*Virus removal please help!* WMI Commandline Utility keeps popping up in Windows 10

[Helpmeplease1112]

Hi, I recently was on a site trying to download a textbook online and I did, and it popped up as an application in the E drive. Honestly, the fact that it was a program should've been my first hint, but I was kind of desperate to find the textbook that I tried to open it. WMI Commandline utility popped up and I knew right away it was a virus. I've had this happen before on another computer, and somehow I fixed it, however I do not remember how I did. I downloaded MalwareBytes because I've used it before and it's a good program, and I scanned both the file and the whole drive, both scans turned up clean, however I knew that the program or the program's creators probably found a way around the malware detection. I then scanned it with Virustotal, and got a number of two hits out of 50+. However, the two it showed up on was less than good. I'm sending you photos of where the program is on my drive, the virustotal report and possibly a gif of the program in action. 

 

The program keeps popping up with an administrator prompt, and no matter how many times I click no, it keeps popping up. I managed a fix-it so I can get back to my computer, a trick I used before, and now it's on my taskbar but still there. Hope you can help.

Thanks! 

 

P.S. I'm really late for school so if there's any way this can be resolved quickly I'd be VERY appreciative. Thank you!!

 

Virustotal: https://www.virustotal.com/en/file/96d238a2755e676fb8cb2df1e39deeac4814fe0a5fc77550b9ca2ba497f3bfaf/analysis/

Pictures of the virustotal: https://gyazo.com/3e18146bce16d7db79cdd2fd3ecbad0b

https://gyazo.com/7f5a059a36601c3e9dc75adf935258e5

https://gyazo.com/c16bb632a6d3fa70f147ed4cd18bc3de

https://gyazo.com/1ea1fa87f094fe3bb6f1f835eed7dd13

 

...I think it's pretty safe to assume it's NOT a textbook.

 

Threat scan:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/10/17
Scan Time: 1:01 PM
Logfile: 
Administrator: Yes

-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.970
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: 10USER-PC\10 USER

-Scan Summary-
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 2442
Time Elapsed: 0 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Disabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Disabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

--

 

I don't know what to do as this exceeds my knowledge of malware removal. I've never dealt with a program of this threat before. It's completely different than the other WMI commandline utility virus I had, which leads me to think that it's a different program masquerading as another. Maybe I'm wrong. Please help. 

 

UPDATE: Scanning whole PC with Malwarebytes reveals two extra programs so I believe it's grabbing things from the internet and installing them. I'm getting on another PC to go on here and turning internet off in a moment so it can't download extra programs.

Edited January 10, 2017 by Helpmeplease1112
Update

[kevinf80]

Hello Helpmeplease1112 and welcome to Malwarebytes, My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please: Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good... Change the download folder setting in the Default Browser only. so all of the tools we may use are saved to the Desktop: Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK. Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu. Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen. NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop. Change default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties" In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK" Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location..... Next, Follow the instructions in the following link to show hidden files: http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/ Next, Open Malwarebytes, select > "settings" > "protection tab" Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Go back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes deal with any found entries... Then select "Export Summary" then "Text File (*.txt)" name that log and save , you can copy or attach that to your reply... Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status...   Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... Thank you, Kevin

[Helpmeplease1112]

I already quarantined two PUP's Malwarebytes found before your reply, I'm posting that log file as well.

https://gyazo.com/e39f53c6a0a2478737f9378de5ecd1d4

https://gyazo.com/2aa4537b6b8fb186553490a034feb509

Also, it quarantined the textbook file, but the admin pop-up for permission is still happening.

*Note: I didn't restart the computer like it said to.. I was waiting for this and instructions. Should I do that now? 

My system is a 64 Bit.

Quarantined items/scan log file:

~

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/10/17
Scan Time: 1:03 PM
Logfile: 
Administrator: Yes

-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.970
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: 10USER-PC\10 USER

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368089
Time Elapsed: 13 min, 2 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
PUP.Optional.DriverDetective, C:\$RECYCLE.BIN\S-1-5-21-2252375925-3716301909-4049155379-1000\$RAAHR5M.EXE, Delete-on-Reboot, [1877], [335971],1.0.970
Adware.FileFinder, C:\USERS\10 USER\APPDATA\LOCAL\TEMP\LIFE_SCIENCE_TEXTBOOK_7TH_GRADE_MCGRAW-HILL_PDF_DOWNLOAD__NKR2B8.EXE, Delete-on-Reboot, [756], [358410],1.0.970

Physical Sector: 0
(No malicious items detected)

(end)

~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by 10 USER (administrator) on 10USER-PC (10-01-2017 14:27:32)
Running from C:\Users\10 USER\Desktop
Loaded Profiles: 10 USER &  (Available Profiles: 10 USER)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Flux Software LLC) C:\Users\10 USER\AppData\Local\FluxSoftware\Flux\flux.exe
(Dashlane, Inc.) C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe
() C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\onenoteim.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Google Inc.) C:\Users\10 USER\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-01-04] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.5\bin\EpmNews.exe
HKLM-x32\...\Run: [EaseUS Cleanup] => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.5\bin\CleanUpUI.exe" 10 300
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Google Update] => C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-02] (Google Inc.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [f.lux] => C:\Users\10 USER\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-05] (Flux Software LLC)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] ()
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-01-10] (Nota Inc.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Google Update] => C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-01-02] (Google Inc.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [f.lux] => C:\Users\10 USER\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-05] (Flux Software LLC)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] ()
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-01-10] (Nota Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2
Tcpip\..\Interfaces\{7ffe0e8d-9d04-4bd8-a502-195a372632c0}: [DhcpNameServer] 75.114.81.1 75.114.81.2

Internet Explorer:
==================
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\10 USER\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-12-07] (Dashlane, Inc.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\10 USER\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-12-07] (Dashlane, Inc.)

FireFox:
========
FF DefaultProfile: mlj.daybyday@gmail.com
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-27] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000: @tools.google.com/Google Update;version=3 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000: @tools.google.com/Google Update;version=9 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075: @tools.google.com/Google Update;version=3 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075: @tools.google.com/Google Update;version=9 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-02] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default [2017-01-10]
CHR Extension: (Google Slides) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-24]
CHR Extension: (Google Docs) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-24]
CHR Extension: (Google Drive) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24]
CHR Extension: (Brushed) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2016-04-24]
CHR Extension: (YouTube) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-24]
CHR Extension: (Adblock Plus) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-01-03]
CHR Extension: (Dashlane) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-01-04]
CHR Extension: (Full Page Screen Capture) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2017-01-03]
CHR Extension: (Google Sheets) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24]
CHR Extension: (AdBlock) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24]
CHR Extension: (Gmail) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-01-04] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 e1kexpress; C:\WINDOWS\system32\DRIVERS\e1k63x64.sys [498032 2013-02-20] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-10] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation                           )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U4 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-10 14:27 - 2017-01-10 14:27 - 00016152 _____ C:\Users\10 USER\Desktop\FRST.txt
2017-01-10 14:27 - 2017-01-10 14:27 - 00000000 ____D C:\FRST
2017-01-10 14:26 - 2017-01-10 14:26 - 02419200 _____ (Farbar) C:\Users\10 USER\Desktop\FRST64.exe
2017-01-10 14:25 - 2017-01-10 14:25 - 01761280 _____ (Farbar) C:\Users\10 USER\Desktop\FRST.exe
2017-01-10 12:57 - 2017-01-10 12:57 - 00003528 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2017-01-10 12:57 - 2017-01-10 12:57 - 00003392 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2017-01-10 12:57 - 2017-01-10 12:57 - 00001055 _____ C:\Users\Public\Desktop\Gyazo.lnk
2017-01-10 12:57 - 2017-01-10 12:57 - 00001055 _____ C:\Users\Public\Desktop\Gyazo GIF.lnk
2017-01-10 12:57 - 2017-01-10 12:57 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Gyazo
2017-01-10 12:57 - 2017-01-10 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2017-01-10 12:56 - 2017-01-10 12:57 - 00000000 ____D C:\Program Files (x86)\Gyazo
2017-01-10 12:49 - 2017-01-10 12:56 - 13863648 _____ (Nota Inc. ) C:\Users\10 USER\Downloads\Gyazo-3.2.9.exe
2017-01-10 12:40 - 2017-01-10 14:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-10 12:40 - 2017-01-10 12:40 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-10 12:40 - 2017-01-10 12:40 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-10 12:40 - 2017-01-10 12:40 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-10 12:40 - 2017-01-10 12:40 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-10 12:39 - 2017-01-10 12:39 - 54199488 _____ (Malwarebytes ) C:\Users\10 USER\Downloads\mb3-setup-SEMFD.100SEM-3.0.5.1299.exe
2017-01-10 12:39 - 2017-01-10 12:39 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-10 12:39 - 2017-01-10 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-10 12:39 - 2017-01-10 12:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-10 12:39 - 2017-01-10 12:39 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-10 12:39 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-10 12:36 - 2017-01-10 12:36 - 00425984 _____ C:\Users\10 USER\Downloads\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.iso
2017-01-07 22:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-01-07 22:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-01-07 22:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-01-07 22:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-01-07 22:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-01-07 22:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-01-07 18:51 - 2017-01-07 18:52 - 00000000 ____D C:\Users\10 USER\Documents\Sound recordings
2017-01-04 21:54 - 2017-01-04 21:54 - 00002001 _____ C:\Users\10 USER\Desktop\Dashlane.lnk
2017-01-04 21:54 - 2017-01-04 21:54 - 00000000 ____D C:\Users\10 USER\AppData\LocalLow\Dashlane
2017-01-04 21:52 - 2017-01-04 21:54 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2017-01-04 21:52 - 2017-01-04 21:54 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Dashlane
2017-01-04 21:52 - 2017-01-04 21:54 - 00000000 ____D C:\Program Files (x86)\Dashlane
2017-01-04 21:52 - 2017-01-04 21:52 - 00672632 _____ (Dashlane Inc.) C:\Users\10 USER\Downloads\Dashlane_Launcher_bchrome-1481560411.exe
2017-01-04 07:13 - 2017-01-04 04:32 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-04 07:10 - 2017-01-04 04:20 - 00000000 ____D C:\Windows.old
2017-01-04 07:06 - 2017-01-04 07:06 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2017-01-04 07:06 - 2017-01-04 07:06 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2017-01-04 07:06 - 2017-01-04 07:06 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2017-01-04 07:06 - 2017-01-04 07:06 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2017-01-04 07:06 - 2017-01-04 07:06 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-01-04 07:06 - 2017-01-04 07:06 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-01-04 07:06 - 2017-01-04 07:06 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-01-04 07:06 - 2017-01-04 07:06 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-01-04 07:06 - 2017-01-04 07:06 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-01-04 07:06 - 2017-01-04 07:06 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-01-04 07:06 - 2017-01-04 07:06 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-01-04 07:06 - 2017-01-04 07:06 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-01-04 07:06 - 2017-01-04 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2017-01-04 07:06 - 2017-01-04 07:06 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2017-01-04 07:06 - 2017-01-04 07:06 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-01-04 07:06 - 2017-01-04 07:06 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2017-01-04 07:06 - 2017-01-04 07:06 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2017-01-04 07:06 - 2017-01-04 07:06 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2017-01-04 07:06 - 2017-01-04 07:06 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-01-04 07:05 - 2017-01-04 07:05 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-01-04 07:05 - 2017-01-04 07:05 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-01-04 07:05 - 2017-01-04 07:05 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-01-04 07:05 - 2017-01-04 07:05 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-01-04 07:05 - 2017-01-04 07:05 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-01-04 07:05 - 2017-01-04 07:05 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2017-01-04 07:05 - 2017-01-04 07:05 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2017-01-04 07:05 - 2017-01-04 07:05 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-01-04 07:05 - 2017-01-04 07:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2017-01-04 07:05 - 2017-01-04 07:05 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2017-01-04 07:05 - 2017-01-04 07:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2017-01-04 07:05 - 2017-01-04 07:05 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidclass.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidusb.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2017-01-04 07:05 - 2017-01-04 07:05 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2017-01-04 07:05 - 2017-01-04 07:05 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2017-01-04 07:05 - 2017-01-04 07:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2017-01-04 07:05 - 2017-01-04 07:05 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2017-01-04 07:05 - 2017-01-04 07:05 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2017-01-04 07:05 - 2017-01-04 07:05 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2017-01-04 07:05 - 2017-01-04 07:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2017-01-04 07:05 - 2017-01-04 07:05 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2017-01-04 06:52 - 2017-01-04 06:52 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-01-04 06:51 - 2017-01-04 06:51 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-01-04 06:51 - 2017-01-04 06:51 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2017-01-04 04:36 - 2017-01-04 04:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-01-04 04:33 - 2017-01-05 13:13 - 00000000 ____D C:\Users\10 USER\AppData\Local\ConnectedDevicesPlatform
2017-01-04 04:33 - 2017-01-04 04:33 - 00000020 ___SH C:\Users\10 USER\ntuser.ini
2017-01-04 04:33 - 2017-01-04 04:33 - 00000000 ____D C:\ProgramData\USOShared
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\My Documents
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2017-01-04 04:32 - 2017-01-04 04:32 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2017-01-04 04:31 - 2017-01-04 04:32 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-01-04 04:31 - 2017-01-04 04:32 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-01-04 04:27 - 2017-01-09 02:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-04 04:27 - 2017-01-04 04:27 - 00003526 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000UA
2017-01-04 04:27 - 2017-01-04 04:27 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-04 04:27 - 2017-01-04 04:27 - 00003302 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6397DD84-3E0C-4107-842E-2AD81C7C654B}
2017-01-04 04:27 - 2017-01-04 04:27 - 00003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000Core
2017-01-04 04:27 - 2017-01-04 04:27 - 00002772 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-04 04:27 - 2017-01-04 04:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-01-04 04:23 - 2017-01-04 04:23 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-01-04 04:23 - 2017-01-04 04:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2017-01-04 04:23 - 2017-01-04 04:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2017-01-04 04:20 - 2017-01-04 04:23 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-01-04 04:20 - 2017-01-04 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-01-04 04:19 - 2017-01-09 13:04 - 00000000 ____D C:\Users\10 USER
2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\My Documents
2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\Documents\My Videos
2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\Documents\My Pictures
2017-01-04 04:19 - 2017-01-04 04:19 - 00000000 _SHDL C:\Users\10 USER\Documents\My Music
2017-01-04 04:16 - 2016-07-16 06:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-01-04 04:14 - 2017-01-10 12:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-04 04:14 - 2017-01-04 04:24 - 00194192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-04 04:14 - 2017-01-04 04:14 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-01-03 15:39 - 2017-01-03 15:39 - 00014278 _____ C:\Users\10 USER\Downloads\Dimmer_v1.0.zip
2017-01-03 15:39 - 2017-01-03 15:39 - 00000000 ____D C:\Users\10 USER\Downloads\Dimmer_v1.0
2017-01-03 15:38 - 2017-01-03 15:38 - 00496896 _____ C:\Users\10 USER\Downloads\flux-setup.exe
2017-01-03 15:38 - 2017-01-03 15:38 - 00002209 _____ C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2017-01-03 15:38 - 2017-01-03 15:38 - 00000000 ____D C:\Users\10 USER\AppData\Local\FluxSoftware
2017-01-03 13:08 - 2017-01-03 13:11 - 00000000 ____D C:\Users\10 USER\Documents\School
2017-01-03 13:04 - 2017-01-03 13:04 - 00000000 ____D C:\Users\10 USER\Tracing
2017-01-03 13:03 - 2017-01-04 04:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-01-03 13:03 - 2017-01-03 13:03 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2017-01-03 13:03 - 2017-01-03 13:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-03 13:03 - 2017-01-03 13:03 - 00000000 ____D C:\ProgramData\Skype
2017-01-03 13:01 - 2017-01-03 13:02 - 01478616 _____ (Skype Technologies S.A.) C:\Users\10 USER\Downloads\SkypeSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-10 14:18 - 2016-08-18 16:53 - 00000000 ____D C:\Users\10 USER\AppData\Roaming\Skype
2017-01-10 05:11 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-10 05:11 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-09 17:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-09 02:06 - 2016-05-26 02:35 - 00967778 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-09 02:01 - 2016-07-16 01:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-01-09 01:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-08 23:45 - 2016-07-16 06:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-07 22:05 - 2015-10-03 09:26 - 00000000 ____D C:\Users\10 USER\AppData\Local\Packages
2017-01-07 18:46 - 2016-04-24 16:54 - 00000000 ____D C:\Users\10 USER\AppData\Local\MicrosoftEdge
2017-01-06 01:21 - 2016-07-16 06:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-05 13:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-05 13:15 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-01-04 14:22 - 2016-04-24 16:41 - 00002506 _____ C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-04 07:13 - 2016-07-16 06:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-01-04 07:08 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-01-04 07:08 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-01-04 07:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-01-04 07:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-01-04 07:08 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\servicing
2017-01-04 07:07 - 2016-07-16 06:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2017-01-04 06:41 - 2016-05-26 06:05 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-01-04 04:37 - 2015-10-03 09:29 - 00002412 _____ C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-04 04:37 - 2015-10-03 09:29 - 00000000 ___RD C:\Users\10 USER\OneDrive
2017-01-04 04:33 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\USOPrivate
2017-01-04 04:33 - 2016-02-13 08:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-04 04:32 - 2016-07-16 01:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-04 04:30 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-01-04 04:30 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\Registration
2017-01-04 04:30 - 2015-10-30 02:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-01-04 04:27 - 2015-10-02 23:28 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-01-04 04:26 - 2016-07-16 06:47 - 00000000 __RSD C:\WINDOWS\Media
2017-01-04 04:26 - 2016-07-16 06:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-04 04:23 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-04 04:23 - 2016-04-24 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-01-04 04:23 - 2016-04-23 18:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2017-01-04 04:23 - 2015-10-30 01:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-04 04:21 - 2016-08-17 22:41 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\spool
2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-01-04 04:21 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\system32\IME
2017-01-04 04:21 - 2016-05-26 06:16 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-01-04 04:21 - 2016-05-26 06:16 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\schemas
2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-04 04:20 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files\MSBuild
2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-01-04 04:20 - 2016-05-26 06:16 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-04 04:20 - 2010-11-21 02:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-01-04 04:18 - 2016-07-16 01:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-04 04:16 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-01-04 04:16 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-01-04 04:16 - 2016-07-16 06:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-04 03:35 - 2015-10-01 22:06 - 00008192 __RSH C:\BOOTSECT.BAK
2017-01-04 03:32 - 2016-07-16 10:17 - 00000000 ___HD C:\$WINDOWS.~BT
2017-01-03 13:13 - 2016-04-24 16:40 - 00000000 ____D C:\Users\10 USER\AppData\Local\Google
2017-01-03 13:13 - 2016-04-24 15:06 - 00000000 ____D C:\Users\10 USER\AppData\Local\ElevatedDiagnostics
2017-01-02 14:36 - 2015-10-01 19:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-02 14:34 - 2015-10-01 19:57 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-02 14:14 - 2016-04-24 17:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-12-11 18:56 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-11 18:56 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-05-08 15:59 - 2016-05-08 15:59 - 0005712 _____ () C:\Users\10 USER\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-04 04:13

==================== End of FRST.txt ============================

~~

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by 10 USER (10-01-2017 14:31:03)
Running from C:\Users\10 USER\Desktop
Windows 10 Pro Version 1607 (X64) (2017-01-04 09:32:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

10 USER (S-1-5-21-2252375925-3716301909-4049155379-1000 - Administrator - Enabled) => C:\Users\10 USER
Administrator (S-1-5-21-2252375925-3716301909-4049155379-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2252375925-3716301909-4049155379-503 - Limited - Disabled)
Guest (S-1-5-21-2252375925-3716301909-4049155379-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2252375925-3716301909-4049155379-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Dashlane (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Dashlane) (Version: 4.6.5.21982 - Dashlane, Inc.)
Dashlane (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Dashlane) (Version: 4.6.5.21982 - Dashlane, Inc.)
f.lux (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Flux) (Version:  - )
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Chrome (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Gyazo 3.2.9 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\10 USER\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {112F2418-6970-409F-B5C6-6D376BA59538} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {13F64576-D9F2-4AF9-9551-C8D0109C3B46} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1D59AF43-3BD1-4C28-BB65-7AF9C4BC3C12} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {26230C06-1420-44E1-A373-823C0D454A13} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FB191A9-BE95-450B-9339-F64AE585E457} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {32CD3026-2049-4099-B468-EC53F57396BD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {32EE931F-CE49-4BFC-A322-E1C6F8C87656} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {393FBEDA-3D31-4D6D-84FA-993DD9F12CEE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3E570EF4-E82F-4EF4-BBDC-5701DD006409} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3EFC3DFC-EA74-4073-8420-469EFACEA906} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4B85DAA6-2279-4436-ADCF-864D8E54B013} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000Core => C:\Users\10 USER\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.)
Task: {5B65DA86-395F-4FA8-A842-6FEECFFB828D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {68DD3895-C4FB-40D2-9E94-A7FE6D6CFD8A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6D5F56BD-07AF-41E6-BF64-C5EA47161B10} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6DE30546-6FDD-440F-B85A-0A6025EABA1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {75445D5F-9700-4BD9-9B4D-DD7CC6B4E8EF} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-01-10] ()
Task: {7DF73643-C41B-4271-BD6C-9883025F8ECF} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {84209DF4-626B-48AA-B9A3-A13E584A10B6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86ED0A45-4CCE-4877-B926-C9E040458E8A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E5B0A99-5713-4DA6-AB5C-361CA80105A8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9E824CBC-70E2-4064-9B05-A97D9C761923} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A0BE4762-3D76-4A01-BB91-EE925A00E53A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A27A089C-D6A6-4664-82AE-10BFFEEB2005} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A467F6C4-0854-4175-94FA-947BF3AC8ECD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2252375925-3716301909-4049155379-1000UA => C:\Users\10 USER\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.)
Task: {ADFF26C7-5F0D-4E7E-88F2-6A7612D6FE88} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2A5B4CD-3ADA-46E6-B65A-8A9BE96EEE69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BA0A7AA7-E683-4B43-83CF-F88F6A9AB566} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BC746126-4B49-4AEF-81DF-559CBC3461F9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C161E474-228A-4A4B-8AC1-92A0FF58F761} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C3EE6DE8-007C-4C79-B928-67382CD78D1B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CE9D06AD-19E8-47EA-A51A-57183FC54F01} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D753A7F7-61AF-4A06-AF41-4E590A921235} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-01-10] ()
Task: {D7DE55E0-4907-4CD7-B914-942848D251B1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E1E90F4B-FFA8-4E52-BF3D-3D1A09EE861E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E42E8A7E-4FB9-4316-866D-8DCCBC2BE487} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {ECA2804C-DD27-432C-9C09-8040EFE26A4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECB6F31E-3539-404E-95E5-9AA94FDBEF0F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1496E97-8669-45EF-A0B9-AF04C2EF976C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F4C02728-87A2-4A90-8441-83D9DA768533} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-23 18:22 - 2016-01-11 12:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-01-04 04:37 - 2017-01-04 04:37 - 01678560 _____ () C:\Users\10 USER\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\amd64\ClientTelemetry.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-04 07:05 - 2017-01-04 07:05 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-04 21:54 - 2016-12-07 14:22 - 00536960 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe
2017-01-04 05:07 - 2017-01-04 05:08 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-01-04 05:07 - 2017-01-04 05:08 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-01-04 05:07 - 2017-01-04 05:08 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-01-04 05:07 - 2017-01-04 05:08 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-02 14:32 - 2017-01-02 14:33 - 01369288 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-01-04 05:09 - 2017-01-04 05:09 - 13017288 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-01-04 05:09 - 2017-01-04 05:09 - 00150216 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7668.57681.0_x64__8wekyb3d8bbwe\textinputdriver.dll
2017-01-02 14:58 - 2017-01-02 15:08 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-01-10 12:36 - 2017-01-10 12:36 - 00053881 ____R () E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe
2017-01-10 12:39 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-10 12:39 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-01-10 12:39 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-04 07:06 - 2017-01-04 07:06 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-01-04 04:37 - 2017-01-04 04:37 - 01244376 _____ () C:\Users\10 USER\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_1\ClientTelemetry.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00344960 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00441216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00471424 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 63176576 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00292736 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 06329216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 07633280 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 13821312 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 02285440 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00334720 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.6.5.21982.dll
2016-10-27 06:35 - 2016-10-27 06:35 - 22825144 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-03 09:41 - 2016-05-03 09:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-27 06:35 - 2016-10-27 06:35 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2017-01-02 14:27 - 2016-12-08 02:29 - 01829208 _____ () C:\Users\10 USER\AppData\Local\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2017-01-02 14:27 - 2016-12-08 02:29 - 00085848 _____ () C:\Users\10 USER\AppData\Local\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-10 12:36 - 2017-01-10 12:36 - 00011264 _____ () C:\Users\10 USER\AppData\Local\Temp\nsqE451.tmp\System.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141619797\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141619922\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
DNS Servers: 75.114.81.1 - 75.114.81.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{8DF5A8DC-2B0C-4254-A47E-C90FAC587922}] => C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

04-01-2017 06:34:27 Windows Update
07-01-2017 22:06:21 Windows Modules Installer

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2017 02:13:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x1474
Faulting application start time: 0x01d26b75a4daddfc
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: 2c124740-b08e-441b-8efe-162b366f6151
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge

Error: (01/10/2017 02:13:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x1474
Faulting application start time: 0x01d26b75a4daddfc
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting module path: unknown
Report Id: a5144fdf-c05f-4915-8ebe-a8405365e747
Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge

Error: (01/10/2017 01:01:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 3.0.0.865, time stamp: 0x584ee8a0
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a1dc
Exception code: 0xc0000005
Fault offset: 0x00192cf1
Faulting process id: 0xe44
Faulting application start time: 0x01d26b68a0e08e28
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 745bd8a5-b0d5-40df-bc82-4913b910b6fc
Faulting package full name: 
Faulting package-relative application ID:

Error: (01/09/2017 02:41:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 7.30.0.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 754

Start Time: 01d26a466a52259a

Termination Time: 105

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id: 98aa3def-d6a3-11e6-8d84-000b819d8ea3

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/07/2017 10:06:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (01/07/2017 06:56:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 7.30.0.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1764

Start Time: 01d267e61dabf0f9

Termination Time: 12

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id: d89ee25d-d534-11e6-a2f3-782bcb871252

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/07/2017 06:51:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8
Exception code: 0xc000027b
Fault offset: 0x00000000006d675b
Faulting process id: 0x1538
Faulting application start time: 0x01d26940e8da5879
Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 06c778c2-d00b-48d5-91c8-e85d70d9f8a6
Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw
Faulting package-relative application ID: App

Error: (01/07/2017 06:49:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8
Exception code: 0xc000027b
Fault offset: 0x00000000006d675b
Faulting process id: 0xb70
Faulting application start time: 0x01d26940a2125d4b
Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 4e665596-0aff-4997-9f82-0fbce76f8f2e
Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw
Faulting package-relative application ID: App

Error: (01/07/2017 06:48:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8
Exception code: 0xc000027b
Fault offset: 0x00000000006d675b
Faulting process id: 0x20a8
Faulting application start time: 0x01d2694078e20afe
Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 642c8883-d394-413b-80b8-7f3c6c262117
Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw
Faulting package-relative application ID: App

Error: (01/07/2017 06:47:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SoundEditor.exe, version: 1.0.0.0, time stamp: 0x57e6fa4c
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.479, time stamp: 0x58258ce8
Exception code: 0xc000027b
Fault offset: 0x00000000006d675b
Faulting process id: 0xeac
Faulting application start time: 0x01d269407447ac78
Faulting application path: C:\Program Files\WindowsApps\32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw\SoundEditor.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 66f379ab-3f83-46b6-ac10-b25226c6c16c
Faulting package full name: 32015mccalla.SoundEditor_3.2.7.0_x64__1yb35n8phzzdw
Faulting package-relative application ID: App

System errors:
=============
Error: (01/09/2017 02:02:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/09/2017 01:04:21 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

 Code: 8 0x0 0x0

Error: (01/09/2017 01:04:19 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

 Code: 2 0xdeaddeed 0xeeec

Error: (01/09/2017 01:04:19 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

 Code: 1 0xc 0x4

Error: (01/07/2017 06:34:04 PM) (Source: DCOM) (EventID: 10016) (User: 10USER-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user 10USER-PC\10 USER SID (S-1-5-21-2252375925-3716301909-4049155379-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.

Error: (01/05/2017 01:12:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2017 04:51:44 AM) (Source: DCOM) (EventID: 10016) (User: 10USER-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user 10USER-PC\10 USER SID (S-1-5-21-2252375925-3716301909-4049155379-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2017 04:36:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2017 04:32:23 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The BranchCache service terminated with the following service-specific error: 
This program is blocked by group policy. For more information, contact your system administrator.

Error: (01/04/2017 04:32:17 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 57%
Total physical RAM: 8027.59 MB
Available physical RAM: 3422.46 MB
Total Virtual: 16219.59 MB
Available Virtual: 10690.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.88 GB) (Free:399.63 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6805C28C)
Partition 1: (Active) - (Size=464.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

 

~~

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/10/17
Scan Time: 2:16 PM
Logfile: 
Administrator: Yes

-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.971
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: 10USER-PC\10 USER

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 320701
Time Elapsed: 18 min, 47 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

~

 

[kevinf80]

A Re-boot was required for Malwarebytes to complete removal of issue files... Yes that should have been done staright away... Am checking FRST logs, back shortly..

[kevinf80]

Thanks for those logs, continue as follows please: Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Next, Download AdwCleaner by Xplode onto your Desktop.   Double click on Adwcleaner.exe to run the tool. Click on the Scan in the Actions box Please wait fot the scan to finish.. When "Waiting for action.Please uncheck elements you want to keep" shows in top line.. Click on the Cleaning box. Next click OK on the "Closing Programs" pop up box. Click OK on the Information box & again OK to allow the necessary reboot After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed... Next, Download and save RogueKiller to your Desktop from this link: https://www.fosshub.com/RogueKiller.html/setup.exe Right click setup.exe and select Run as Administrator to start installing RogueKiller. At the next window Checkmark "Install 32 and 64 bit versions, then select "Next" In the next window skip Licence I.D. and Licence Key, select "Next" In the next window make no changes and select "Next" In the next window leave both "Additional Shortcuts" checkmarked, then select "Next" In the next window make no changes and select "Install" RogueKiller will extract and complete installation, in the new window leave "Launch Roguekiller" checkmarked, then select finish. RogueKiller will launch. Accept UAC, then read and accept "User Agreements" In the new window the "Home" tab should already be selected, Change by selecting "Scan" tab, then select "Start Scan" When the scan completes select "Open Report" In the new Window select "Export text" name that file RK.txt, save to your Desktop and attach to your reply   Let me see those logs in your reply... Thank you, Kevin...

Fixlist.txt

[Helpmeplease1112]

Did the Adwcleaner and restarted.. here's the file(s)

Another thing: Do I put the fixlist in the FRST folder or the place where the FRST text file is?

AND, do I scan again and THEN fix after fixlist is in the FRST place?

(CO)

~~~~~~~~~~~~~

# AdwCleaner v6.042 - Logfile created 10/01/2017 at 15:37:21
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-10.2 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : 10 USER - 10USER-PC
# Running from : C:\Users\10 USER\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\10 USER\AppData\Local\DriverToolkit
[-] Folder deleted: C:\Program Files (x86)\DriverToolkit

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\DriverToolkit
[#] Key deleted on reboot: HKCU\Software\DriverToolkit
[#] Key deleted on reboot: [x64] HKCU\Software\DriverToolkit

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1078 Bytes] - [10/01/2017 15:37:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [1362 Bytes] - [10/01/2017 15:36:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1224 Bytes] ##########

 

~~~~~~~~~~~

(SO)

# AdwCleaner v6.042 - Logfile created 10/01/2017 at 15:36:47
# Updated on 06/01/2017 by Malwarebytes
# Database : 2017-01-10.2 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : 10 USER - 10USER-PC
# Running from : C:\Users\10 USER\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Folder Found:  C:\Users\10 USER\AppData\Local\DriverToolkit
Folder Found:  C:\Program Files (x86)\DriverToolkit

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

Key Found:  HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\DriverToolkit
Key Found:  HKCU\Software\DriverToolkit
Key Found:  [x64] HKCU\Software\DriverToolkit

***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1206 Bytes] - [10/01/2017 15:36:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1279 Bytes] ##########
 

~~~~~~~~~~~

 

Running rogue's scan now.

 

I think it's grabbing programs and installing them. Should I turn off wifi? My uncle said to do that while cleaning the malware.

 

Edited January 10, 2017 by Helpmeplease1112

[Helpmeplease1112]

Rogue's file

RK.txt

[Helpmeplease1112]

Hello? 

[kevinf80]

The instructions I give are in order, The fix with FRST should have been done first.....

FRST is saved to and runs from your Desktop, the file I attached in my last reply "Fixlist.txt" should have been downloaded and saved to the same place "Desktop"

Do not open the file "Fixlist.txt" double click on FRST accept UAC, from FRST GUI select Fix just once. FRST will run, read the script in the text file "Fixlist.txt" and carry out those commands, it will produce a log "Fixlog.txt" post that to your reply.......

[Helpmeplease1112]

Sorry, had an event to attend. Here's the file. Talk to you tomorrow!

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by 10 USER (10-01-2017 18:23:14) Run:1
Running from C:\Users\10 USER\Desktop
Loaded Profiles: 10 USER (Available Profiles: 10 USER)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.)
C:\Users\10 USER\AppData\Roaming\Dashlane
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] ()
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [Dashlane] => C:\Users\10 USER\AppData\Roaming\Dashlane\Dashlane.exe [478592 2016-12-07] (Dashlane, Inc.)
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01102017141620075\...\Run: [DashlanePlugin] => C:\Users\10 USER\AppData\Roaming\Dashlane\DashlanePlugin.exe [536960 2016-12-07] ()
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\10 USER\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-12-07] (Dashlane, Inc.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\10 USER\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-12-07] (Dashlane, Inc.) 
CHR Extension: (Dashlane) - C:\Users\10 USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2017-01-04]
U4 aspnet_state; no ImagePath 
C:\Users\10 USER\Desktop\Dashlane.lnk
C:\Users\10 USER\AppData\LocalLow\Dashlane
C:\Users\10 USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
C:\Users\10 USER\AppData\Roaming\Dashlane
C:\Program Files (x86)\Dashlane
C:\Users\10 USER\Downloads\Dashlane_Launcher_bchrome-1481560411.exe
C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00441216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00471424 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 63176576 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00292736 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 06329216 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 07633280 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 13821312 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 02285440 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.6.5.21982.dll
2017-01-04 21:53 - 2016-12-07 14:14 - 00334720 _____ () C:\Users\10 USER\AppData\Roaming\Dashlane\4.6.5.21982\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.6.5.21982.dll
Hosts:
CMD: ipconfig /flushDNS
EmptyTemp:
end

*****************

Restore point was successfully created.
Processes closed successfully.
"E:\life_science_textbook_7th_grade_mcgraw-hill_pdf_download__nkr2b8.exe" => not found.
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Dashlane => value removed successfully
C:\Users\10 USER\AppData\Roaming\Dashlane => moved successfully
HKU\S-1-5-21-2252375925-3716301909-4049155379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DashlanePlugin => value removed successfully
 

[kevinf80]

The log "Fixlog.txt" is not complete, can you repost...

[Helpmeplease1112]

I posted all that was there. What do I do?

 

[kevinf80]

See if there is a complete log here: C:\FRST\Logs

[Helpmeplease1112]

[Helpmeplease1112]

I don't see it. Did I do it wrong?

[kevinf80]

Run the fix again exactly as previously:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.
 

 

 

 

 

Fixlist.txt

[Helpmeplease1112]

Did that, it's been running for two days now and hasn't stopped nor given me a log. Is there something I can do?

[kevinf80]

Open Taskmanger and end Task on FRST under processes.. Check here: C:\FRST\Logs see if a log was produced...

[Helpmeplease1112]

No logs, but under desktop there's a notepad "fixlog", the one I gave to you before. Under FRST/Logs it still looks the same as the picture I sent. No idea what's going on.

[kevinf80]

Try running the fix once more, this time turn off Internet connection and turn off security before running the fix...

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Disconnect Internet connection and Security software.....

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.
 

 

fixlist.txt

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!