53 - 2016-11-11 17:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2016-12-30 14:53 - 2016-11-11 17:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-12-30 14:53 - 2016-11-11 17:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2016-12-30 14:53 - 2016-11-11 17:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2016-12-30 14:53 - 2016-11-11 17:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-12-30 14:53 - 2016-11-11 17:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2016-12-30 14:53 - 2016-11-11 17:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll 2016-12-30 14:53 - 2016-11-11 17:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-12-30 14:53 - 2016-11-11 17:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2016-12-30 14:53 - 2016-11-11 17:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-12-30 14:53 - 2016-11-11 17:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2016-12-30 14:53 - 2016-11-11 17:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-12-30 14:53 - 2016-11-11 17:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2016-12-30 14:53 - 2016-11-11 17:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-12-30 14:53 - 2016-11-11 17:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-12-30 14:53 - 2016-11-11 17:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-12-30 14:53 - 2016-11-11 17:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-12-30 14:53 - 2016-11-11 17:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-12-30 14:53 - 2016-11-11 17:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2016-12-30 14:53 - 2016-11-11 17:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-12-30 14:53 - 2016-11-11 17:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-12-30 14:53 - 2016-11-11 17:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2016-12-30 14:53 - 2016-11-11 17:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-12-30 14:52 - 2016-12-09 18:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-12-30 14:52 - 2016-12-09 18:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-12-30 14:52 - 2016-12-09 18:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-30 14:52 - 2016-12-09 18:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-30 14:52 - 2016-12-09 18:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-12-30 14:52 - 2016-12-09 18:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-30 14:52 - 2016-12-09 18:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-30 14:52 - 2016-12-09 18:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-30 14:52 - 2016-12-09 18:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-30 14:52 - 2016-12-09 18:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-12-30 14:52 - 2016-12-09 17:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll 2016-12-30 14:52 - 2016-12-09 17:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2016-12-30 14:52 - 2016-12-09 17:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-30 14:52 - 2016-12-09 17:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll 2016-12-30 14:52 - 2016-12-09 17:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-30 14:52 - 2016-12-09 17:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-30 14:52 - 2016-12-09 17:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-30 14:52 - 2016-12-09 17:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-30 14:52 - 2016-12-09 17:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-12-30 14:52 - 2016-12-09 17:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll 2016-12-30 14:52 - 2016-12-09 17:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-12-30 14:52 - 2016-12-09 17:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-30 14:52 - 2016-12-09 17:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-30 14:52 - 2016-12-09 17:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-12-30 14:52 - 2016-12-09 17:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-12-30 14:52 - 2016-12-09 17:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-12-30 14:52 - 2016-12-09 17:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2016-12-30 14:52 - 2016-11-11 18:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-12-30 14:52 - 2016-11-11 18:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2016-12-30 14:52 - 2016-11-11 18:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll 2016-12-30 14:52 - 2016-11-11 18:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-12-30 14:52 - 2016-11-11 18:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-12-30 14:52 - 2016-11-11 18:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-12-30 14:52 - 2016-11-11 18:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-12-30 14:52 - 2016-11-11 17:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2016-12-30 14:52 - 2016-11-11 17:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-12-30 14:52 - 2016-11-11 17:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-12-30 14:52 - 2016-11-11 17:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2016-12-30 14:52 - 2016-11-11 17:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll 2016-12-30 14:52 - 2016-11-11 17:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-12-30 14:52 - 2016-11-11 17:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe 2016-12-30 14:52 - 2016-11-11 17:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll 2016-12-30 14:52 - 2016-11-11 17:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-12-30 14:52 - 2016-11-11 17:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-12-30 14:52 - 2016-11-11 17:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-12-30 14:52 - 2016-11-11 17:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-12-30 14:52 - 2016-11-11 17:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2016-12-30 14:52 - 2016-11-11 17:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2016-12-30 14:52 - 2016-11-11 17:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-12-30 14:52 - 2016-11-11 17:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll 2016-12-30 14:52 - 2016-11-11 17:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-12-30 14:52 - 2016-11-11 17:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-12-30 14:52 - 2016-11-11 17:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-12-30 14:52 - 2016-11-11 17:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-12-30 14:52 - 2016-11-11 17:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-12-30 14:52 - 2016-11-11 17:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-12-30 14:52 - 2016-11-11 17:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2016-12-30 14:52 - 2016-11-11 17:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-12-30 14:52 - 2016-11-11 17:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2016-12-30 14:52 - 2016-11-11 17:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2016-12-30 14:52 - 2016-11-11 17:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2016-12-30 14:52 - 2016-11-11 17:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2016-12-30 14:52 - 2016-11-11 17:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-12-30 14:52 - 2016-11-11 17:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-12-30 14:52 - 2016-11-11 17:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-12-30 14:52 - 2016-11-11 17:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll 2016-12-30 14:52 - 2016-11-11 17:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2016-12-30 14:52 - 2016-11-11 17:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2016-12-30 14:52 - 2016-11-11 17:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-12-30 14:52 - 2016-11-11 17:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2016-12-30 14:52 - 2016-11-11 17:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-12-30 14:52 - 2016-11-11 17:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-12-30 14:52 - 2016-11-11 17:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-12-30 14:52 - 2016-11-11 17:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-12-30 14:52 - 2016-11-11 17:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-12-30 14:52 - 2016-11-11 17:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-12-30 14:52 - 2016-11-11 17:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-12-30 14:52 - 2016-11-11 17:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-12-30 14:52 - 2016-11-11 17:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-12-30 14:52 - 2016-11-11 17:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-12-30 14:52 - 2016-11-11 17:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-12-30 14:52 - 2016-11-11 17:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-12-30 14:52 - 2016-11-11 17:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-12-30 14:51 - 2016-12-09 18:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-12-30 14:51 - 2016-12-09 18:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-12-30 14:51 - 2016-12-09 18:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-12-30 14:51 - 2016-12-09 18:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-12-30 14:51 - 2016-12-09 18:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-30 14:51 - 2016-12-09 18:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-30 14:51 - 2016-12-09 18:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-30 14:51 - 2016-12-09 18:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-30 14:51 - 2016-12-09 18:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-12-30 14:51 - 2016-12-09 18:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-12-30 14:51 - 2016-12-09 18:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-12-30 14:51 - 2016-12-09 18:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-12-30 14:51 - 2016-12-09 18:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-30 14:51 - 2016-12-09 17:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-30 14:51 - 2016-12-09 17:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-30 14:51 - 2016-12-09 17:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-30 14:51 - 2016-12-09 17:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-30 14:51 - 2016-12-09 17:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-30 14:51 - 2016-12-09 17:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-30 14:51 - 2016-11-11 18:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2016-12-30 14:51 - 2016-11-11 18:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2016-12-30 14:51 - 2016-11-11 17:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe 2016-12-30 14:51 - 2016-11-11 17:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll 2016-12-30 14:51 - 2016-11-11 17:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2016-12-30 14:51 - 2016-11-11 17:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2016-12-30 14:51 - 2016-11-11 17:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-12-30 14:51 - 2016-11-11 17:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-12-30 14:51 - 2016-11-11 17:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-12-30 14:51 - 2016-11-11 17:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe 2016-12-30 14:51 - 2016-11-11 17:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-12-30 14:51 - 2016-11-11 17:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2016-12-30 14:51 - 2016-11-11 17:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-12-30 14:51 - 2016-11-11 17:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-12-30 14:51 - 2016-11-11 17:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2016-12-30 14:51 - 2016-11-11 17:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2016-12-30 14:51 - 2016-11-11 17:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2016-12-30 14:51 - 2016-11-11 17:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll 2016-12-30 14:51 - 2016-11-11 17:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll 2016-12-30 14:51 - 2016-11-11 17:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-12-30 14:51 - 2016-11-11 17:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-12-30 14:50 - 2016-11-11 18:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-12-30 14:50 - 2016-11-11 17:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-12-30 14:50 - 2016-11-11 17:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-12-29 19:28 - 2016-12-29 19:28 - 00000000 ____D C:\WINDOWS\MultiSessions 2016-12-29 19:04 - 2016-12-29 19:21 - 00009538 _____ C:\Users\User\Desktop\Book1.xlsx ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-01-27 18:04 - 2016-07-08 15:05 - 00267645 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-01-27 17:10 - 2014-05-22 21:21 - 00000074 _____ C:\Users\User\AppData\Roaming\sp_data.sys 2017-01-27 17:08 - 2015-08-11 06:45 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-01-27 17:03 - 2015-07-30 16:18 - 01253286 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-27 16:56 - 2016-10-25 18:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-27 16:55 - 2016-07-16 14:04 - 03932160 _____ C:\WINDOWS\system32\config\BBI 2017-01-27 16:29 - 2014-09-15 02:32 - 00000000 ____D C:\Users\User\AppData\Local\Spotify 2017-01-27 16:24 - 2014-09-15 02:20 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify 2017-01-27 16:11 - 2015-06-17 10:26 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-27 15:57 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-27 15:49 - 2016-10-25 17:34 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-27 12:00 - 2016-10-25 18:53 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-01-27 12:00 - 2016-10-25 18:53 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-01-27 11:40 - 2016-07-16 19:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-27 11:18 - 2015-02-20 22:21 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc 2017-01-27 11:01 - 2014-06-14 00:12 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent 2017-01-27 11:01 - 2014-06-10 00:52 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape 2017-01-27 09:29 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-27 08:23 - 2016-07-16 19:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-26 04:13 - 2016-07-16 19:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-25 16:30 - 2014-05-23 14:33 - 00000000 ___RD C:\Users\User\OneDrive 2017-01-25 12:21 - 2016-07-16 19:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-25 12:14 - 2013-04-24 12:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-01-25 12:02 - 2014-06-06 21:29 - 00000000 ____D C:\Users\User\AppData\Local\Akamai 2017-01-25 09:57 - 2015-06-15 10:15 - 00000000 ____D C:\ProgramData\SecTaskMan 2017-01-24 07:47 - 2016-12-21 12:57 - 00003306 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-24 07:47 - 2015-07-30 16:57 - 00002413 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-23 16:39 - 2015-02-07 18:23 - 00000000 ____D C:\Program Files (x86)\Google 2017-01-19 13:19 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-16 18:06 - 2014-05-23 12:19 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-16 07:59 - 2016-07-16 19:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-16 07:59 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-16 07:59 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-16 07:59 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-16 07:59 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-11 22:48 - 2014-05-22 21:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-01-11 21:33 - 2014-05-23 13:32 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-11 21:24 - 2014-05-23 13:32 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-11 18:50 - 2016-10-25 18:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-08 23:36 - 2016-01-11 06:18 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-01-06 23:08 - 2014-05-22 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Packages 2017-01-03 13:15 - 2015-02-06 22:58 - 00000000 ____D C:\Users\User\AppData\Roaming\CodeBlocks 2016-12-31 23:21 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\config\TxR 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\en-US 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\system32\Boot 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-12-31 23:20 - 2016-07-16 19:47 - 00000000 ____D C:\WINDOWS\AppPatch 2016-12-31 23:20 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-12-31 23:20 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-12-31 23:20 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-12-31 23:20 - 2016-07-16 14:04 - 00000000 ____D C:\WINDOWS\servicing 2016-12-29 19:55 - 2016-07-16 19:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-12-28 11:50 - 2016-05-05 22:14 - 00000000 ____D C:\Users\User\Documents\SE stuff 2016-12-28 11:50 - 2014-07-27 17:41 - 00000000 ____D C:\Users\User\Documents\F1 Challenge 99-02 ==================== Files in the root of some directories ======= 2014-11-18 19:03 - 2014-11-19 11:40 - 5182489 _____ () C:\Users\User\AppData\Roaming\ICARE.LOG 2014-05-22 21:21 - 2017-01-27 17:10 - 0000074 _____ () C:\Users\User\AppData\Roaming\sp_data.sys 2014-05-22 21:20 - 2015-07-30 15:01 - 1692629 _____ () C:\Users\User\AppData\Local\BTServer.log 2015-02-22 21:53 - 2015-02-22 21:53 - 0003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-31 22:38 - 2015-01-31 22:38 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg 2016-12-11 00:32 - 2016-12-11 00:32 - 0000105 _____ () C:\ProgramData\.sdplic 2016-04-21 21:33 - 2016-04-21 21:33 - 0000006 ____S () C:\ProgramData\b7881bfbf3333a9b3c1821485ddb664027384a0f 2016-10-25 17:37 - 2016-10-25 17:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-07-07 21:32 - 2016-07-07 21:32 - 0000016 _____ () C:\ProgramData\mntemp 2016-07-07 21:32 - 2016-07-07 21:32 - 0004864 _____ () C:\ProgramData\oqztiqep.adk 2013-04-24 12:09 - 2012-09-07 19:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-04-24 12:09 - 2009-07-22 18:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-04-24 12:09 - 2012-09-07 19:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS 2014-06-23 00:38 - 2014-06-23 00:38 - 0004155 _____ () C:\ProgramData\uxxadbmu.rlu ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-01-20 20:46 ==================== End of FRST.txt ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01 Ran by husna swizzle (27-01-2017 18:08:08) Running from D:\apps Windows 10 Home Single Language Version 1607 (X64) (2016-10-25 11:01:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1783475628-1044346471-1235079275-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1783475628-1044346471-1235079275-503 - Limited - Disabled) Guest (S-1-5-21-1783475628-1044346471-1235079275-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1783475628-1044346471-1235079275-1005 - Limited - Enabled) husna swizzle (S-1-5-21-1783475628-1044346471-1235079275-1001 - Administrator - Enabled) => C:\Users\User ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) 7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Reader XI (11.0.19) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated) Advanced Archive Password Recovery (HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.) Akamai NetSession Interface (HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden Canon E400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_E400_series) (Version: 1.00 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.5.14 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) CodeBlocks (HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) ELAN Touchpad 15.8.4.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.4.3 - ELAN Microelectronic Corp.) Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation) FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - ) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.10.5266 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden IBM Installation Manager (HKLM\...\IBM Installation Manager) (Version: - ) IBM Software Delivery Platform (HKLM-x32\...\IM-IBM Software Delivery Platform) (Version: - ) IBM® Rational® Software Architect (IBM Software Delivery Platform) (HKLM\...\IBMIM_win.uninstall.registry_IBM Software Delivery Platform_com.ibm.rational.rsa.91) (Version: 9.1 - IBM) II-Jap (HKLM-x32\...\II-Jap) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.304.16315 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) K-Lite Codec Pack 8.1.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.1.0 - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.) Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia) Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia) Malwarebytes Activation (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 3.0.5.1299 - Malwarebytes) Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Maxx Audio Installer (x64) (Version: 2.6.6168.8 - Waves Audio Ltd.) Hidden Media Player Classic - Home Cinema 1.5.3.3917 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.3.3917 - MPC-HC Team) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.7668.2066 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.7668.2066 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7668.2066 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Phòng Ảnh (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation) Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation) Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012314 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0239 - REALTEK Semiconductor Corp.) Security Task Manager 2.0d (HKLM-x32\...\Security Task Manager) (Version: 2.0d - Neuber Software) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sonic Pi (HKLM-x32\...\{B1F99D10-2791-415A-B727-95511CC72687}) (Version: 2.9 - Sonic Pi) Spotify (HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden The Sims 4 Deluxe Edition version 1.0.732.20 Update 5 (HKLM-x32\...\The Sims 4 Deluxe Edition_is1) (Version: 1.0.732.20 Update 5 - GMT-MAX.ORG) TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony) Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS) Windows Driver Package - ASUS (ATP) Mouse (10/31/2013 1.0.0.191) (HKLM\...\15591935E93BF0A0E42CA53B578EE5E630971E15) (Version: 10/31/2013 1.0.0.191 - ASUS) Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) फोटो सामान्य (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1783475628-1044346471-1235079275-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1783475628-1044346471-1235079275-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1783475628-1044346471-1235079275-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1783475628-1044346471-1235079275-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1783475628-1044346471-1235079275-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0358E5EF-7DE0-48BA-9A9C-EE00FE1D2394} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {0A1B158C-862B-4043-ADE6-42EA94E4EC1C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-01-21] (Microsoft Corporation) Task: {0DCEB2FA-BAC6-4FCD-ADE8-9BC7EB2ED8B0} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] () Task: {0F5B02C5-A921-4D6B-B00D-75E60303D46B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-23] (Google Inc.) Task: {10BB1433-8910-4672-8703-1DFF46CBEC9F} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {147A3C75-A68F-4DCC-AC71-B5173D07A5F4} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns Task: {1EF208FD-8BD5-4506-A9CD-8798416250F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {1F80C60D-663B-43CE-BFAA-094C19890C5F} - System32\Tasks\Dmww => C:\ProgramData\123833\Dmww.exe Task: {2361852B-3F92-4123-A212-693BC914F587} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {25EAF12B-6975-4291-B3A9-93BB0C3671CF} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor) Task: {349FCC8F-9AE4-48DD-BEF8-88523BED91E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-01-21] (Microsoft Corporation) Task: {34BDD95B-8B71-4B97-8928-5BB09D3FC24E} - \WPD\SqmUpload_S-1-5-21-1783475628-1044346471-1235079275-1001 -> No File <==== ATTENTION Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {372E0551-92C8-4513-ABDF-18D51C299081} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-23] (Google Inc.) Task: {37379E9E-4993-4B10-AE1E-D4B8D0E30586} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-08] (ASUSTeK Computer Inc.) Task: {39DCFD4B-6979-48FB-8462-6E97E444A811} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-19] (ASUSTek Computer Inc.) Task: {4B96B860-892A-4E6A-8ADA-F6B346AEE180} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor) Task: {4CE56E10-4703-4C84-B55A-0A9F7ECF210C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {55BF643A-ABCF-428B-8E1D-4B56CBA7500A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {58F46864-F601-4722-A7AC-A646BB368462} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {7529076A-EA69-4481-B85D-D61C677B92CF} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {82B20158-6EA4-4085-BD8F-B9215484E035} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {834C98B5-6093-4BC5-BE5D-0C88E4407D6B} - System32\Tasks\{2CB347F7-E649-40D7-8E42-BEA8566DCB81} => pcalua.exe -a "D:\games\nfs undercover 2\eauninstall.exe" -d "D:\games\nfs undercover 2" Task: {83F24FCB-F22B-4C86-905B-CCD591E3EF20} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION Task: {8612970A-C164-4A7E-8BDC-7C181F199C95} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {8AADA266-BBB9-4E84-ABB6-9BB4DBA48D11} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor) Task: {8DCC5279-76F7-41CE-B2D3-4DD9B5C7F9DF} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION Task: {8FF37A76-AA4A-4749-A496-E05C908DC224} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {9E2606B0-5676-470A-8B27-286078B6A2BD} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-17] (@ByELDI) Task: {ABEEF400-F8D5-4E6B-A63B-CF1A1C2C01CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-22] (Microsoft Corporation) Task: {AD81D0F9-92D9-4125-8E52-5AC1FB420839} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {ADBFB4B0-F5FB-47D1-80C1-8A53378D896E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {B53E627B-BC9C-4275-85C1-F5CE92AD796E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {B8E5D00E-F6A4-4B12-B22B-68706752CDBE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {CC7E9C77-1AE5-4307-80ED-9670255DB636} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {D4D1483D-893A-464F-B846-FBD1D30942AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-01-22] (Microsoft Corporation) Task: {D777774D-E758-48B6-AEF6-202589BF5D06} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {D8A7AC19-A2CA-40B4-A411-9A044B6B2856} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {DE853B8F-11E9-4E62-BBAD-CE3374C72960} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {F05CF5BB-B95D-4043-BB81-CFD0DA822609} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {F377402C-7E41-4C27-BF67-0690C706AEF4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {F37A8D2B-71F8-41E6-9AE6-66BCDC0F3D4A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-08] (ASUS) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => rundll32.exe C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll <==== ATTENTION Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\74fd7adc89c8a744\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 19:42 - 2016-07-16 19:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-30 14:52 - 2016-12-09 18:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2014-07-12 23:10 - 2013-01-28 10:49 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-12-29 19:29 - 2016-12-26 19:47 - 00015872 _____ () C:\WINDOWS\MultiSessions\1612262\Session.exe 2015-10-21 13:47 - 2015-10-21 13:47 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-12-19 14:10 - 2012-12-19 14:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2017-01-27 16:12 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-27 16:12 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2017-01-27 16:12 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-12-30 14:52 - 2016-12-09 18:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-06-30 16:23 - 2016-11-25 12:24 - 00592384 _____ () C:\Users\User\AppData\Local\MEGAsync\ShellExtX64.dll 2016-04-02 16:22 - 2017-01-21 20:39 - 08930496 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-10-26 09:22 - 2016-10-26 09:22 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 18:35 - 2016-12-21 15:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 18:34 - 2016-12-21 14:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 18:34 - 2016-12-21 14:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 18:34 - 2016-12-21 14:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 18:34 - 2016-12-21 14:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 18:34 - 2016-12-21 14:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-01-23 07:36 - 2017-01-23 07:43 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-01-23 07:36 - 2017-01-23 07:43 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-01-23 07:36 - 2017-01-23 07:43 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-12-20 00:53 - 2016-12-20 00:55 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\roottools.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00313656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2013-09-10 09:23 - 2013-09-10 09:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2013-10-09 11:41 - 2013-10-09 11:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 21:25 - 2017-01-27 16:10 - 00000878 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 serius.mwbsys.com 0.0.0.0 keystone.mwbsys.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\Control Panel\Desktop\\Wallpaper -> D:\pics\tay tay\edits\096kkk.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: wercplsupport => 3 MSCONFIG\Services: WerSvc => 3 HKLM\...\StartupApproved\Run32: => "ASUSPRP" HKLM\...\StartupApproved\Run32: => "ASUSWebStorage" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-1783475628-1044346471-1235079275-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{D72F9822-2C2A-4FCA-A798-6644EDAB4B5E}] => %ProgramFiles%\EaseUS\EaseUS Data Recovery Wizard\DRWUI.exe FirewallRules: [TCP Query User{BB11998F-6697-473B-8742-93369FD6D1D6}C:\program files\itunes\itunes.exe] => C:\program files\itunes\itunes.exe FirewallRules: [{211F4074-3BBB-4396-9A96-A13C55A6CD9B}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{44928332-F751-4044-9999-CCBDF46BD828}] => %systemroot%\system32\alg.exe FirewallRules: [{2737DE07-7803-45CF-96EA-DEC54B11FBE6}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{69AEAE0A-492E-4258-B668-491CF2FC6E50}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{61642F29-E852-4D45-BF08-847DD1AC17FF}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{19AD8179-D74E-4647-BCD4-EF0A0E7F2C22}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A2BDF428-13AF-4F57-94B7-DD695D73A6B7}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{8C1FFE93-8584-4F37-943C-723102A7FB4A}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [UDP Query User{7402021F-A754-434E-9E94-9F6809482DF1}D:\games\left 4 dead 2\left4dead2.exe] => D:\games\left 4 dead 2\left4dead2.exe FirewallRules: [TCP Query User{723BA3A3-1DA5-4D73-8649-4FDE8A362A4F}D:\games\left 4 dead 2\left4dead2.exe] => D:\games\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{30F201DF-042C-4298-8818-9053C061EDC0}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{F0955835-C249-49EF-B379-779BF3783FCA}C:\program files (x86)\winamp\winamp.exe] => C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{16F90C6A-9CF4-4E01-84E4-78F0C5EEF168}D:\games\left 4 dead 2\left4dead2.exe] => D:\games\left 4 dead 2\left4dead2.exe FirewallRules: [TCP Query User{527405E1-8827-4602-86FF-B50B53A59E7C}D:\games\left 4 dead 2\left4dead2.exe] => D:\games\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{2F4F421C-8A68-4B40-8D63-DD9721F71A3E}H:\game\motor gp3\motogp.exe] => H:\game\motor gp3\motogp.exe FirewallRules: [TCP Query User{1FDBF15B-18FA-4A90-B881-73582A4868BE}H:\game\motor gp3\motogp.exe] => H:\game\motor gp3\motogp.exe FirewallRules: [UDP Query User{37E1C76A-0ACA-41F2-B5F7-A7FCDB33E4B0}H:\game\left 4 dead 2\left4dead2.exe] => H:\game\left 4 dead 2\left4dead2.exe FirewallRules: [TCP Query User{211DCE3B-8B37-4E0A-A0E9-A7373179EB37}H:\game\left 4 dead 2\left4dead2.exe] => H:\game\left 4 dead 2\left4dead2.exe FirewallRules: [{F04645C4-642B-4917-9E0D-34971F55CFB9}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{CD17F683-7A1C-4DB0-8597-088CA4B43442}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{2C7F255F-0BCF-43E9-98E5-C91877F233E2}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{DDF4FF0B-0CC8-46D7-BCE4-8480543B6E19}] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{F433C861-BD96-4BBC-A488-F14CC2AA37C4}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EBE4DC87-F1C0-4D0A-BBC9-195150DD0E1D}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{77227766-877C-4A00-9C95-44AE68885BBD}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B3D8633F-EA4D-4D1A-9705-EB2764BF36B0}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{389D59D0-342B-4621-81AB-FD745FF39F9C}] => C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [TCP Query User{4EDFD52E-35E5-41A5-8479-6CA59EF95FB5}C:\users\user\appdata\local\akamai\netsession_win.exe] => C:\users\user\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{02124B34-C004-4FA4-A011-38FB8F6F5F31}C:\users\user\appdata\local\akamai\netsession_win.exe] => C:\users\user\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{20D95571-A368-4FBE-B31D-F5C94E64E9A0}C:\users\user\appdata\local\akamai\netsession_win.exe] => C:\users\user\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{2FBCB804-80F6-4204-945C-5C8C2B5A28C4}C:\users\user\appdata\local\akamai\netsession_win.exe] => C:\users\user\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{E093DAA7-95E3-4F2C-9572-B0DF2C1EB2FA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{B1C35FE9-CF19-4ED5-B61B-6B69EB20AC8B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{D7B91E25-3644-4FC5-8013-775135809BF4}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EEA402D2-92B9-4DBB-BB00-2F63670403F7}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{16B4F8DA-CB1E-4B3A-A944-DD40057D8C81}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{882A784F-A587-4E10-9957-81E46EB2F88A}] => LPort=2869 FirewallRules: [{2EE6979F-DC35-44D6-AAFA-FF07AFB65373}] => LPort=1900 FirewallRules: [TCP Query User{AFCB8391-2A62-4260-AE57-23B1C07C96E6}H:\left 4 dead\left4dead.exe] => H:\left 4 dead\left4dead.exe FirewallRules: [UDP Query User{4E4205D3-5F5F-4C84-9311-FD2C4826FECA}H:\left 4 dead\left4dead.exe] => H:\left 4 dead\left4dead.exe FirewallRules: [TCP Query User{B262D7E4-83AA-431A-8123-128F27471FD3}H:\motor gp3\motogp.exe] => H:\motor gp3\motogp.exe FirewallRules: [UDP Query User{5AB49C21-D736-4899-A040-F1512B00643E}H:\motor gp3\motogp.exe] => H:\motor gp3\motogp.exe FirewallRules: [TCP Query User{1E51EF34-6488-4301-BD76-B598BEAA57DC}H:\left 4 dead2\left4dead2.exe] => H:\left 4 dead2\left4dead2.exe FirewallRules: [UDP Query User{48018E1D-1DE8-49F7-8FF4-C3912A8F100A}H:\left 4 dead2\left4dead2.exe] => H:\left 4 dead2\left4dead2.exe FirewallRules: [TCP Query User{9DDFF225-A74B-4866-940D-DB93A0286124}H:\left 4 dead2\left4dead2.exe] => H:\left 4 dead2\left4dead2.exe FirewallRules: [UDP Query User{5A44EC17-43C6-4EB7-916F-40F072133FF2}H:\left 4 dead2\left4dead2.exe] => H:\left 4 dead2\left4dead2.exe FirewallRules: [TCP Query User{B85C256C-173B-49FA-B291-96845ED71A50}H:\left 4 dead\left4dead.exe] => H:\left 4 dead\left4dead.exe FirewallRules: [UDP Query User{7A85BAC4-87F8-42A6-A8B6-E8B07325CB4E}H:\left 4 dead\left4dead.exe] => H:\left 4 dead\left4dead.exe FirewallRules: [TCP Query User{9B4A6DB0-FC4C-4C9F-9F3C-3AE0D82998D6}D:\left 4 dead\left4dead.exe] => D:\left 4 dead\left4dead.exe FirewallRules: [UDP Query User{34F61BFD-48F2-4C3F-B25D-7197543408AA}D:\left 4 dead\left4dead.exe] => D:\left 4 dead\left4dead.exe FirewallRules: [TCP Query User{14EC8621-129B-467B-8C0A-1DD2F8D0A7D0}H:\motor gp3\motogp.exe] => H:\motor gp3\motogp.exe FirewallRules: [UDP Query User{3D338F77-473A-4000-B3DB-224B0A2F7A27}H:\motor gp3\motogp.exe] => H:\motor gp3\motogp.exe FirewallRules: [TCP Query User{74086374-10BA-40F9-A4F6-AEB8962465BD}D:\games\left 4 dead\left4dead.exe] => D:\games\left 4 dead\left4dead.exe FirewallRules: [UDP Query User{C98305B8-691F-4A7F-8F51-3E951924086C}D:\games\left 4 dead\left4dead.exe] => D:\games\left 4 dead\left4dead.exe FirewallRules: [TCP Query User{826E3A10-EAD9-4085-8FED-E7846F33FF09}D:\games\left 4 dead2\left4dead2.exe] => D:\games\left 4 dead2\left4dead2.exe FirewallRules: [UDP Query User{A039D717-79CF-4D06-81DA-761674674432}D:\games\left 4 dead2\left4dead2.exe] => D:\games\left 4 dead2\left4dead2.exe FirewallRules: [TCP Query User{872E9283-646B-401D-A41F-ACBAD8ECE802}C:\users\user\appdata\roaming\spotify\spotify.exe] => C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B9342F11-22D5-40EB-8AD5-0B221D6E50D1}C:\users\user\appdata\roaming\spotify\spotify.exe] => C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [{BF797299-0BBF-485B-8D19-5DC5B5CCDAD0}] => C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [{5E55E0F1-2057-43CB-A1AF-A50C4837CFE1}] => C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{06448661-5E82-48AB-A744-198615DF5901}H:\game\motor gp3\motogp.exe] => H:\game\motor gp3\motogp.exe FirewallRules: [UDP Query User{776A3484-2847-47C8-B393-76A31AE8577E}H:\game\motor gp3\motogp.exe] => H:\game\motor gp3\motogp.exe FirewallRules: [TCP Query User{975F7567-7653-4E61-8D48-620CF7F0A2CE}C:\program files\itunes\itunes.exe] => C:\program files\itunes\itunes.exe FirewallRules: [UDP Query User{1D4CE6A9-8534-4F2D-97F4-6DDE33826EAC}C:\program files\itunes\itunes.exe] => C:\program files\itunes\itunes.exe FirewallRules: [{BC9AEF39-A7E5-4A04-A037-B09414F18A2F}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{320A200D-088A-4B10-9961-49F14E4B2BAD}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{7739C5F1-22E2-47BE-AF4B-C43AEADA5F74}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{72414357-9C0E-43B8-8C3B-1C3345B5976B}] => C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{2008E83E-68E9-4FC6-9226-5AFDA4D81FA9}] => C:\Program Files (x86)\mHotspot\mHotspot.exe FirewallRules: [{E2176461-A80D-4B3F-9A7E-4015A7613026}] => C:\Program Files (x86)\mHotspot\mHotspot.exe FirewallRules: [TCP Query User{F54F4327-ECF5-441A-9F59-C2DBA25B119A}C:\program files (x86)\connectify\connectify.exe] => C:\program files (x86)\connectify\connectify.exe FirewallRules: [UDP Query User{3215998B-D29E-4886-A804-1660CC0D8668}C:\program files (x86)\connectify\connectify.exe] => C:\program files (x86)\connectify\connectify.exe FirewallRules: [{2C734405-0B48-4D4F-B291-66335106CA06}] => C:\program files (x86)\connectify\connectify.exe FirewallRules: [{EE428162-5D5E-41D4-84C7-F2FB0C6C01AE}] => C:\program files (x86)\connectify\connectify.exe FirewallRules: [{4AF0D5B8-97D3-4016-AD6C-EB360F9A0A4A}] => C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe FirewallRules: [TCP Query User{9C770494-A291-4CC4-8C28-83410AF3A9AE}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{D6181300-8E08-41C8-9F9E-C2C0379634A7}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{53739ACF-040E-40D6-A835-D389A81AB75A}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{8EC788F3-6A92-4C31-B38E-2538FC08D564}] => C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [TCP Query User{409B4A14-6F32-47F7-91C5-5FB2562C98B2}G:\rsa_setup\installerimage_win32_win32_x86_64\install.exe] => G:\rsa_setup\installerimage_win32_win32_x86_64\install.exe FirewallRules: [UDP Query User{CEBAA80D-3272-43A2-ADE7-00792C67D5B8}G:\rsa_setup\installerimage_win32_win32_x86_64\install.exe] => G:\rsa_setup\installerimage_win32_win32_x86_64\install.exe FirewallRules: [{9BB2B902-4205-4BA4-A388-810D538989CD}] => G:\rsa_setup\installerimage_win32_win32_x86_64\install.exe FirewallRules: [{161C549F-2C47-4FD4-B498-61FEC9AD7448}] => G:\rsa_setup\installerimage_win32_win32_x86_64\install.exe FirewallRules: [TCP Query User{98D03DBE-0525-4BC2-981D-611699E7F892}C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe] => C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe FirewallRules: [UDP Query User{2CD564A2-7E9D-4324-B69F-619417B18E6B}C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe] => C:\program files\ibm\sdp\jdk\jre\bin\javaw.exe FirewallRules: [TCP Query User{C2A6205F-CB28-4873-9CD7-8EE560BB9FB0}G:\counter-strike source\hl2.exe] => G:\counter-strike source\hl2.exe FirewallRules: [UDP Query User{82801177-8FCB-48A2-A6DD-77DD5491AE57}G:\counter-strike source\hl2.exe] => G:\counter-strike source\hl2.exe FirewallRules: [TCP Query User{39E701E1-9CE5-45A9-89F9-1015AD77A9DE}D:\games\left 4 dead2\left4dead2.exe] => D:\games\left 4 dead2\left4dead2.exe FirewallRules: [UDP Query User{6562AA8C-F31D-48EE-B63A-2EA3DE0F81C3}D:\games\left 4 dead2\left4dead2.exe] => D:\games\left 4 dead2\left4dead2.exe FirewallRules: [{D08ED349-FE81-4661-8904-5D1F4B7547C0}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{01622448-4278-446A-9E47-56481145B617}] => LPort=1688 FirewallRules: [{D44AC7E8-3066-4EED-A3C9-90103A571B25}] => C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{17F82C36-DCEA-41D6-9F40-8ACEA71E9141}] => C:\Program Files\KMSpico\Service_KMS.exe ==================== Restore Points ========================= 08-01-2017 23:03:42 Scheduled Checkpoint 13-01-2017 21:23:40 Windows Update 23-01-2017 17:24:47 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/27/2017 05:06:27 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=DC733 ACID=? Detailed Error[?] Error: (01/27/2017 04:56:26 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=DC733 ACID=? Detailed Error[?] Error: (01/27/2017 04:28:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbamservice.exe, version: 3.1.0.388, time stamp: 0x58320f73 Faulting module name: MBAMCore.dll, version: 3.0.0.510, time stamp: 0x584f274d Exception code: 0xc0000005 Fault offset: 0x00000000000354c8 Faulting process id: 0x2188 Faulting application start time: 0x01d27875184ed563 Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe Faulting module path: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll Report Id: c22fe47c-8766-4e5b-9ee6-a168dcbe9a16 Faulting package full name: Faulting package-relative application ID: Error: (01/27/2017 04:07:19 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=DC733 ACID=? Detailed Error[?] Error: (01/27/2017 03:57:17 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=DC733 ACID=? Detailed Error[?] Error: (01/27/2017 03:56:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Explorer.EXE Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FF7BBDC8732 Error: (01/27/2017 11:46:38 AM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=DC733 ACID=? Detailed Error[?] Error: (01/27/2017 11:36:36 AM) (Source: Software Protection Platform Service) (EventID: 1017) (User: ) Description: Installation of the Proof of Purchase failed. 0xC004F050 Partial Pkey=DC733 ACID=? Detailed Error[?] Error: (01/27/2017 11:35:26 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Explorer.EXE Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: exception code c0000005, exception address 00007FF73CD08732 Error: (01/27/2017 11:35:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEMMOSWIFTHUSNA) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (01/27/2017 05:11:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (01/27/2017 05:08:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/27/2017 05:08:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/27/2017 05:08:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/27/2017 04:54:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/27/2017 04:29:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). Error: (01/27/2017 04:00:25 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (01/27/2017 03:57:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/27/2017 03:57:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (01/27/2017 03:57:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-01-27 16:11:10.936 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 16:11:10.928 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 16:11:10.914 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 16:11:10.825 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 16:11:10.725 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 15:52:07.284 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 15:52:07.278 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 15:52:07.220 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-26 15:32:57.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-26 15:32:57.254 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz Percentage of memory in use: 66% Total physical RAM: 3966.97 MB Available physical RAM: 1347.34 MB Total Virtual: 5630.97 MB Available Virtual: 2453.33 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:55.64 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:19.51 GB) NTFS Drive f: (Zouis_Seyfried) (Fixed) (Total:465.76 GB) (Free:1.41 GB) NTFS Drive i: () (Removable) (Total:7.39 GB) (Free:6.85 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0FE4DC0A) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 42CDD3BA) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 7.4 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================
  3. I switched from At&t to comcast. Real time protection worked fine when I was using At&t, but now that I have comcast whenever I turn on real-time protection web pages slow to a crawl and sometimes don't load at all. As soon as I turn off RTP everything goes back to normal. So this is obviously a problem with malwarebytes and not on my side.
  4. Hi, my computer seemed to slow down, my computer connection, I've narrowed it down to a scvhost process that starts and stops but can't find the why. The computer is a quad core desktop runing windows 8.1 64bit Neither nod32 nor Malwarebytes detects anything is wrong. Please help.
  5. everything was great until I in-stalled 2.0.3.1025 through the last update in premium. 4 of the 5 computers were running great that I use until I updated. now they can hardly load web pages. sometimes just freezes. this computer im using right now is a gamer and is very fast yet web pages stop loading or load in a matter of minutes after updating. if I remove update and un-install it computer is fine. I went back to last premium version and computer is normal. playing vid games I noticed I was being kicked for latency. if I don't start malwarebytes with windows its still slow. if I un-install it the computer is lightning fast again. don't know. running last version for now. Its the same on all my computers and I have road runner extreme. I also run webroot complete and un-installing it made no difference.
  6. I own Malwarebytes Pro, have updated it, but it is not picking up any at the time of this posting. As the title says, I have been expeiencing a rather strange problem lately. My google searches and other internetting is running extremely slow, and often times I cannot access any pages on google. I also get messages occasionally after trying to visit a google page that say there is unusual or suspicious network traffic coming from my IP address and requiring me to enter a CAPTCHA image. I have run scans with MALWAREBYTES and my Kaspersky internet essentials but neither are picking up any activity. I have attached my Hijackthis and DDS log files hijackthis.log Attach.txt DDS.txt
  7. Hey, Ive recently been experiencing extremely slow internet speeds on my desktop. If i plug my laptop into same cable it tests out normal. I purchased and attempted to install malware bytes, but it continously gives same error. I followed some off the steps listed previously in threads to no avail. Some of the earlier steps are broken download links so i didnt complete them. But I did do tfc.exe, and tried the alternate named file. dds.exe(.com) also says corrupt file.
  8. (I am using a XPS Studio 9100 which is a Desktop PC) Since about 3-4 months I'm having problem with Windows Update & Internet connection. My Internet speed is Anti virus: Avira and Avast! Anti Virus Fire wall: Comodo Firewall and installed yesterday Avast! Internet Security. I scan my computer on a monthly basis and I don't download "suspicious" websites nor download .exe frequently unless it's from a certified developer etc. Error when trying to download updates: Sorry if this is in the wrong section! Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.