Jump to content
worldtraveler5

"Requested resource is in use"

Recommended Posts

I am apparently having the same issue as everyone else!

After attempting to run chameleon (in safemode as well) I ran malewarebytes rootkit (it's actively scanning) 

I am just a mom trying to help my young children with their viruses :( Can you assist me further as I am a novice with all of this and the laptop is literally 4 days old!

Thank you!

Share this post


Link to post
Share on other sites

Hi worldtraveler5 :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.

  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on Malwarebytes Forums, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against Malwarebytes Forums's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;


This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Follow the instructions in the thread below, and provide me the FRST.txt and Addition.txt logs.

https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

Share this post


Link to post
Share on other sites

Hi!

Thank you for your help!

So the anti -rootkit ran all night long and when I got up in the morning it had found nearly 9000 threats! Wow.  I ran it twice and the second time came up clean.  Later in the day after work, I was able to install and run malewarebytes (using the activation key) and it found an additional 13 threats.  After reading your email I ran the farbar tool from the link you sent and this is the information:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Kaden (06-03-2017 20:07:07)
Running from C:\Users\Kaden\Downloads
Windows 10 Home Version 1607 (X64) (2017-02-26 07:08:38)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2159742045-397581911-1998889431-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2159742045-397581911-1998889431-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2159742045-397581911-1998889431-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2159742045-397581911-1998889431-501 - Limited - Disabled)
Kaden (S-1-5-21-2159742045-397581911-1998889431-1001 - Administrator - Enabled) => C:\Users\Kaden
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Dropbox 25 GB (HKLM-x32\...\{400BDC41-ED37-3053-8439-CC33B6C3A352}) (Version: 3.1.12.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.111.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{b0ebf7ff-6b1a-4a92-9c85-6915be1962b9}) (Version: 5.1.19895 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{9B252E0D-7B31-48A6-B01E-B5CCBA286E8E}) (Version: 1.1.0.168 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{94fe0719-8e44-4833-a106-b54ad117949f}) (Version: 1.0.0.191 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.3.32.23 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{C85AC2ED-2305-4137-A8BA-CC628F635C82}) (Version: 12.5.32.11 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.27 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.34 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{abae53e9-1af7-406f-a318-8f2097906f55}) (Version: 19.02.0000.4750 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{52DA40D6-6EF4-4B28-B501-FC538ECE638C}) (Version: 19.01.1627.3533 - Intel Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.29093 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
ROBLOX Player for Kaden (HKU\S-1-5-21-2159742045-397581911-1998889431-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.37 - Synaptics Incorporated)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2159742045-397581911-1998889431-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Kaden\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2159742045-397581911-1998889431-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Kaden\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2159742045-397581911-1998889431-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Kaden\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2159742045-397581911-1998889431-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Kaden\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\RobloxProxy64.dll (ROBLOX Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {124F2F21-E05D-451B-ABC8-B437FD463DC6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-28] (Dropbox, Inc.)
Task: {18C922A1-ADA9-4E18-85F1-DB20CE51121D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-02-08] (HP Inc.)
Task: {1BA678D1-D5C3-4D53-9BAC-AD62C10F4A46} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {1C21E08C-AEA8-475A-B373-40160DED86DF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {2DF6FC80-15B3-4BF1-9DFD-7C91007A2F85} - System32\Tasks\HPEA3JOBS => C:\Program
Task: {414D405D-8105-42DB-B069-D9297951D998} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe [2016-08-05] ()
Task: {4A8A83D3-8E09-415E-B55C-802C9BFF4E5D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-08-04] (HP Inc.)
Task: {61B7E0ED-BA60-4BED-BC75-4AE611828889} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {6CFCEEC4-8F0D-4FD7-8F95-8277A9EFC405} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {78F5CF09-9137-4CDE-8726-7260F7F55954} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-05] (HP Inc.)
Task: {82620FE9-0D6A-4BA0-AECD-E825DB998B90} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-03-06] (McAfee, Inc.)
Task: {851321B7-54C9-4180-92D4-450325CBBC4C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {8FEFE7BF-2A33-4E22-9932-313B451FC536} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {9A205E50-885F-4A34-8955-D6C747D533D8} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-04-22] ()
Task: {9E26A6F7-2FBC-4E38-A0AF-87FE7E7B4941} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {B9FB86DD-4BF5-407C-A8BA-6B2EDC6BB017} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {C51288AB-7D81-4FE4-B41A-A4F6966170F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C9663D3D-44FF-46B5-A5F1-CA09C2A6BF75} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-28] (Dropbox, Inc.)
Task: {CC8D7034-0FF3-4A11-9668-44C532C1F177} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-02-08] (HP Inc.)
Task: {E00E1D99-03F2-4E9E-9575-BC9841C68D64} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-05] (HP Inc.)
Task: {EFD383A8-3B07-48DB-9487-A945EB29DCC3} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\windows\Explorer.EXE /NOUACCHECK
Task: {F56660CE-1843-4829-B00D-95578350FA59} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-03-06] (McAfee, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\windows\explorer.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 06:42 - 2016-07-16 06:42 - 00231424 _____ () C:\windows\SYSTEM32\ism32k.dll
2017-03-02 15:46 - 2016-12-09 05:29 - 02681200 _____ () C:\windows\system32\CoreUIComponents.dll
2017-03-02 15:46 - 2016-12-09 05:29 - 02681200 _____ () C:\windows\SYSTEM32\CoreUIComponents.dll
2016-10-24 11:17 - 2017-01-29 08:55 - 08930504 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-08-05 17:42 - 2016-08-05 17:42 - 00843800 _____ () C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
2016-10-24 10:59 - 2016-10-24 10:59 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-02 15:43 - 2016-12-21 02:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-02 15:42 - 2016-12-21 01:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-02 15:42 - 2016-12-21 01:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-02 15:42 - 2016-12-21 01:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-02 15:42 - 2016-12-21 01:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-02 15:42 - 2016-12-21 01:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-02 15:42 - 2016-12-21 01:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-28 20:51 - 2017-02-28 20:51 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
2017-02-28 20:51 - 2017-02-28 20:51 - 06538240 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll
2017-02-04 03:47 - 2017-02-04 03:47 - 00133632 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\4416462b3a54ef2473cc832d5ed3304a\BRIDGECommon.ni.dll
2017-02-04 03:47 - 2017-02-04 03:47 - 00110592 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\BridgeExtension\96fd89505b3f5dce10e95613cb1c1e9b\BridgeExtension.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 06:47 - 2016-07-16 06:45 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2159742045-397581911-1998889431-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2AFE1063-2C44-4ADC-BC57-867342E605EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E2FED36-D1AB-4AD6-8DA7-4E95FAB5499F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7C3EBC2-E523-49F9-A43F-D8CDD797A2FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{96D4D627-7D8A-42EA-8D89-3808D532F5B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6BA3E47B-B77E-4698-9184-8F760D21422E}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
FirewallRules: [{04DF66F3-CB46-490A-91D8-BFB029D99BE7}] => (Allow) LPort=13148
FirewallRules: [{CED18336-4862-4FAB-9E51-231233C72148}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F2997659-0F8B-4239-AEDC-02A5912476A5}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5A4B3623-0D09-45A1-BAFC-5E8B281B2620}] => (Allow) C:\windows\system32\rundll32.exe
==================== Restore Points =========================
06-03-2017 09:32:57 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2017 07:54:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (03/06/2017 06:32:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V9DIAK3M)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023169 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/06/2017 06:32:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V9DIAK3M)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023169 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/06/2017 06:32:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V9DIAK3M)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/06/2017 06:32:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V9DIAK3M)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (03/06/2017 06:29:39 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Policy:  Passive Policy [1]
Error: (03/06/2017 06:29:39 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Policy:  Critical Policy [0]
Error: (03/06/2017 06:29:39 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\WIPolicyCreateAll.cpp @ line 59
Executing Function:  WIPolicyCreateAll::execute
Message:  Unhandled exception caught during execution of work item
Policy File Name:  DptfPolicyActive.dll
Framework Event:  PolicyCreate [27]
Exception Function:  PolicyManager::createPolicy
Exception Text: 
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function:  EsifServices::primitiveExecuteGet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (03/06/2017 06:29:39 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 693
Executing Function:  PolicyBase::releaseControlofOsc
Message:  Failed to release OSC: Failure during execution of _OSC:
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Policy:  Active Policy [0]
Error: (03/06/2017 06:29:39 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10605.221) TYPE: ERROR
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version:  8.1.10605.221
DPTF Build Date:  Oct 23 2015 12:24:15
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Policy:  Active Policy [0]

System errors:
=============
Error: (03/06/2017 06:32:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:30:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:29:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:29:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:29:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:06:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:06:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 06:06:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/06/2017 05:46:04 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.
Error: (03/06/2017 05:32:17 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V9DIAK3M)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

CodeIntegrity:
===================================
  Date: 2017-03-05 22:46:34.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-05 22:46:34.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-05 21:23:35.973
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-05 21:23:35.963
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-02 22:12:50.033
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-02 22:12:49.968
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-02 21:26:16.215
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-02 21:26:16.172
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-02 21:23:26.930
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  Date: 2017-03-02 21:23:26.870
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N3060 @ 1.60GHz
Percentage of memory in use: 61%
Total physical RAM: 4001.58 MB
Available physical RAM: 1550.13 MB
Total Virtual: 6177.58 MB
Available Virtual: 2749.52 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:27.89 GB) (Free:2.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: B8CCEC7E)
Partition: GPT.
==================== End of Addition.txt ============================

Share this post


Link to post
Share on other sites

It seems that I'm missing the FRST.txt log. And MBAR was updated recently to deal with the threat you described, so it's nice to know that it did the trick. Can you provide me the Malwarebytes log as well?

Share this post


Link to post
Share on other sites

I would be glad to send both, I just don't know where to find them :/  can I get directions?  And yes, I was thrilled when malewarebytes not only installed but properly scanned and still found things!  :)

 

Edited by worldtraveler5

Share this post


Link to post
Share on other sites

After running FRST, two files should be created in the directory it was run: FRST.txt and Addition.txt. So there should be a FRST.txt where you found Addition.txt. As for Malwarebytes, go in Reports, double-click on the most recent Scan Report to open it, click on Export, select Copy to Clipboard and paste it here.

Share this post


Link to post
Share on other sites

Ok, this is the best I could figure out....

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
Ran by Kaden (administrator) on LAPTOP-V9DIAK3M (06-03-2017 20:03:36)
Running from C:\Users\Kaden\Downloads
Loaded Profiles: Kaden (Available Profiles: defaultuser0 & Kaden)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\mcsvchost\McSvHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Getstarted_4.5.6.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10301.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater\HPSSFUpdater.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\unzip.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1462792 2016-08-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4168296 2016-08-22] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2017-03-06]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-03-06]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{bae0debf-2fb4-4e39-b4a5-70688d4c33b6}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2159742045-397581911-1998889431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2159742045-397581911-1998889431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> {28DFC2C2-E4CC-4972-9B4D-FEA31D8A9B57} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {28DFC2C2-E4CC-4972-9B4D-FEA31D8A9B57} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2159742045-397581911-1998889431-1001 -> {28DFC2C2-E4CC-4972-9B4D-FEA31D8A9B57} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-06] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-05-23] ()
FF Plugin HKU\S-1-5-21-2159742045-397581911-1998889431-1001: @nsroblox.roblox.com/launcher -> C:\Users\Kaden\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2159742045-397581911-1998889431-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Kaden\AppData\Local\Roblox\Versions\version-ca61db0aa1b8462c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1747800 2017-02-16] (Intel Security)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-28] (Dropbox, Inc.)
R2 esifsvc; C:\windows\SysWoW64\esif_uf.exe [1392792 2016-04-29] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-05-23] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3316576 2016-08-09] (HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [461848 2016-08-05] (HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-08-04] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [356336 2016-06-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-22] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [258152 2016-08-22] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2016-07-16] (ASIX Electronics Corp.)
R3 cfwids; C:\windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
R3 dptf_acpi; C:\windows\System32\drivers\dptf_acpi.sys [55784 2016-04-29] (Intel Corporation)
R3 dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [52200 2016-04-29] (Intel Corporation)
R3 esif_lf; C:\windows\system32\DRIVERS\esif_lf.sys [260072 2016-04-29] (Intel Corporation)
S3 HipShieldK; C:\windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [347912 2016-08-04] (Intel Corporation)
R3 igfxLP; C:\windows\system32\DRIVERS\igdkmd64lp.sys [7383544 2016-06-21] (Intel Corporation)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [109272 2017-03-06] (Malwarebytes)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
S3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\windows\System32\drivers\Netwtw04.sys [7237392 2016-07-31] (Intel Corporation)
R3 RSP2STOR; C:\windows\system32\DRIVERS\RtsP2Stor.sys [329184 2016-08-19] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [60008 2016-08-22] (Synaptics Incorporated)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [64104 2016-08-22] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-03-02] ()
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-08-01] (HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-06 20:03 - 2017-03-06 20:05 - 00020937 _____ C:\Users\Kaden\Downloads\FRST.txt
2017-03-06 20:03 - 2017-03-06 20:03 - 02423808 _____ (Farbar) C:\Users\Kaden\Downloads\FRST64.exe
2017-03-06 20:03 - 2017-03-06 20:03 - 00000000 ____D C:\FRST
2017-03-06 20:02 - 2017-03-06 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-06 18:29 - 2017-03-06 18:29 - 00000000 ___HD C:\ProgramData\temp
2017-03-06 07:16 - 2017-03-06 19:50 - 00004034 _____ C:\windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-03-06 07:16 - 2017-03-06 18:27 - 00004222 _____ C:\windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-06 07:12 - 2017-03-06 07:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Kaden\Downloads\mbar-1.09.3.1001 (3).exe
2017-03-05 22:46 - 2017-03-05 22:46 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Kaden\Downloads\mbar-1.09.3.1001 (2).exe
2017-03-05 22:40 - 2017-03-05 22:44 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Kaden\Downloads\mbar-1.09.3.1001 (1).exe
2017-03-05 21:22 - 2017-03-06 19:50 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-05 21:22 - 2017-03-06 17:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-03-05 21:21 - 2017-03-06 17:32 - 00000000 ____D C:\Users\Kaden\Desktop\mbar
2017-03-05 21:20 - 2017-03-05 21:21 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Kaden\Downloads\mbar-1.09.3.1001.exe
2017-03-05 20:45 - 2017-03-05 20:45 - 00000214 _____ C:\windows\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-05 20:23 - 2017-03-06 07:13 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2017-03-05 20:07 - 2017-03-06 18:32 - 00001172 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-03-05 20:07 - 2017-03-05 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-03-05 20:06 - 2017-03-05 20:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-03-05 20:06 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2017-03-05 20:06 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-03-05 20:02 - 2017-03-05 20:02 - 00000000 ____D C:\Users\Kaden\Downloads\mbam-chameleon-3.1.33.0
2017-03-05 20:01 - 2017-03-05 20:02 - 06705178 _____ C:\Users\Kaden\Downloads\mbam-chameleon-3.1.33.0.zip
2017-03-04 12:15 - 2017-03-06 18:29 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-04 10:44 - 2017-03-06 18:32 - 00001957 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 10:43 - 2017-03-04 10:43 - 57131432 _____ (Malwarebytes ) C:\Users\Kaden\Downloads\mb3-setup-cb.NT-3.0.6.1469-1075.exe
2017-03-04 09:03 - 2017-03-06 18:31 - 00001436 _____ C:\Users\Kaden\Desktop\ROBLOX Player.lnk
2017-03-04 09:02 - 2017-03-06 18:31 - 00001251 _____ C:\Users\Kaden\Desktop\ROBLOX Studio.lnk
2017-03-04 09:02 - 2017-03-04 09:03 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-03-04 09:02 - 2017-03-04 09:02 - 00852536 _____ (ROBLOX Corporation) C:\Users\Kaden\Downloads\RobloxPlayerLauncher (2).exe
2017-03-04 09:00 - 2017-03-04 09:00 - 00852536 _____ (ROBLOX Corporation) C:\Users\Kaden\Downloads\RobloxPlayerLauncher (1).exe
2017-03-03 21:01 - 2017-03-03 21:01 - 00000000 ___HD C:\$SysReset
2017-03-03 20:56 - 2017-03-04 10:52 - 00003656 _____ C:\windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-03-03 20:05 - 2017-03-03 20:05 - 00000000 ____D C:\Program Files (x86)\Roblox
2017-03-03 19:35 - 2017-03-03 19:35 - 00000000 ____D C:\windows\pss
2017-03-03 19:19 - 2017-03-03 19:19 - 00000000 ___HD C:\$Windows.~WS
2017-03-03 19:18 - 2017-03-03 19:18 - 00376528 _____ (Microsoft Corporation) C:\Users\Kaden\Downloads\RefreshWindowsTool.exe
2017-03-02 23:42 - 2017-03-04 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-02 23:42 - 2017-02-24 06:23 - 00077408 _____ C:\windows\system32\Drivers\mbae64.sys
2017-03-02 23:41 - 2017-03-05 20:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-02 23:41 - 2017-03-02 23:41 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-02 23:40 - 2017-03-06 00:28 - 00000000 ____D C:\Users\Kaden\AppData\Local\CrashDumps
2017-03-02 23:40 - 2017-03-02 23:41 - 57131432 _____ (Malwarebytes ) C:\Users\Kaden\Downloads\mb3-setup-consumer-3.0.6.1469-1075 (1).exe
2017-03-02 23:34 - 2017-03-02 23:34 - 00000000 ____D C:\Program Files (x86)\regtool
2017-03-02 23:29 - 2017-02-04 04:23 - 00000012 _____ C:\windows\CSUP.txt
2017-03-02 23:29 - 2017-02-04 04:00 - 00000124 _____ C:\windows\win.ini
2017-03-02 23:29 - 2016-07-16 06:45 - 00000407 _____ C:\windows\system32\Drivers\etc\networks
2017-03-02 23:29 - 2016-07-16 06:45 - 00000219 _____ C:\windows\system.ini
2017-03-02 21:44 - 2017-03-02 21:44 - 00028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2017-03-02 21:43 - 2017-03-02 23:33 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-02 21:42 - 2017-03-02 21:42 - 34885984 _____ (Adlice Software ) C:\Users\Kaden\Downloads\setup.exe
2017-03-02 21:22 - 2017-03-02 21:23 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Kaden\Downloads\rkill.exe
2017-03-02 20:53 - 2017-03-02 20:55 - 57131432 _____ (Malwarebytes ) C:\Users\Kaden\Downloads\mbam-setup.com.exe
2017-03-02 20:41 - 2017-03-02 20:41 - 57131432 _____ (Malwarebytes ) C:\Users\Kaden\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-02 16:28 - 2017-03-06 18:30 - 00001504 _____ C:\Users\Kaden\Desktop\From Microsoft.lnk
2017-03-02 16:08 - 2017-03-02 16:15 - 00000000 ____D C:\windows\system32\MRT
2017-03-02 16:07 - 2017-03-02 16:07 - 138020592 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-03-02 15:46 - 2016-12-21 02:06 - 06285312 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2017-03-02 15:46 - 2016-12-13 23:48 - 01631232 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Resources.dll
2017-03-02 15:46 - 2016-12-09 05:29 - 02681200 _____ C:\windows\system32\CoreUIComponents.dll
2017-03-02 15:46 - 2016-12-09 05:18 - 01100128 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2017-03-02 15:46 - 2016-12-09 04:56 - 00959112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-03-02 15:46 - 2016-12-09 04:33 - 03777536 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2017-03-02 15:46 - 2016-12-09 03:54 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2017-03-02 15:46 - 2016-11-11 04:57 - 01473048 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2017-03-02 15:46 - 2016-11-11 04:56 - 01062480 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2017-03-02 15:46 - 2016-11-11 04:04 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2017-03-02 15:46 - 2016-11-11 02:47 - 05722832 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2017-03-02 15:46 - 2016-11-11 02:38 - 01263856 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2017-03-02 15:46 - 2016-10-14 23:33 - 00455040 _____ (Microsoft Corporation) C:\windows\SysWOW64\DolbyDecMFT.dll
2017-03-02 15:46 - 2016-10-05 04:12 - 00924672 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-02 15:45 - 2016-12-21 02:43 - 04130440 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2017-03-02 15:45 - 2016-12-21 02:43 - 01454504 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2017-03-02 15:45 - 2016-12-21 02:43 - 01071736 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2017-03-02 15:45 - 2016-12-21 02:42 - 22224480 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-03-02 15:45 - 2016-12-21 02:42 - 01988560 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2017-03-02 15:45 - 2016-12-21 02:42 - 01702392 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2017-03-02 15:45 - 2016-12-21 02:42 - 01300600 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2017-03-02 15:45 - 2016-12-21 02:41 - 01600632 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2017-03-02 15:45 - 2016-12-21 02:08 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2017-03-02 15:45 - 2016-12-21 01:56 - 00936960 _____ (Microsoft Corporation) C:\windows\system32\MCRecvSrc.dll
2017-03-02 15:45 - 2016-12-21 01:53 - 04474368 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-03-02 15:45 - 2016-12-21 01:51 - 08075776 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-03-02 15:45 - 2016-12-21 01:51 - 05611008 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-03-02 15:45 - 2016-12-21 01:50 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-03-02 15:45 - 2016-12-21 00:09 - 00263472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-02 15:45 - 2016-12-21 00:01 - 20969928 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-03-02 15:45 - 2016-12-20 23:43 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-03-02 15:45 - 2016-12-20 23:41 - 00253952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BioFeedback.dll
2017-03-02 15:45 - 2016-12-20 23:40 - 00557568 _____ (Microsoft Corporation) C:\windows\SysWOW64\StoreAgent.dll
2017-03-02 15:45 - 2016-12-20 23:40 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgent.exe
2017-03-02 15:45 - 2016-12-20 23:39 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgentUserBroker.exe
2017-03-02 15:45 - 2016-12-20 23:38 - 00866816 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Cred.dll
2017-03-02 15:45 - 2016-12-20 23:30 - 05398016 _____ (Microsoft Corporation) C:\windows\SysWOW64\aclui.dll
2017-03-02 15:45 - 2016-12-20 23:22 - 01883648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2017-03-02 15:45 - 2016-12-14 00:41 - 01235296 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-03-02 15:45 - 2016-12-14 00:23 - 00404832 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-03-02 15:45 - 2016-12-14 00:21 - 02206496 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2017-03-02 15:45 - 2016-12-13 23:38 - 17188864 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2017-03-02 15:45 - 2016-12-13 23:38 - 00213504 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.CredDialogController.dll
2017-03-02 15:45 - 2016-12-13 23:24 - 01005568 _____ (Microsoft Corporation) C:\windows\system32\D3D12.dll
2017-03-02 15:45 - 2016-12-13 23:23 - 03134976 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2017-03-02 15:45 - 2016-12-13 23:22 - 02317824 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-03-02 15:45 - 2016-12-13 23:22 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2017-03-02 15:45 - 2016-12-09 05:42 - 01637728 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-03-02 15:45 - 2016-12-09 05:42 - 00137568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-03-02 15:45 - 2016-12-09 05:20 - 02677544 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-03-02 15:45 - 2016-12-09 05:18 - 02913144 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2017-03-02 15:45 - 2016-12-09 05:18 - 01267512 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2017-03-02 15:45 - 2016-12-09 05:18 - 00989024 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2017-03-02 15:45 - 2016-12-09 05:18 - 00947552 _____ (Microsoft Corporation) C:\windows\system32\hvloader.efi
2017-03-02 15:45 - 2016-12-09 05:18 - 00811872 _____ (Microsoft Corporation) C:\windows\system32\hvloader.exe
2017-03-02 15:45 - 2016-12-09 05:01 - 01503544 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-03-02 15:45 - 2016-12-09 05:01 - 00861024 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicenseManager.dll
2017-03-02 15:45 - 2016-12-09 04:59 - 02166752 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2017-03-02 15:45 - 2016-12-09 04:59 - 00846560 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2017-03-02 15:45 - 2016-12-09 04:52 - 01415752 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2017-03-02 15:45 - 2016-12-09 04:41 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WordBreakers.dll
2017-03-02 15:45 - 2016-12-09 04:36 - 03059200 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-03-02 15:45 - 2016-12-09 04:20 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2017-03-02 15:45 - 2016-12-09 04:18 - 02138112 _____ (Microsoft Corporation) C:\windows\SysWOW64\InputService.dll
2017-03-02 15:45 - 2016-12-09 04:16 - 00353280 _____ (Microsoft Corporation) C:\windows\SysWOW64\TextInputFramework.dll
2017-03-02 15:45 - 2016-12-09 04:15 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-02 15:45 - 2016-12-09 04:15 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\InputLocaleManager.dll
2017-03-02 15:45 - 2016-12-09 04:15 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\EditBufferTestHook.dll
2017-03-02 15:45 - 2016-11-11 05:13 - 02213760 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-03-02 15:45 - 2016-11-11 05:08 - 00142176 _____ (Microsoft Corporation) C:\windows\system32\migisol.dll
2017-03-02 15:45 - 2016-11-11 05:02 - 02828376 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2017-03-02 15:45 - 2016-11-11 05:01 - 00637400 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2017-03-02 15:45 - 2016-11-11 05:00 - 00219488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2017-03-02 15:45 - 2016-11-11 04:56 - 00126568 _____ (Microsoft Corporation) C:\windows\system32\mfaudiocnv.dll
2017-03-02 15:45 - 2016-11-11 04:51 - 00454592 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-03-02 15:45 - 2016-11-11 04:26 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\ReAgentc.exe
2017-03-02 15:45 - 2016-11-11 04:24 - 00110080 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-03-02 15:45 - 2016-11-11 04:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2017-03-02 15:45 - 2016-11-11 04:19 - 00620544 _____ (Microsoft Corporation) C:\windows\system32\bcastdvr.exe
2017-03-02 15:45 - 2016-11-11 04:18 - 00967168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2017-03-02 15:45 - 2016-11-11 04:18 - 00278016 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
2017-03-02 15:45 - 2016-11-11 04:16 - 02716672 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2017-03-02 15:45 - 2016-11-11 04:16 - 00560128 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2017-03-02 15:45 - 2016-11-11 04:15 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2017-03-02 15:45 - 2016-11-11 04:14 - 00178176 _____ (Microsoft Corporation) C:\windows\system32\sppnp.dll
2017-03-02 15:45 - 2016-11-11 04:11 - 00870400 _____ (Microsoft Corporation) C:\windows\system32\mfmkvsrcsnk.dll
2017-03-02 15:45 - 2016-11-11 04:09 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\dialserver.dll
2017-03-02 15:45 - 2016-11-11 04:07 - 01691136 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2017-03-02 15:45 - 2016-11-11 04:05 - 04136448 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepository.dll
2017-03-02 15:45 - 2016-11-11 04:04 - 02800128 _____ (Microsoft Corporation) C:\windows\system32\netshell.dll
2017-03-02 15:45 - 2016-11-11 04:04 - 01709056 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2017-03-02 15:45 - 2016-11-11 04:04 - 00909312 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2017-03-02 15:45 - 2016-11-11 04:03 - 02287616 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-03-02 15:45 - 2016-11-11 03:01 - 01969912 _____ (Microsoft Corporation) C:\windows\SysWOW64\hevcdecoder.dll
2017-03-02 15:45 - 2016-11-11 03:00 - 01706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-03-02 15:45 - 2016-11-11 02:47 - 01430720 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-02 15:45 - 2016-11-11 02:25 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapsBtSvc.dll
2017-03-02 15:45 - 2016-11-11 02:25 - 00071168 _____ (Microsoft Corporation) C:\windows\SysWOW64\MosStorage.dll
2017-03-02 15:45 - 2016-11-11 02:24 - 00138240 _____ (Microsoft Corporation) C:\windows\SysWOW64\DisplayManager.dll
2017-03-02 15:45 - 2016-11-11 02:21 - 00332288 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapConfiguration.dll
2017-03-02 15:45 - 2016-11-11 02:19 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2017-03-02 15:45 - 2016-11-11 02:19 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2017-03-02 15:45 - 2016-11-11 02:18 - 02333184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-03-02 15:45 - 2016-11-11 02:17 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2017-03-02 15:45 - 2016-11-11 02:16 - 00253952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-02 15:45 - 2016-11-11 02:15 - 01357824 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2017-03-02 15:45 - 2016-11-11 02:15 - 00838144 _____ (Microsoft Corporation) C:\windows\SysWOW64\JpMapControl.dll
2017-03-02 15:45 - 2016-11-11 02:12 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdtcuiu.dll
2017-03-02 15:45 - 2016-11-11 02:10 - 06109184 _____ (Microsoft Corporation) C:\windows\SysWOW64\mos.dll
2017-03-02 15:45 - 2016-11-11 02:09 - 05380608 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingMaps.dll
2017-03-02 15:45 - 2016-11-11 02:06 - 02362880 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapRouter.dll
2017-03-02 15:45 - 2016-11-11 02:06 - 02109952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapGeocoder.dll
2017-03-02 15:45 - 2016-11-11 02:04 - 00715264 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapControlCore.dll
2017-03-02 15:45 - 2016-11-11 02:03 - 00760832 _____ (Microsoft Corporation) C:\windows\SysWOW64\NMAA.dll
2017-03-02 15:45 - 2016-11-02 06:08 - 00576408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-03-02 15:45 - 2016-11-02 06:08 - 00186424 _____ (Microsoft Corporation) C:\windows\SysWOW64\weretw.dll
2017-03-02 15:45 - 2016-11-02 06:01 - 01425000 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
2017-03-02 15:45 - 2016-11-02 06:01 - 00276832 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-03-02 15:45 - 2016-11-02 05:42 - 00549376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenterCPL.dll
2017-03-02 15:45 - 2016-11-02 05:42 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-02 15:45 - 2016-11-02 05:39 - 00465920 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppBroker.dll
2017-03-02 15:45 - 2016-11-02 05:33 - 12349952 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-03-02 15:45 - 2016-11-02 05:29 - 00336896 _____ (Microsoft Corporation) C:\windows\system32\NetworkBindingEngineMigPlugin.dll
2017-03-02 15:45 - 2016-11-02 05:29 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\mfsensorgroup.dll
2017-03-02 15:45 - 2016-11-02 05:28 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\ActionCenterCPL.dll
2017-03-02 15:45 - 2016-11-02 05:28 - 00109568 _____ (Microsoft Corporation) C:\windows\SysWOW64\chartv.dll
2017-03-02 15:45 - 2016-11-02 05:27 - 01388544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Cred.dll
2017-03-02 15:45 - 2016-11-02 05:23 - 00101888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2017-03-02 15:45 - 2016-11-02 05:22 - 13441024 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-03-02 15:45 - 2016-11-02 05:19 - 00805888 _____ (Microsoft Corporation) C:\windows\system32\FrameServer.dll
2017-03-02 15:45 - 2016-11-02 05:19 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\chartv.dll
2017-03-02 15:45 - 2016-11-02 05:17 - 01282048 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2017-03-02 15:45 - 2016-11-02 05:16 - 00770560 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2017-03-02 15:45 - 2016-11-02 05:16 - 00579072 _____ (Microsoft Corporation) C:\windows\system32\LockAppBroker.dll
2017-03-02 15:45 - 2016-11-02 05:16 - 00308736 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2017-03-02 15:45 - 2016-11-02 05:13 - 03496960 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2017-03-02 15:45 - 2016-11-02 05:13 - 03299840 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-03-02 15:45 - 2016-10-14 23:51 - 00595296 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-03-02 15:45 - 2016-10-14 23:51 - 00584032 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-03-02 15:45 - 2016-10-14 23:51 - 00322912 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-03-02 15:45 - 2016-10-14 23:51 - 00232800 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-03-02 15:45 - 2016-10-14 23:51 - 00078688 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-03-02 15:45 - 2016-10-14 23:41 - 05622088 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2017-03-02 15:45 - 2016-10-14 23:37 - 00063328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2017-03-02 15:45 - 2016-10-14 23:30 - 01851696 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-03-02 15:45 - 2016-10-14 23:26 - 00811416 _____ (Microsoft Corporation) C:\windows\system32\MFCaptureEngine.dll
2017-03-02 15:45 - 2016-10-14 23:26 - 00691080 _____ (Microsoft Corporation) C:\windows\system32\msvproc.dll
2017-03-02 15:45 - 2016-10-14 23:21 - 00292872 _____ (Microsoft Corporation) C:\windows\system32\wmpeffects.dll
2017-03-02 15:45 - 2016-10-14 23:18 - 01556712 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-03-02 15:45 - 2016-10-14 23:10 - 00254656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpeffects.dll
2017-03-02 15:45 - 2016-10-14 23:00 - 00018432 _____ (Microsoft Corporation) C:\windows\SysWOW64\stdole2.tlb
2017-03-02 15:45 - 2016-10-14 22:59 - 00272384 _____ (Microsoft Corporation) C:\windows\system32\mfksproxy.dll
2017-03-02 15:45 - 2016-10-14 22:59 - 00130560 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2017-03-02 15:45 - 2016-10-14 22:57 - 00217600 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
2017-03-02 15:45 - 2016-10-14 22:57 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpdxm.dll
2017-03-02 15:45 - 2016-10-14 22:56 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\OnDemandConnRouteHelper.dll
2017-03-02 15:45 - 2016-10-14 22:55 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2017-03-02 15:45 - 2016-10-14 22:55 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\wmpshell.dll
2017-03-02 15:45 - 2016-10-14 22:54 - 00102912 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpshell.dll
2017-03-02 15:45 - 2016-10-14 22:52 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2017-03-02 15:45 - 2016-10-14 22:49 - 01913344 _____ (Microsoft Corporation) C:\windows\system32\wsp_fs.dll
2017-03-02 15:45 - 2016-10-14 22:48 - 01554944 _____ (Microsoft Corporation) C:\windows\system32\wsp_health.dll
2017-03-02 15:45 - 2016-10-14 22:48 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2017-03-02 15:45 - 2016-10-14 22:46 - 03287552 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2017-03-02 15:45 - 2016-10-14 22:44 - 00636928 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2017-03-02 15:45 - 2016-10-14 22:44 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\powercfg.exe
2017-03-02 15:45 - 2016-10-14 22:43 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2017-03-02 15:45 - 2016-10-14 22:39 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2017-03-02 15:45 - 2016-10-14 22:38 - 00913920 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2017-03-02 15:45 - 2016-10-14 22:37 - 01980416 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-03-02 15:45 - 2016-10-14 22:36 - 00792064 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe
2017-03-02 15:45 - 2016-10-14 22:36 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\fhcpl.dll
2017-03-02 15:45 - 2016-10-14 22:35 - 03054080 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2017-03-02 15:45 - 2016-10-14 22:35 - 02005504 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-03-02 15:45 - 2016-10-14 22:35 - 00701952 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Connectivity.dll
2017-03-02 15:45 - 2016-10-14 22:34 - 01840640 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-03-02 15:45 - 2016-10-14 22:32 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-03-02 15:45 - 2016-10-05 05:35 - 00279904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2017-03-02 15:45 - 2016-10-05 05:16 - 00187232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2017-03-02 15:45 - 2016-10-05 05:12 - 02446696 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-03-02 15:45 - 2016-10-05 04:33 - 00157696 _____ (Microsoft Corporation) C:\windows\system32\credprovs.dll
2017-03-02 15:45 - 2016-10-05 04:32 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.HostName.dll
2017-03-02 15:45 - 2016-10-05 04:28 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\GamePanel.exe
2017-03-02 15:45 - 2016-10-05 04:27 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-02 15:45 - 2016-10-05 04:26 - 00137216 _____ (Microsoft Corporation) C:\windows\SysWOW64\credprovs.dll
2017-03-02 15:45 - 2016-10-05 04:25 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataAccountApis.dll
2017-03-02 15:45 - 2016-10-05 04:21 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ChatApis.dll
2017-03-02 15:45 - 2016-10-05 04:18 - 00858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\EmailApis.dll
2017-03-02 15:45 - 2016-10-05 04:17 - 02914304 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
2017-03-02 15:45 - 2016-10-05 04:15 - 00833024 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-03-02 15:45 - 2016-10-05 04:15 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2017-03-02 15:45 - 2016-10-05 04:13 - 01328128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.Http.dll
2017-03-02 15:45 - 2016-10-05 04:12 - 00998912 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-03-02 15:45 - 2016-10-05 04:09 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentApis.dll
2017-03-02 15:45 - 2016-10-05 04:07 - 02646016 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
2017-03-02 15:45 - 2016-10-05 04:06 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\ContactApis.dll
2017-03-02 15:45 - 2016-09-15 12:29 - 01117024 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2017-03-02 15:45 - 2016-09-15 12:26 - 00090400 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2017-03-02 15:45 - 2016-09-15 12:22 - 00975744 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2017-03-02 15:45 - 2016-09-15 12:22 - 00433832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWanAPI.dll
2017-03-02 15:45 - 2016-09-15 12:19 - 00361104 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2017-03-02 15:45 - 2016-09-15 12:16 - 00527808 _____ (Microsoft Corporation) C:\windows\system32\WWanAPI.dll
2017-03-02 15:45 - 2016-09-15 12:15 - 00649568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2017-03-02 15:45 - 2016-09-15 12:11 - 00862064 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2017-03-02 15:45 - 2016-09-15 12:11 - 00725664 _____ (Microsoft Corporation) C:\windows\system32\MSVideoDSP.dll
2017-03-02 15:45 - 2016-09-15 12:06 - 00387872 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2017-03-02 15:45 - 2016-09-15 12:03 - 00094720 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2017-03-02 15:45 - 2016-09-15 12:03 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2017-03-02 15:45 - 2016-09-15 12:03 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngkeyhelper.dll
2017-03-02 15:45 - 2016-09-15 11:58 - 00291840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-02 15:45 - 2016-09-15 11:57 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-02 15:45 - 2016-09-15 11:56 - 00257536 _____ (Microsoft Corporation) C:\windows\SysWOW64\DataExchange.dll
2017-03-02 15:45 - 2016-09-15 11:55 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleacc.dll
2017-03-02 15:45 - 2016-09-15 11:55 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\biwinrt.dll
2017-03-02 15:45 - 2016-09-15 11:54 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Ocr.dll
2017-03-02 15:45 - 2016-09-15 11:54 - 00431104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprdim.dll
2017-03-02 15:45 - 2016-09-15 11:54 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2017-03-02 15:45 - 2016-09-15 11:52 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-03-02 15:45 - 2016-09-15 11:52 - 00238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\AboveLockAppHost.dll
2017-03-02 15:45 - 2016-09-15 11:50 - 00071168 _____ (Microsoft Corporation) C:\windows\SysWOW64\pwrshplugin.dll
2017-03-02 15:45 - 2016-09-15 11:49 - 00901120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-02 15:45 - 2016-09-15 11:48 - 01320448 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2017-03-02 15:45 - 2016-09-15 11:47 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Energy.dll
2017-03-02 15:45 - 2016-09-15 11:45 - 02642944 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-03-02 15:45 - 2016-09-15 11:44 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\cngkeyhelper.dll
2017-03-02 15:45 - 2016-09-15 11:43 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToReceiver.dll
2017-03-02 15:45 - 2016-09-15 11:43 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
2017-03-02 15:45 - 2016-09-15 11:43 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cmintegrator.dll
2017-03-02 15:45 - 2016-09-15 11:43 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2017-03-02 15:45 - 2016-09-15 11:40 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-03-02 15:45 - 2016-09-15 11:40 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-02 15:45 - 2016-09-15 11:40 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthLEEnum.sys
2017-03-02 15:45 - 2016-09-15 11:39 - 00827904 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2017-03-02 15:45 - 2016-09-15 11:38 - 00773120 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-03-02 15:45 - 2016-09-15 11:38 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2017-03-02 15:45 - 2016-09-15 11:38 - 00620544 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2017-03-02 15:45 - 2016-09-15 11:37 - 01507840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.FaceAnalysis.dll
2017-03-02 15:45 - 2016-09-15 11:37 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\wlancfg.dll
2017-03-02 15:45 - 2016-09-15 11:36 - 00719360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdiWiFi.sys
2017-03-02 15:45 - 2016-09-15 11:36 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2017-03-02 15:45 - 2016-09-15 11:35 - 01087488 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Vpn.dll
2017-03-02 15:45 - 2016-09-15 11:35 - 00496128 _____ (Microsoft Corporation) C:\windows\system32\mprdim.dll
2017-03-02 15:45 - 2016-09-15 11:35 - 00431616 _____ (Microsoft Corporation) C:\windows\system32\Windows.Cortana.Desktop.dll
2017-03-02 15:45 - 2016-09-15 11:35 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\SensorService.dll
2017-03-02 15:45 - 2016-09-15 11:35 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\icsvc.dll
2017-03-02 15:45 - 2016-09-15 11:35 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-02 15:45 - 2016-09-15 11:34 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\AboveLockAppHost.dll
2017-03-02 15:45 - 2016-09-15 11:32 - 01037312 _____ (Microsoft Corporation) C:\windows\system32\nettrace.dll
2017-03-02 15:45 - 2016-09-15 11:31 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\pwrshplugin.dll
2017-03-02 15:45 - 2016-09-15 11:30 - 01403392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Editing.dll
2017-03-02 15:45 - 2016-09-15 11:30 - 00104960 _____ (Microsoft Corporation) C:\windows\system32\CastLaunch.dll
2017-03-02 15:45 - 2016-09-15 11:29 - 01105408 _____ (Microsoft Corporation) C:\windows\system32\MiracastReceiver.dll
2017-03-02 15:45 - 2016-09-15 11:29 - 00715264 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2017-03-02 15:45 - 2016-09-15 11:27 - 02860032 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2017-03-02 15:45 - 2016-09-15 11:27 - 00582656 _____ (Microsoft Corporation) C:\windows\system32\BootMenuUX.dll
2017-03-02 15:45 - 2016-09-15 11:27 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2017-03-02 15:45 - 2016-09-15 11:27 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\Sens.dll
2017-03-02 15:45 - 2016-09-15 11:26 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2017-03-02 15:45 - 2016-09-15 11:25 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2017-03-02 15:45 - 2016-09-15 11:25 - 00947200 _____ (Microsoft Corporation) C:\windows\system32\wsp_sr.dll
2017-03-02 15:45 - 2016-09-15 11:25 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\SpaceAgent.exe
2017-03-02 15:45 - 2016-09-15 11:24 - 04596224 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2017-03-02 15:45 - 2016-09-15 11:23 - 00611328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.dll
2017-03-02 15:45 - 2016-09-15 11:22 - 01709056 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2017-03-02 15:45 - 2016-09-15 11:20 - 01535488 _____ (Microsoft Corporation) C:\windows\system32\SpeechPal.dll
2017-03-02 15:45 - 2016-09-15 11:19 - 01130496 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-03-02 15:45 - 2016-09-15 11:17 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\FontProvider.dll
2017-03-02 15:45 - 2016-09-15 11:16 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\spaceman.exe
2017-03-02 15:45 - 2016-08-05 22:34 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\smphost.dll
2017-03-02 15:44 - 2016-12-21 03:08 - 00245600 _____ (Microsoft Corporation) C:\windows\system32\offlinesam.dll
2017-03-02 15:44 - 2016-12-21 03:08 - 00136032 _____ (Microsoft Corporation) C:\windows\system32\ImplatSetup.dll
2017-03-02 15:44 - 2016-12-21 02:46 - 00624048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-03-02 15:44 - 2016-12-21 02:43 - 00092512 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-03-02 15:44 - 2016-12-21 02:15 - 22563840 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2017-03-02 15:44 - 2016-12-21 02:01 - 09131008 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2017-03-02 15:44 - 2016-12-21 01:59 - 01908224 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2017-03-02 15:44 - 2016-12-21 01:59 - 00883712 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2017-03-02 15:44 - 2016-12-21 01:58 - 23678464 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-03-02 15:44 - 2016-12-21 01:55 - 08129536 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2017-03-02 15:44 - 2016-12-21 01:55 - 04749312 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2017-03-02 15:44 - 2016-12-21 01:49 - 04149248 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-03-02 15:44 - 2016-12-21 01:47 - 01121280 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2017-03-02 15:44 - 2016-12-21 00:59 - 00218976 _____ (Microsoft Corporation) C:\windows\SysWOW64\offlinesam.dll
2017-03-02 15:44 - 2016-12-20 23:41 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-02 15:44 - 2016-12-20 23:39 - 01300480 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVPXENC.dll
2017-03-02 15:44 - 2016-12-20 23:34 - 07626752 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2017-03-02 15:44 - 2016-12-20 23:33 - 19413504 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2017-03-02 15:44 - 2016-12-20 23:32 - 19417600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-03-02 15:44 - 2016-12-20 23:30 - 01255936 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2017-03-02 15:44 - 2016-12-20 23:26 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVP9DEC.dll
2017-03-02 15:44 - 2016-12-20 23:25 - 07469056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-03-02 15:44 - 2016-12-20 23:24 - 06044160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2017-03-02 15:44 - 2016-12-14 00:34 - 02482280 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2017-03-02 15:44 - 2016-12-14 00:17 - 00319288 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-03-02 15:44 - 2016-12-14 00:14 - 01694712 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2017-03-02 15:44 - 2016-12-14 00:01 - 01557808 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2017-03-02 15:44 - 2016-12-14 00:01 - 00382784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2017-03-02 15:44 - 2016-12-13 23:46 - 01631232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-02 15:44 - 2016-12-13 23:43 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\ScDeviceEnum.dll
2017-03-02 15:44 - 2016-12-13 23:42 - 00236544 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2017-03-02 15:44 - 2016-12-13 23:42 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2017-03-02 15:44 - 2016-12-13 23:40 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll
2017-03-02 15:44 - 2016-12-13 23:38 - 13869056 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2017-03-02 15:44 - 2016-12-13 23:37 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2017-03-02 15:44 - 2016-12-13 23:36 - 00539648 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2017-03-02 15:44 - 2016-12-13 23:36 - 00074752 _____ (Microsoft Corporation) C:\windows\SysWOW64\updatepolicy.dll
2017-03-02 15:44 - 2016-12-13 23:35 - 00755712 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-03-02 15:44 - 2016-12-13 23:35 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-03-02 15:44 - 2016-12-13 23:35 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2017-03-02 15:44 - 2016-12-13 23:26 - 00932864 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-03-02 15:44 - 2016-12-13 23:26 - 00869888 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-03-02 15:44 - 2016-12-13 23:24 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-03-02 15:44 - 2016-12-13 23:22 - 01513472 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2017-03-02 15:44 - 2016-12-09 05:28 - 00764392 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2017-03-02 15:44 - 2016-12-09 05:20 - 02189664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-03-02 15:44 - 2016-12-09 05:20 - 01738560 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-03-02 15:44 - 2016-12-09 05:20 - 00658784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2017-03-02 15:44 - 2016-12-09 05:19 - 00168424 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-03-02 15:44 - 2016-12-09 05:11 - 02048496 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2017-03-02 15:44 - 2016-12-09 05:00 - 00106896 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-03-02 15:44 - 2016-12-09 04:41 - 00380928 _____ (Microsoft Corporation) C:\windows\system32\wincorlib.dll
2017-03-02 15:44 - 2016-12-09 04:37 - 00411136 _____ (Microsoft Corporation) C:\windows\system32\facecredentialprovider.dll
2017-03-02 15:44 - 2016-12-09 04:36 - 00410112 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentClient.dll
2017-03-02 15:44 - 2016-12-09 04:34 - 00288768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincorlib.dll
2017-03-02 15:44 - 2016-12-09 04:31 - 03689984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-03-02 15:44 - 2016-12-09 04:27 - 00981504 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-03-02 15:44 - 2016-12-09 04:25 - 00376832 _____ (Microsoft Corporation) C:\windows\system32\CryptoWinRT.dll
2017-03-02 15:44 - 2016-12-09 04:21 - 04746752 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-03-02 15:44 - 2016-12-09 04:18 - 03666432 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-03-02 15:44 - 2016-12-09 04:18 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mdmregistration.dll
2017-03-02 15:44 - 2016-11-11 05:15 - 00101216 _____ (Microsoft Corporation) C:\windows\system32\DeviceReactivation.dll
2017-03-02 15:44 - 2016-11-11 05:14 - 02186896 _____ (Microsoft Corporation) C:\windows\system32\hevcdecoder.dll
2017-03-02 15:44 - 2016-11-11 05:14 - 00603488 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2017-03-02 15:44 - 2016-11-11 05:13 - 01886344 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-03-02 15:44 - 2016-11-11 05:13 - 00352096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2017-03-02 15:44 - 2016-11-11 05:03 - 01069720 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2017-03-02 15:44 - 2016-11-11 05:00 - 00223584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-03-02 15:44 - 2016-11-11 04:59 - 00433504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2017-03-02 15:44 - 2016-11-11 04:56 - 04673304 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-03-02 15:44 - 2016-11-11 04:56 - 00187520 _____ (Microsoft Corporation) C:\windows\system32\CloudStorageWizard.exe
2017-03-02 15:44 - 2016-11-11 04:55 - 00882680 _____ (Microsoft Corporation) C:\windows\system32\EditionUpgradeManagerObj.dll
2017-03-02 15:44 - 2016-11-11 04:55 - 00743224 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2017-03-02 15:44 - 2016-11-11 04:27 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\NetCfgNotifyObjectHost.exe
2017-03-02 15:44 - 2016-11-11 04:26 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\xboxgip.sys
2017-03-02 15:44 - 2016-11-11 04:25 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\BcastDVRHelper.dll
2017-03-02 15:44 - 2016-11-11 04:25 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryBroker.dll
2017-03-02 15:44 - 2016-11-11 04:24 - 00170496 _____ (Microsoft Corporation) C:\windows\system32\AppCapture.dll
2017-03-02 15:44 - 2016-11-11 04:24 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll
2017-03-02 15:44 - 2016-11-11 04:23 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\Windows.Shell.Search.UriHandler.dll
2017-03-02 15:44 - 2016-11-11 04:22 - 00489472 _____ (Microsoft Corporation) C:\windows\system32\NetSetupShim.dll
2017-03-02 15:44 - 2016-11-11 04:20 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2017-03-02 15:44 - 2016-11-11 04:20 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\setupugc.exe
2017-03-02 15:44 - 2016-11-11 04:20 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\IdCtrls.dll
2017-03-02 15:44 - 2016-11-11 04:19 - 00198144 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-03-02 15:44 - 2016-11-11 04:18 - 02084352 _____ (Microsoft Corporation) C:\windows\system32\DeviceFlows.DataModel.dll
2017-03-02 15:44 - 2016-11-11 04:16 - 01477632 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll
2017-03-02 15:44 - 2016-11-11 04:16 - 00161792 _____ (Microsoft Corporation) C:\windows\system32\EditionUpgradeHelper.dll
2017-03-02 15:44 - 2016-11-11 04:14 - 02104320 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2017-03-02 15:44 - 2016-11-11 04:14 - 00615424 _____ (Microsoft Corporation) C:\windows\system32\wpnprv.dll
2017-03-02 15:44 - 2016-11-11 04:11 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\umpoext.dll
2017-03-02 15:44 - 2016-11-11 04:06 - 00650752 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2017-03-02 15:44 - 2016-11-11 04:05 - 01779712 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-03-02 15:44 - 2016-11-11 04:04 - 02611200 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2017-03-02 15:44 - 2016-11-11 04:03 - 02669056 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-03-02 15:44 - 2016-11-11 04:03 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2017-03-02 15:44 - 2016-11-11 04:03 - 00283648 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
2017-03-02 15:44 - 2016-11-11 02:49 - 00869848 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2017-03-02 15:44 - 2016-11-11 02:49 - 00248480 _____ (Microsoft Corporation) C:\windows\SysWOW64\policymanager.dll
2017-03-02 15:44 - 2016-11-11 02:41 - 04311736 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-03-02 15:44 - 2016-11-11 02:19 - 00298496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2017-03-02 15:44 - 2016-11-11 02:18 - 01336320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll
2017-03-02 15:44 - 2016-11-11 02:18 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
2017-03-02 15:44 - 2016-11-11 02:14 - 00395264 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmenrollengine.dll
2017-03-02 15:44 - 2016-11-11 02:06 - 00400384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2017-03-02 15:44 - 2016-11-11 02:05 - 03370496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepository.dll
2017-03-02 15:44 - 2016-11-11 02:04 - 02682880 _____ (Microsoft Corporation) C:\windows\SysWOW64\netshell.dll
2017-03-02 15:44 - 2016-11-11 02:04 - 00912896 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2017-03-02 15:44 - 2016-11-11 02:03 - 01576448 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2017-03-02 15:44 - 2016-11-11 02:03 - 01556480 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2017-03-02 15:44 - 2016-11-11 02:03 - 00772608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2017-03-02 15:44 - 2016-11-11 02:03 - 00565248 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2017-03-02 15:44 - 2016-11-11 02:02 - 00711680 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2017-03-02 15:44 - 2016-11-02 07:01 - 00484584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-03-02 15:44 - 2016-11-02 06:12 - 02255712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-03-02 15:44 - 2016-11-02 06:08 - 00602464 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2017-03-02 15:44 - 2016-11-02 06:08 - 00111968 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2017-03-02 15:44 - 2016-11-02 06:04 - 00596832 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2017-03-02 15:44 - 2016-11-02 06:03 - 02750936 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-03-02 15:44 - 2016-11-02 06:02 - 00848736 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2017-03-02 15:44 - 2016-11-02 06:02 - 00682816 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-03-02 15:44 - 2016-11-02 06:02 - 00238056 _____ (Microsoft Corporation) C:\windows\system32\weretw.dll
2017-03-02 15:44 - 2016-11-02 06:02 - 00148832 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2017-03-02 15:44 - 2016-11-02 05:43 - 00731136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d8.dll
2017-03-02 15:44 - 2016-11-02 05:40 - 00548352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ddraw.dll
2017-03-02 15:44 - 2016-11-02 05:35 - 00336896 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2017-03-02 15:44 - 2016-11-02 05:34 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2017-03-02 15:44 - 2016-11-02 05:32 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\efsext.dll
2017-03-02 15:44 - 2016-11-02 05:31 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-03-02 15:44 - 2016-11-02 05:30 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\FlightSettings.dll
2017-03-02 15:44 - 2016-11-02 05:30 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\PsmServiceExtHost.dll
2017-03-02 15:44 - 2016-11-02 05:30 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2017-03-02 15:44 - 2016-11-02 05:29 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\FSClient.dll
2017-03-02 15:44 - 2016-11-02 05:28 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2017-03-02 15:44 - 2016-11-02 05:28 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-02 15:44 - 2016-11-02 05:28 - 00274432 _____ (Microsoft Corporation) C:\windows\system32\ListSvc.dll
2017-03-02 15:44 - 2016-11-02 05:28 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2017-03-02 15:44 - 2016-11-02 05:27 - 00631296 _____ (Microsoft Corporation) C:\windows\system32\WlanMediaManager.dll
2017-03-02 15:44 - 2016-11-02 05:26 - 01509376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-03-02 15:44 - 2016-11-02 05:23 - 03106304 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-03-02 15:44 - 2016-11-02 05:16 - 00265728 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2017-03-02 15:44 - 2016-11-02 04:11 - 00788624 _____ C:\windows\SysWOW64\locale.nls
2017-03-02 15:44 - 2016-11-02 04:11 - 00788624 _____ C:\windows\system32\locale.nls
2017-03-02 15:44 - 2016-11-02 03:20 - 00446896 _____ C:\windows\system32\ApnDatabase.xml
2017-03-02 15:44 - 2016-10-14 23:51 - 00283488 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2017-03-02 15:44 - 2016-10-14 23:30 - 00509280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-03-02 15:44 - 2016-10-14 23:30 - 00341936 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2017-03-02 15:44 - 2016-10-14 23:29 - 00908640 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2017-03-02 15:44 - 2016-10-14 23:29 - 00079200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2017-03-02 15:44 - 2016-10-14 23:21 - 00584032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2017-03-02 15:44 - 2016-10-14 23:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2017-03-02 15:44 - 2016-10-14 22:59 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\stdole2.tlb
2017-03-02 15:44 - 2016-10-14 22:56 - 00339968 _____ (Microsoft Corporation) C:\windows\system32\esentutl.exe
2017-03-02 15:44 - 2016-10-14 22:55 - 00265728 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2017-03-02 15:44 - 2016-10-14 22:51 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2017-03-02 15:44 - 2016-10-14 22:50 - 00438784 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2017-03-02 15:44 - 2016-10-14 22:48 - 01323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_fs.dll
2017-03-02 15:44 - 2016-10-14 22:47 - 01113600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_health.dll
2017-03-02 15:44 - 2016-10-14 22:43 - 02748928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2017-03-02 15:44 - 2016-10-14 22:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.exe
2017-03-02 15:44 - 2016-10-14 22:41 - 00945664 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2017-03-02 15:44 - 2016-10-14 22:38 - 00675840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2017-03-02 15:44 - 2016-10-14 22:37 - 01643008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.dll
2017-03-02 15:44 - 2016-10-14 22:37 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\cmifw.dll
2017-03-02 15:44 - 2016-10-14 22:36 - 00542208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-03-02 15:44 - 2016-10-14 22:35 - 02708992 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2017-03-02 15:44 - 2016-10-14 22:34 - 02476544 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-03-02 15:44 - 2016-10-05 05:22 - 01181536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2017-03-02 15:44 - 2016-10-05 05:17 - 01322848 _____ (Microsoft Corporation) C:\windows\system32\wpx.dll
2017-03-02 15:44 - 2016-10-05 05:12 - 01112928 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2017-03-02 15:44 - 2016-10-05 04:50 - 00116576 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudExperienceHostCommon.dll
2017-03-02 15:44 - 2016-10-05 04:48 - 01022304 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2017-03-02 15:44 - 2016-10-05 04:38 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
2017-03-02 15:44 - 2016-10-05 04:38 - 00237568 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.Diagnostics.dll
2017-03-02 15:44 - 2016-10-05 04:33 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\UserMgrProxy.dll
2017-03-02 15:44 - 2016-10-05 04:31 - 00561664 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Wallet.dll
2017-03-02 15:44 - 2016-10-05 04:31 - 00425472 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2017-03-02 15:44 - 2016-10-05 04:30 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2017-03-02 15:44 - 2016-10-05 04:29 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2017-03-02 15:44 - 2016-10-05 04:28 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
2017-03-02 15:44 - 2016-10-05 04:26 - 00590848 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-03-02 15:44 - 2016-10-05 04:26 - 00184320 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserMgrProxy.dll
2017-03-02 15:44 - 2016-10-05 04:24 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll
2017-03-02 15:44 - 2016-10-05 04:14 - 01456640 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2017-03-02 15:44 - 2016-10-05 04:13 - 00055808 _____ (Microsoft Corporation) C:\windows\SysWOW64\offreg.dll
2017-03-02 15:44 - 2016-10-05 04:07 - 00589312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Sensors.dll
2017-03-02 15:44 - 2016-10-05 04:06 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.Http.dll
2017-03-02 15:44 - 2016-10-05 04:05 - 00751104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-02 15:44 - 2016-09-15 12:37 - 00402352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
2017-03-02 15:44 - 2016-09-15 12:30 - 00646136 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-03-02 15:44 - 2016-09-15 12:29 - 00512416 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2017-03-02 15:44 - 2016-09-15 12:29 - 00424640 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
2017-03-02 15:44 - 2016-09-15 12:20 - 00634944 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2017-03-02 15:44 - 2016-09-15 12:16 - 01157000 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2017-03-02 15:44 - 2016-09-15 12:06 - 00372440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.MediaControl.dll
2017-03-02 15:44 - 2016-09-15 11:59 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinRtTracing.dll
2017-03-02 15:44 - 2016-09-15 11:58 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlancfg.dll
2017-03-02 15:44 - 2016-09-15 11:56 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-02 15:44 - 2016-09-15 11:56 - 00262656 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2017-03-02 15:44 - 2016-09-15 11:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-03-02 15:44 - 2016-09-15 11:55 - 00332288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-03-02 15:44 - 2016-09-15 11:54 - 00461312 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2017-03-02 15:44 - 2016-09-15 11:53 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.dll
2017-03-02 15:44 - 2016-09-15 11:51 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\CryptoWinRT.dll
2017-03-02 15:44 - 2016-09-15 11:50 - 01534464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-02 15:44 - 2016-09-15 11:49 - 00468992 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-03-02 15:44 - 2016-09-15 11:47 - 00355328 _____ (Microsoft Corporation) C:\windows\SysWOW64\RTMediaFrame.dll
2017-03-02 15:44 - 2016-09-15 11:46 - 00713216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2017-03-02 15:44 - 2016-09-15 11:43 - 03520512 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2017-03-02 15:44 - 2016-09-15 11:43 - 00433664 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
2017-03-02 15:44 - 2016-09-15 11:42 - 00719872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_sr.dll
2017-03-02 15:44 - 2016-09-15 11:42 - 00492544 _____ (Microsoft Corporation) C:\windows\system32\nltest.exe
2017-03-02 15:44 - 2016-09-15 11:40 - 01656320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Perception.dll
2017-03-02 15:44 - 2016-09-15 11:39 - 01232384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-02 15:44 - 2016-09-15 11:39 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-02 15:44 - 2016-09-15 11:38 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-02 15:44 - 2016-09-15 11:37 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\biwinrt.dll
2017-03-02 15:44 - 2016-09-15 11:36 - 00686592 _____ (Microsoft Corporation) C:\windows\system32\dsregcmd.exe
2017-03-02 15:44 - 2016-09-15 11:35 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2017-03-02 15:44 - 2016-09-15 11:35 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\sppcext.dll
2017-03-02 15:44 - 2016-09-15 11:35 - 00358400 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2017-03-02 15:44 - 2016-09-15 11:35 - 00331776 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2017-03-02 15:44 - 2016-09-15 11:34 - 00560640 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2017-03-02 15:44 - 2016-09-15 11:33 - 00966144 _____ (Microsoft Corporation) C:\windows\system32\sbe.dll
2017-03-02 15:44 - 2016-09-15 11:33 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
2017-03-02 15:44 - 2016-09-15 11:32 - 00361472 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2017-03-02 15:44 - 2016-09-15 11:30 - 01227264 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-03-02 15:44 - 2016-09-15 11:30 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-03-02 15:44 - 2016-09-15 11:29 - 01082368 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2017-03-02 15:44 - 2016-09-15 11:27 - 00228352 _____ (Microsoft Corporation) C:\windows\system32\MSAC3ENC.DLL
2017-03-02 15:44 - 2016-09-15 11:26 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\BitLockerDeviceEncryption.exe
2017-03-02 15:44 - 2016-09-15 11:25 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-03-02 15:44 - 2016-09-15 11:24 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Ocr.dll
2017-03-02 15:44 - 2016-09-15 11:23 - 01361408 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2017-03-02 15:44 - 2016-09-15 11:23 - 01020928 _____ (Microsoft Corporation) C:\windows\system32\usermgr.dll
2017-03-02 15:44 - 2016-09-15 11:19 - 03202048 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2017-03-02 15:44 - 2016-09-15 11:16 - 01817088 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2017-03-02 15:44 - 2016-08-05 22:33 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\smphost.dll
2017-03-02 15:44 - 2016-08-05 03:29 - 00568832 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.UXRes.dll
2017-03-02 15:44 - 2016-08-01 23:30 - 00822784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2017-03-02 15:43 - 2016-12-21 02:49 - 00328008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Storage.ApplicationData.dll
2017-03-02 15:43 - 2016-12-21 02:14 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\LaunchWinApp.exe
2017-03-02 15:43 - 2016-12-21 02:09 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\OneBackupHandler.dll
2017-03-02 15:43 - 2016-12-21 02:09 - 00363520 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BioFeedback.dll
2017-03-02 15:43 - 2016-12-21 02:08 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-03-02 15:43 - 2016-12-21 02:08 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-02 15:43 - 2016-12-21 02:08 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2017-03-02 15:43 - 2016-12-21 02:07 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2017-03-02 15:43 - 2016-12-21 02:06 - 00310784 _____ (Microsoft Corporation) C:\windows\system32\SyncSettings.dll
2017-03-02 15:43 - 2016-12-21 02:06 - 00260608 _____ (Microsoft Corporation) C:\windows\system32\InstallAgentUserBroker.exe
2017-03-02 15:43 - 2016-12-21 02:06 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-03-02 15:43 - 2016-12-21 02:05 - 00425984 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2017-03-02 15:43 - 2016-12-21 02:05 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\indexeddbserver.dll
2017-03-02 15:43 - 2016-12-21 02:05 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Shell.dll
2017-03-02 15:43 - 2016-12-21 01:56 - 00947712 _____ (Microsoft Corporation) C:\windows\system32\MSVP9DEC.dll
2017-03-02 15:43 - 2016-12-21 01:54 - 05511680 _____ (Microsoft Corporation) C:\windows\system32\aclui.dll
2017-03-02 15:43 - 2016-12-21 01:53 - 06664192 _____ (Microsoft Corporation) C:\windows\system32\mspaint.exe
2017-03-02 15:43 - 2016-12-21 01:49 - 02691072 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2017-03-02 15:43 - 2016-12-21 01:49 - 01062912 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2017-03-02 15:43 - 2016-12-21 00:02 - 03892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2017-03-02 15:43 - 2016-12-21 00:02 - 01852720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2017-03-02 15:43 - 2016-12-21 00:02 - 01360464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2017-03-02 15:43 - 2016-12-21 00:02 - 01277344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2017-03-02 15:43 - 2016-12-21 00:02 - 01201872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2017-03-02 15:43 - 2016-12-21 00:02 - 00980832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2017-03-02 15:43 - 2016-12-20 23:46 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\LaunchWinApp.exe
2017-03-02 15:43 - 2016-12-20 23:40 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
2017-03-02 15:43 - 2016-12-20 23:40 - 00237056 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncSettings.dll
2017-03-02 15:43 - 2016-12-20 23:35 - 04612608 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2017-03-02 15:43 - 2016-12-20 23:35 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\indexeddbserver.dll
2017-03-02 15:43 - 2016-12-20 23:27 - 00640000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCRecvSrc.dll
2017-03-02 15:43 - 2016-12-20 23:25 - 06474752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspaint.exe
2017-03-02 15:43 - 2016-12-14 00:41 - 00590960 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2017-03-02 15:43 - 2016-12-14 00:33 - 01356864 _____ (Microsoft Corporation) C:\windows\system32\ClipUp.exe
2017-03-02 15:43 - 2016-12-14 00:19 - 00584544 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2017-03-02 15:43 - 2016-12-14 00:18 - 00715104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2017-03-02 15:43 - 2016-12-14 00:14 - 00418952 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2017-03-02 15:43 - 2016-12-14 00:14 - 00089416 _____ (Microsoft Corporation) C:\windows\system32\remoteaudioendpoint.dll
2017-03-02 15:43 - 2016-12-14 00:01 - 00076984 _____ (Microsoft Corporation) C:\windows\SysWOW64\remoteaudioendpoint.dll
2017-03-02 15:43 - 2016-12-13 23:46 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-03-02 15:43 - 2016-12-13 23:42 - 00352768 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2017-03-02 15:43 - 2016-12-13 23:42 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-03-02 15:43 - 2016-12-13 23:41 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-03-02 15:43 - 2016-12-13 23:40 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\domgmt.dll
2017-03-02 15:43 - 2016-12-13 23:40 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudBackupSettings.dll
2017-03-02 15:43 - 2016-12-13 23:39 - 00837632 _____ (Microsoft Corporation) C:\windows\system32\wbiosrvc.dll
2017-03-02 15:43 - 2016-12-13 23:39 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\updatehandlers.dll
2017-03-02 15:43 - 2016-12-13 23:39 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.CredDialogController.dll
2017-03-02 15:43 - 2016-12-13 23:36 - 01002496 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2017-03-02 15:43 - 2016-12-13 23:35 - 00712192 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-03-02 15:43 - 2016-12-13 23:32 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\LogonController.dll
2017-03-02 15:43 - 2016-12-13 23:25 - 02009600 _____ (Microsoft Corporation) C:\windows\system32\SRHInproc.dll
2017-03-02 15:43 - 2016-12-13 23:23 - 01231872 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2017-03-02 15:43 - 2016-12-13 23:22 - 02748416 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2017-03-02 15:43 - 2016-12-13 23:21 - 03616768 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2017-03-02 15:43 - 2016-12-09 05:30 - 00377184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2017-03-02 15:43 - 2016-12-09 05:27 - 00172528 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-03-02 15:43 - 2016-12-09 05:20 - 00402272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-03-02 15:43 - 2016-12-09 05:19 - 01293152 _____ (Microsoft Corporation) C:\windows\system32\LicenseManager.dll
2017-03-02 15:43 - 2016-12-09 05:15 - 08168000 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2017-03-02 15:43 - 2016-12-09 05:14 - 01274712 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-03-02 15:43 - 2016-12-09 05:10 - 01572768 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2017-03-02 15:43 - 2016-12-09 05:10 - 01461200 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-03-02 15:43 - 2016-12-09 04:57 - 06668040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-02 15:43 - 2016-12-09 04:52 - 01435896 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2017-03-02 15:43 - 2016-12-09 04:42 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2017-03-02 15:43 - 2016-12-09 04:33 - 01589760 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2017-03-02 15:43 - 2016-12-09 04:32 - 00635904 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-03-02 15:43 - 2016-12-09 04:31 - 00313856 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppXDeploymentClient.dll
2017-03-02 15:43 - 2016-12-09 04:28 - 03306496 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2017-03-02 15:43 - 2016-12-09 04:28 - 01004544 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2017-03-02 15:43 - 2016-12-09 04:27 - 13084160 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-03-02 15:43 - 2016-12-09 04:27 - 05114368 _____ (Microsoft Corporation) C:\windows\system32\cdp.dll
2017-03-02 15:43 - 2016-12-09 04:23 - 12177920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-03-02 15:43 - 2016-12-09 04:21 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2017-03-02 15:43 - 2016-12-09 04:20 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2017-03-02 15:43 - 2016-12-09 04:20 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\DeviceEnroller.exe
2017-03-02 15:43 - 2016-11-11 05:12 - 00128352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2017-03-02 15:43 - 2016-11-11 05:03 - 00266544 _____ (Microsoft Corporation) C:\windows\system32\policymanager.dll
2017-03-02 15:43 - 2016-11-11 05:02 - 00360040 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2017-03-02 15:43 - 2016-11-11 05:01 - 07219672 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2017-03-02 15:43 - 2016-11-11 05:01 - 01859264 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2017-03-02 15:43 - 2016-11-11 04:56 - 00163752 _____ (Microsoft Corporation) C:\windows\system32\RTWorkQ.dll
2017-03-02 15:43 - 2016-11-11 04:54 - 01418312 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2017-03-02 15:43 - 2016-11-11 04:31 - 00366080 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2017-03-02 15:43 - 2016-11-11 04:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\lpremove.exe
2017-03-02 15:43 - 2016-11-11 04:26 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-03-02 15:43 - 2016-11-11 04:26 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\ReportingCSP.dll
2017-03-02 15:43 - 2016-11-11 04:25 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\DisplayManager.dll
2017-03-02 15:43 - 2016-11-11 04:25 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\dmcertinst.exe
2017-03-02 15:43 - 2016-11-11 04:25 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\HttpsDataSource.dll
2017-03-02 15:43 - 2016-11-11 04:24 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\ACPBackgroundManagerPolicy.dll
2017-03-02 15:43 - 2016-11-11 04:24 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\VEStoreEventHandlers.dll
2017-03-02 15:43 - 2016-11-11 04:24 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sendmail.dll
2017-03-02 15:43 - 2016-11-11 04:24 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\VPNv2CSP.dll
2017-03-02 15:43 - 2016-11-11 04:23 - 00567296 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2017-03-02 15:43 - 2016-11-11 04:23 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnr.dll
2017-03-02 15:43 - 2016-11-11 04:23 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\EAMProgressHandler.dll
2017-03-02 15:43 - 2016-11-11 04:22 - 00143360 _____ (Microsoft Corporation) C:\windows\system32\EDPCleanup.exe
2017-03-02 15:43 - 2016-11-11 04:21 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2017-03-02 15:43 - 2016-11-11 04:21 - 00587776 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2017-03-02 15:43 - 2016-11-11 04:21 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\ngccredprov.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\efswrt.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00574464 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_StorageSense.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00407552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\cryptngc.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\cdpusersvc.dll
2017-03-02 15:43 - 2016-11-11 04:20 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00495104 _____ (Microsoft Corporation) C:\windows\system32\DataSenseHandlers.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\cdpsvc.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00389632 _____ (Microsoft Corporation) C:\windows\system32\ActivationManager.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00388096 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00366080 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00320000 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-02 15:43 - 2016-11-11 04:19 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\EnterpriseAppMgmtSvc.dll
2017-03-02 15:43 - 2016-11-11 04:17 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\ProvSysprep.dll
2017-03-02 15:43 - 2016-11-11 04:13 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\StorSvc.dll
2017-03-02 15:43 - 2016-11-11 04:12 - 00870912 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2017-03-02 15:43 - 2016-11-11 04:09 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2017-03-02 15:43 - 2016-11-11 04:07 - 00991232 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2017-03-02 15:43 - 2016-11-11 04:07 - 00347648 _____ (Microsoft Corporation) C:\windows\system32\rascustom.dll
2017-03-02 15:43 - 2016-11-11 04:06 - 03400192 _____ (Microsoft Corporation) C:\windows\system32\SyncCenter.dll
2017-03-02 15:43 - 2016-11-11 04:06 - 00960000 _____ (Microsoft Corporation) C:\windows\system32\modernexecserver.dll
2017-03-02 15:43 - 2016-11-11 04:05 - 02852864 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-02 15:43 - 2016-11-11 04:04 - 00691712 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2017-03-02 15:43 - 2016-11-11 04:04 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\dmenrollengine.dll
2017-03-02 15:43 - 2016-11-11 04:04 - 00389632 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2017-03-02 15:43 - 2016-11-11 04:03 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2017-03-02 15:43 - 2016-11-11 04:02 - 03542016 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2017-03-02 15:43 - 2016-11-11 04:02 - 01726976 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2017-03-02 15:43 - 2016-11-11 02:59 - 01572768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-03-02 15:43 - 2016-11-11 02:54 - 00122208 _____ (Microsoft Corporation) C:\windows\SysWOW64\migisol.dll
2017-03-02 15:43 - 2016-11-11 02:42 - 01123912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2017-03-02 15:43 - 2016-11-11 02:42 - 00952416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2017-03-02 15:43 - 2016-11-11 02:42 - 00374448 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFPlay.dll
2017-03-02 15:43 - 2016-11-11 02:42 - 00152416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RTWorkQ.dll
2017-03-02 15:43 - 2016-11-11 02:42 - 00091936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfaudiocnv.dll
2017-03-02 15:43 - 2016-11-11 02:41 - 00157536 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudStorageWizard.exe
2017-03-02 15:43 - 2016-11-11 02:24 - 00519168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ngccredprov.dll
2017-03-02 15:43 - 2016-11-11 02:24 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\BcastDVRHelper.dll
2017-03-02 15:43 - 2016-11-11 02:24 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-02 15:43 - 2016-11-11 02:23 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppCapture.dll
2017-03-02 15:43 - 2016-11-11 02:23 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-03-02 15:43 - 2016-11-11 02:22 - 00505856 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcastdvr.exe
2017-03-02 15:43 - 2016-11-11 02:22 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\sendmail.dll
2017-03-02 15:43 - 2016-11-11 02:21 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-03-02 15:43 - 2016-11-11 02:20 - 00306176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2017-03-02 15:43 - 2016-11-11 02:19 - 00506880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2017-03-02 15:43 - 2016-11-11 02:19 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
2017-03-02 15:43 - 2016-11-11 02:15 - 00348672 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2017-03-02 15:43 - 2016-11-11 02:15 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptngc.dll
2017-03-02 15:43 - 2016-11-11 02:10 - 00746496 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdtcprx.dll
2017-03-02 15:43 - 2016-11-11 02:09 - 00545280 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmkvsrcsnk.dll
2017-03-02 15:43 - 2016-11-11 02:08 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\xolehlp.dll
2017-03-02 15:43 - 2016-11-11 02:06 - 00359936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxclu.dll
2017-03-02 15:43 - 2016-11-11 02:05 - 04423680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-03-02 15:43 - 2016-11-11 02:04 - 01992704 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-03-02 15:43 - 2016-11-11 02:04 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2017-03-02 15:43 - 2016-11-11 02:03 - 02484736 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2017-03-02 15:43 - 2016-11-02 07:01 - 00315744 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-03-02 15:43 - 2016-11-02 06:22 - 00601712 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-03-02 15:43 - 2016-11-02 06:20 - 00378720 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-03-02 15:43 - 2016-11-02 06:13 - 00423776 _____ (Microsoft Corporation) C:\windows\system32\wifitask.exe
2017-03-02 15:43 - 2016-11-02 06:01 - 00545936 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2017-03-02 15:43 - 2016-11-02 06:00 - 00534096 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2017-03-02 15:43 - 2016-11-02 05:56 - 01609920 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
2017-03-02 15:43 - 2016-11-02 05:56 - 00628552 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2017-03-02 15:43 - 2016-11-02 05:56 - 00322912 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-03-02 15:43 - 2016-11-02 05:55 - 00048992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\iorate.sys
2017-03-02 15:43 - 2016-11-02 05:48 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-03-02 15:43 - 2016-11-02 05:48 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\efsext.dll
2017-03-02 15:43 - 2016-11-02 05:44 - 00089088 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthExt.dll
2017-03-02 15:43 - 2016-11-02 05:43 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-03-02 15:43 - 2016-11-02 05:43 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-03-02 15:43 - 2016-11-02 05:42 - 00632832 _____ (Microsoft Corporation) C:\windows\SysWOW64\sud.dll
2017-03-02 15:43 - 2016-11-02 05:40 - 00896512 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontext.dll
2017-03-02 15:43 - 2016-11-02 05:39 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2017-03-02 15:43 - 2016-11-02 05:38 - 00760832 _____ (Microsoft Corporation) C:\windows\SysWOW64\appwiz.cpl
2017-03-02 15:43 - 2016-11-02 05:31 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\WpcTok.exe
2017-03-02 15:43 - 2016-11-02 05:29 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-03-02 15:43 - 2016-11-02 05:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-03-02 15:43 - 2016-11-02 05:28 - 00411136 _____ (Microsoft Corporation) C:\windows\system32\DeviceCenter.dll
2017-03-02 15:43 - 2016-11-02 05:28 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-02 15:43 - 2016-11-02 05:28 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\NetworkDesktopSettings.dll
2017-03-02 15:43 - 2016-11-02 05:28 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-03-02 15:43 - 2016-11-02 05:27 - 02458112 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
2017-03-02 15:43 - 2016-11-02 05:27 - 00580608 _____ (Microsoft Corporation) C:\windows\SysWOW64\hgcpl.dll
2017-03-02 15:43 - 2016-11-02 05:27 - 00545792 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2017-03-02 15:43 - 2016-11-02 05:27 - 00422400 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.dll
2017-03-02 15:43 - 2016-11-02 05:25 - 00655872 _____ (Microsoft Corporation) C:\windows\system32\sud.dll
2017-03-02 15:43 - 2016-11-02 05:25 - 00541696 _____ (Microsoft Corporation) C:\windows\system32\ipnathlp.dll
2017-03-02 15:43 - 2016-11-02 05:25 - 00496128 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-02 15:43 - 2016-11-02 05:24 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\fontext.dll
2017-03-02 15:43 - 2016-11-02 05:23 - 02356736 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2017-03-02 15:43 - 2016-11-02 05:23 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\ErrorDetailsUpdate.dll
2017-03-02 15:43 - 2016-11-02 05:22 - 00369664 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2017-03-02 15:43 - 2016-11-02 05:22 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2017-03-02 15:43 - 2016-11-02 05:21 - 00942080 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-03-02 15:43 - 2016-11-02 05:20 - 00167936 _____ (Microsoft Corporation) C:\windows\system32\ErrorDetails.dll
2017-03-02 15:43 - 2016-11-02 05:19 - 01586176 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2017-03-02 15:43 - 2016-11-02 05:19 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\NPSM.dll
2017-03-02 15:43 - 2016-11-02 05:19 - 00089088 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2017-03-02 15:43 - 2016-11-02 05:18 - 00836608 _____ (Microsoft Corporation) C:\windows\system32\WpcRefreshTask.dll
2017-03-02 15:43 - 2016-11-02 05:17 - 00982528 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-03-02 15:43 - 2016-11-02 05:17 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
2017-03-02 15:43 - 2016-11-02 05:16 - 02512384 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
2017-03-02 15:43 - 2016-11-02 05:16 - 01637888 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-03-02 15:43 - 2016-11-02 05:16 - 00881664 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-03-02 15:43 - 2016-11-02 05:16 - 00629248 _____ (Microsoft Corporation) C:\windows\system32\hgcpl.dll
2017-03-02 15:43 - 2016-11-02 05:15 - 01348608 _____ (Microsoft Corporation) C:\windows\system32\wifinetworkmanager.dll
2017-03-02 15:43 - 2016-11-02 05:15 - 00483328 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2017-03-02 15:43 - 2016-11-02 05:13 - 00322048 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2017-03-02 15:43 - 2016-10-14 23:48 - 00498952 _____ (Microsoft Corporation) C:\windows\system32\DolbyDecMFT.dll
2017-03-02 15:43 - 2016-10-14 23:38 - 00500064 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2017-03-02 15:43 - 2016-10-14 23:19 - 00272720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2017-03-02 15:43 - 2016-10-14 23:15 - 00687936 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvproc.dll
2017-03-02 15:43 - 2016-10-14 23:05 - 07216640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-03-02 15:43 - 2016-10-14 23:00 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\twinui.pcshell.dll
2017-03-02 15:43 - 2016-10-14 22:59 - 00187904 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfksproxy.dll
2017-03-02 15:43 - 2016-10-14 22:57 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2017-03-02 15:43 - 2016-10-14 22:57 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\dtdump.exe
2017-03-02 15:43 - 2016-10-14 22:56 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFi.dll
2017-03-02 15:43 - 2016-10-14 22:56 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2017-03-02 15:43 - 2016-10-14 22:56 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\BthRadioMedia.dll
2017-03-02 15:43 - 2016-10-14 22:56 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2017-03-02 15:43 - 2016-10-14 22:55 - 00329216 _____ (Microsoft Corporation) C:\windows\system32\wc_storage.dll
2017-03-02 15:43 - 2016-10-14 22:55 - 00236544 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Flights.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00717312 _____ (Microsoft Corporation) C:\windows\system32\taskbarcpl.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\daxexec.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00410112 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\dafBth.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingFolder.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoplay.dll
2017-03-02 15:43 - 2016-10-14 22:54 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2017-03-02 15:43 - 2016-10-14 22:52 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\systemcpl.dll
2017-03-02 15:43 - 2016-10-14 22:52 - 00163328 _____ (Microsoft Corporation) C:\windows\system32\autoplay.dll
2017-03-02 15:43 - 2016-10-14 22:51 - 00226304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2017-03-02 15:43 - 2016-10-14 22:50 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Bluetooth.dll
2017-03-02 15:43 - 2016-10-14 22:49 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\MDMAppInstaller.exe
2017-03-02 15:43 - 2016-10-14 22:47 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-03-02 15:43 - 2016-10-14 22:46 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-03-02 15:43 - 2016-10-14 22:46 - 00471552 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-02 15:43 - 2016-10-14 22:45 - 01790464 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2017-03-02 15:43 - 2016-10-14 22:45 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Playback.MediaPlayer.dll
2017-03-02 15:43 - 2016-10-14 22:44 - 00747008 _____ (Microsoft Corporation) C:\windows\SysWOW64\RemoteNaturalLanguage.dll
2017-03-02 15:43 - 2016-10-14 22:44 - 00470016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-03-02 15:43 - 2016-10-14 22:42 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Geolocation.dll
2017-03-02 15:43 - 2016-10-14 22:42 - 00459776 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-03-02 15:43 - 2016-10-14 22:37 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-03-02 15:43 - 2016-10-14 22:36 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
2017-03-02 15:43 - 2016-10-14 22:36 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmifw.dll
2017-03-02 15:43 - 2016-10-05 05:13 - 00146784 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostCommon.dll
2017-03-02 15:43 - 2016-10-05 04:49 - 01980768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-03-02 15:43 - 2016-10-05 04:36 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-02 15:43 - 2016-10-05 04:35 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.dll
2017-03-02 15:43 - 2016-10-05 04:35 - 00101888 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.Ngc.dll
2017-03-02 15:43 - 2016-10-05 04:34 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2017-03-02 15:43 - 2016-10-05 04:32 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2017-03-02 15:43 - 2016-10-05 04:31 - 00480768 _____ (Microsoft Corporation) C:\windows\system32\dsreg.dll
2017-03-02 15:43 - 2016-10-05 04:31 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ConfigureExpandedStorage.dll
2017-03-02 15:43 - 2016-10-05 04:28 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDeviceRegistration.dll
2017-03-02 15:43 - 2016-10-05 04:28 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.HostName.dll
2017-03-02 15:43 - 2016-10-05 04:27 - 00945664 _____ (Microsoft Corporation) C:\windows\system32\WpcWebFilter.dll
2017-03-02 15:43 - 2016-10-05 04:26 - 00088576 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-02 15:43 - 2016-10-05 04:25 - 00404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsreg.dll
2017-03-02 15:43 - 2016-10-05 04:24 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-02 15:43 - 2016-10-05 04:23 - 00426496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-02 15:43 - 2016-10-05 04:22 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\offreg.dll
2017-03-02 15:43 - 2016-10-05 04:20 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\WpcWebFilter.dll
2017-03-02 15:43 - 2016-10-05 04:20 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2017-03-02 15:43 - 2016-10-05 04:19 - 02390016 _____ (Microsoft Corporation) C:\windows\system32\smartscreen.exe
2017-03-02 15:43 - 2016-10-05 04:18 - 01656832 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2017-03-02 15:43 - 2016-10-05 04:18 - 00983040 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2017-03-02 15:43 - 2016-10-05 04:18 - 00759296 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-03-02 15:43 - 2016-10-05 04:17 - 00089088 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll
2017-03-02 15:43 - 2016-10-05 04:16 - 00508416 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-03-02 15:43 - 2016-10-05 04:15 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\dialclient.dll
2017-03-02 15:43 - 2016-10-05 04:09 - 00691712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-03-02 15:43 - 2016-10-05 04:08 - 00598528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2017-03-02 15:43 - 2016-09-15 12:33 - 00083120 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2017-03-02 15:43 - 2016-09-15 12:30 - 00354264 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2017-03-02 15:43 - 2016-09-15 12:29 - 00218008 _____ (Microsoft Corporation) C:\windows\system32\LsaIso.exe
2017-03-02 15:43 - 2016-09-15 12:29 - 00169056 _____ (Microsoft Corporation) C:\windows\system32\skci.dll
2017-03-02 15:43 - 2016-09-15 12:23 - 00170960 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-03-02 15:43 - 2016-09-15 12:18 - 00856872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2017-03-02 15:43 - 2016-09-15 12:16 - 00206096 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-03-02 15:43 - 2016-09-15 12:14 - 00119648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wcifs.sys
2017-03-02 15:43 - 2016-09-15 12:07 - 00128864 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2017-03-02 15:43 - 2016-09-15 12:03 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\TempSignedLicenseExchangeTask.dll
2017-03-02 15:43 - 2016-09-15 12:01 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\findnetprinters.dll
2017-03-02 15:43 - 2016-09-15 12:00 - 00554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2017-03-02 15:43 - 2016-09-15 11:58 - 00129024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-02 15:43 - 2016-09-15 11:58 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-03-02 15:43 - 2016-09-15 11:56 - 00057856 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicenseManagerApi.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00575488 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00562176 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetworkCollectionAgent.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00386048 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00218624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WwaApi.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00185856 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-02 15:43 - 2016-09-15 11:55 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Scanners.dll
2017-03-02 15:43 - 2016-09-15 11:53 - 00340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-03-02 15:43 - 2016-09-15 11:52 - 00816640 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
2017-03-02 15:43 - 2016-09-15 11:52 - 00525824 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2017-03-02 15:43 - 2016-09-15 11:52 - 00445952 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
2017-03-02 15:43 - 2016-09-15 11:47 - 01077760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Editing.dll
2017-03-02 15:43 - 2016-09-15 11:46 - 00795648 _____ (Microsoft Corporation) C:\windows\SysWOW64\MiracastReceiver.dll
2017-03-02 15:43 - 2016-09-15 11:46 - 00343040 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToDevice.dll
2017-03-02 15:43 - 2016-09-15 11:42 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2017-03-02 15:43 - 2016-09-15 11:42 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winhvr.sys
2017-03-02 15:43 - 2016-09-15 11:42 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\BackgroundMediaPolicy.dll
2017-03-02 15:43 - 2016-09-15 11:41 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\Family.SyncEngine.dll
2017-03-02 15:43 - 2016-09-15 11:41 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\Family.Client.dll
2017-03-02 15:43 - 2016-09-15 11:41 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Family.Authentication.dll
2017-03-02 15:43 - 2016-09-15 11:41 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Printers.dll
2017-03-02 15:43 - 2016-09-15 11:41 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\NfcRadioMedia.dll
2017-03-02 15:43 - 2016-09-15 11:40 - 02026496 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-03-02 15:43 - 2016-09-15 11:40 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Midi.dll
2017-03-02 15:43 - 2016-09-15 11:40 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\RMapi.dll
2017-03-02 15:43 - 2016-09-15 11:40 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.UserDeviceAssociation.dll
2017-03-02 15:43 - 2016-09-15 11:39 - 02740224 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2017-03-02 15:43 - 2016-09-15 11:39 - 01004544 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-02 15:43 - 2016-09-15 11:39 - 00547840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.Input.dll
2017-03-02 15:43 - 2016-09-15 11:39 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2017-03-02 15:43 - 2016-09-15 11:39 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Radios.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00691200 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00671232 _____ (Microsoft Corporation) C:\windows\system32\NetworkCollectionAgent.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00573952 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnrGidsHandler.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFiDirect.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\credprovhost.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SerialCommunication.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\PrintWSDAHost.dll
2017-03-02 15:43 - 2016-09-15 11:38 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2017-03-02 15:43 - 2016-09-15 11:37 - 00912384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.dll
2017-03-02 15:43 - 2016-09-15 11:37 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2017-03-02 15:43 - 2016-09-15 11:37 - 00568320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2017-03-02 15:43 - 2016-09-15 11:37 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Scanners.dll
2017-03-02 15:43 - 2016-09-15 11:36 - 00852480 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Import.dll
2017-03-02 15:43 - 2016-09-15 11:36 - 00387584 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-03-02 15:43 - 2016-09-15 11:36 - 00358912 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 01060352 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 01013248 _____ (Microsoft Corporation) C:\windows\system32\XblAuthManager.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 00949248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.PointOfService.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Bluetooth.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\deviceaccess.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 00280064 _____ (Microsoft Corporation) C:\windows\system32\DataExchange.dll
2017-03-02 15:43 - 2016-09-15 11:35 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\easwrt.dll
2017-03-02 15:43 - 2016-09-15 11:34 - 00671744 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2017-03-02 15:43 - 2016-09-15 11:34 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\AccountsRt.dll
2017-03-02 15:43 - 2016-09-15 11:34 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Usb.dll
2017-03-02 15:43 - 2016-09-15 11:33 - 03753984 _____ (Microsoft Corporation) C:\windows\system32\bootux.dll
2017-03-02 15:43 - 2016-09-15 11:33 - 00963584 _____ (Microsoft Corporation) C:\windows\system32\WebcamUi.dll
2017-03-02 15:43 - 2016-09-15 11:32 - 00634368 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-03-02 15:43 - 2016-09-15 11:30 - 01639424 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2017-03-02 15:43 - 2016-09-15 11:30 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\RTMediaFrame.dll
2017-03-02 15:43 - 2016-09-15 11:30 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Energy.dll
2017-03-02 15:43 - 2016-09-15 11:29 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll
2017-03-02 15:43 - 2016-09-15 11:28 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2017-03-02 15:43 - 2016-09-15 11:27 - 01078784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2017-03-02 15:43 - 2016-09-15 11:27 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2017-03-02 15:43 - 2016-09-15 11:27 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\SpaceControl.dll
2017-03-02 15:43 - 2016-09-15 11:27 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\fveui.dll
2017-03-02 15:43 - 2016-09-15 11:27 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\manage-bde.exe
2017-03-02 15:43 - 2016-09-15 11:27 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\fvenotify.exe
2017-03-02 15:43 - 2016-09-15 11:26 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
2017-03-02 15:43 - 2016-09-15 11:26 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\PlayToReceiver.dll
2017-03-02 15:43 - 2016-09-15 11:26 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\bdeui.dll
2017-03-02 15:43 - 2016-09-15 11:25 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\BackgroundMediaPolicy.dll
2017-03-02 15:43 - 2016-09-15 11:24 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-02 15:43 - 2016-09-15 11:24 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Devices.dll
2017-03-02 15:43 - 2016-09-15 11:23 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Midi.dll
2017-03-02 15:43 - 2016-09-15 11:22 - 00857600 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2017-03-02 15:43 - 2016-09-15 11:21 - 02208768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.3D.dll
2017-03-02 15:43 - 2016-09-15 11:21 - 00971264 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2017-03-02 15:43 - 2016-09-15 11:20 - 02424320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Perception.dll
2017-03-02 15:43 - 2016-09-15 11:20 - 02095616 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-03-02 15:43 - 2016-09-15 11:20 - 01275392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2017-03-02 15:43 - 2016-09-15 11:20 - 01266176 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2017-03-02 15:43 - 2016-09-15 11:20 - 00875520 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2017-03-02 15:43 - 2016-09-15 11:20 - 00845824 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2017-03-02 15:43 - 2016-09-15 11:16 - 00387072 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2017-03-02 15:43 - 2016-09-10 08:21 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\capimg.sys
2017-03-02 15:42 - 2016-12-21 03:04 - 07816032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-03-02 15:42 - 2016-12-21 02:42 - 00241504 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHost.dll
2017-03-02 15:42 - 2016-12-21 02:37 - 00455520 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2017-03-02 15:42 - 2016-12-21 02:13 - 00119808 _____ (Microsoft Corporation) C:\windows\system32\KnobsCsp.dll
2017-03-02 15:42 - 2016-12-21 02:12 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\ProvPluginEng.dll
2017-03-02 15:42 - 2016-12-21 02:10 - 00234496 _____ (Microsoft Corporation) C:\windows\system32\KnobsCore.dll
2017-03-02 15:42 - 2016-12-21 02:08 - 01292288 _____ (Microsoft Corporation) C:\windows\system32\MSVPXENC.dll
2017-03-02 15:42 - 2016-12-21 02:08 - 00349184 _____ (Microsoft Corporation) C:\windows\system32\provengine.dll
2017-03-02 15:42 - 2016-12-21 02:00 - 00440320 _____ (Microsoft Corporation) C:\windows\system32\fhcfg.dll
2017-03-02 15:42 - 2016-12-21 01:57 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\fhsettingsprovider.dll
2017-03-02 15:42 - 2016-12-21 01:53 - 01692672 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2017-03-02 15:42 - 2016-12-21 01:51 - 02275840 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2017-03-02 15:42 - 2016-12-20 23:24 - 05061120 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2017-03-02 15:42 - 2016-12-20 23:24 - 00886272 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2017-03-02 15:42 - 2016-12-20 23:22 - 00860672 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2017-03-02 15:42 - 2016-12-14 00:18 - 00335712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2017-03-02 15:42 - 2016-12-14 00:08 - 00341344 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-03-02 15:42 - 2016-12-14 00:06 - 00509792 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2017-03-02 15:42 - 2016-12-13 23:45 - 00147968 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32k.sys
2017-03-02 15:42 - 2016-12-13 23:40 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\ConsoleLogon.dll
2017-03-02 15:42 - 2016-12-13 23:40 - 00104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-03-02 15:42 - 2016-12-13 23:38 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\CloudBackupSettings.dll
2017-03-02 15:42 - 2016-12-13 23:32 - 00806400 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3D12.dll
2017-03-02 15:42 - 2016-12-13 23:22 - 02998272 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2017-03-02 15:42 - 2016-12-13 23:22 - 00707584 _____ (Microsoft Corporation) C:\windows\system32\LogonController.dll
2017-03-02 15:42 - 2016-12-09 05:34 - 01051112 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-03-02 15:42 - 2016-12-09 05:34 - 00894096 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-03-02 15:42 - 2016-12-09 05:33 - 01354320 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-03-02 15:42 - 2016-12-09 05:33 - 01173496 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-03-02 15:42 - 2016-12-09 05:01 - 02323728 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2017-03-02 15:42 - 2016-12-09 04:51 - 00117240 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-03-02 15:42 - 2016-12-09 04:45 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\WordBreakers.dll
2017-03-02 15:42 - 2016-12-09 04:22 - 02820096 _____ (Microsoft Corporation) C:\windows\system32\InputService.dll
2017-03-02 15:42 - 2016-12-09 04:20 - 03198464 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdp.dll
2017-03-02 15:42 - 2016-12-09 04:19 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\TextInputFramework.dll
2017-03-02 15:42 - 2016-12-09 04:19 - 00261120 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Core.TextInput.dll
2017-03-02 15:42 - 2016-12-09 04:19 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\InputLocaleManager.dll
2017-03-02 15:42 - 2016-12-09 04:19 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\EditBufferTestHook.dll
2017-03-02 15:42 - 2016-12-09 04:17 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2017-03-02 15:42 - 2016-11-11 05:15 - 00198856 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
2017-03-02 15:42 - 2016-11-11 04:56 - 00424616 _____ (Microsoft Corporation) C:\windows\system32\MFPlay.dll
2017-03-02 15:42 - 2016-11-11 04:25 - 00151040 _____ (Microsoft Corporation) C:\windows\system32\MapsBtSvc.dll
2017-03-02 15:42 - 2016-11-11 04:25 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\MosStorage.dll
2017-03-02 15:42 - 2016-11-11 04:22 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\moshost.dll
2017-03-02 15:42 - 2016-11-11 04:21 - 00313856 _____ (Microsoft Corporation) C:\windows\system32\moshostcore.dll
2017-03-02 15:42 - 2016-11-11 04:20 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2017-03-02 15:42 - 2016-11-11 04:17 - 01220096 _____ (Microsoft Corporation) C:\windows\system32\wscui.cpl
2017-03-02 15:42 - 2016-11-11 04:16 - 00184832 _____ (Microsoft Corporation) C:\windows\system32\wscsvc.dll
2017-03-02 15:42 - 2016-11-11 04:16 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\RjvMDMConfig.dll
2017-03-02 15:42 - 2016-11-11 04:15 - 00282624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-03-02 15:42 - 2016-11-11 04:15 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\wscinterop.dll
2017-03-02 15:42 - 2016-11-11 04:14 - 07654400 _____ (Microsoft Corporation) C:\windows\system32\mos.dll
2017-03-02 15:42 - 2016-11-11 04:14 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-03-02 15:42 - 2016-11-11 04:13 - 07812096 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2017-03-02 15:42 - 2016-11-11 04:13 - 00306176 _____ (Microsoft Corporation) C:\windows\system32\msdtcuiu.dll
2017-03-02 15:42 - 2016-11-11 04:08 - 00539136 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2017-03-02 15:42 - 2016-11-11 04:07 - 03441152 _____ (Microsoft Corporation) C:\windows\system32\MapRouter.dll
2017-03-02 15:42 - 2016-11-11 04:07 - 02953216 _____ (Microsoft Corporation) C:\windows\system32\MapGeocoder.dll
2017-03-02 15:42 - 2016-11-11 04:07 - 02510848 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2017-03-02 15:42 - 2016-11-11 04:07 - 01060864 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2017-03-02 15:42 - 2016-11-11 04:05 - 01031680 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2017-03-02 15:42 - 2016-11-11 04:03 - 04708864 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-03-02 15:42 - 2016-11-11 04:03 - 00905216 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2017-03-02 15:42 - 2016-11-11 04:02 - 00936448 _____ (Microsoft Corporation) C:\windows\system32\NMAA.dll
2017-03-02 15:42 - 2016-11-11 03:01 - 00167848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
2017-03-02 15:42 - 2016-11-11 02:48 - 02277248 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2017-03-02 15:42 - 2016-11-11 02:47 - 00527880 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2017-03-02 15:42 - 2016-11-11 02:27 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetCfgNotifyObjectHost.exe
2017-03-02 15:42 - 2016-11-11 02:26 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
2017-03-02 15:42 - 2016-11-11 02:19 - 01755136 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceFlows.DataModel.dll
2017-03-02 15:42 - 2016-11-11 02:19 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupShim.dll
2017-03-02 15:42 - 2016-11-11 02:18 - 01196544 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscui.cpl
2017-03-02 15:42 - 2016-11-11 02:18 - 00431616 _____ (Microsoft Corporation) C:\windows\SysWOW64\efswrt.dll
2017-03-02 15:42 - 2016-11-11 02:18 - 00108544 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscinterop.dll
2017-03-02 15:42 - 2016-11-11 02:17 - 00333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActivationManager.dll
2017-03-02 15:42 - 2016-11-11 02:06 - 01228288 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2017-03-02 15:42 - 2016-11-11 02:04 - 01595392 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-03-02 15:42 - 2016-11-11 02:03 - 02256384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-03-02 15:42 - 2016-11-02 06:13 - 00773720 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-03-02 15:42 - 2016-11-02 06:09 - 02257104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-03-02 15:42 - 2016-11-02 05:49 - 00037376 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-03-02 15:42 - 2016-11-02 05:48 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-03-02 15:42 - 2016-11-02 05:46 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininetlui.dll
2017-03-02 15:42 - 2016-11-02 05:45 - 00182784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsensorgroup.dll
2017-03-02 15:42 - 2016-11-02 05:36 - 00063488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ErrorDetailsUpdate.dll
2017-03-02 15:42 - 2016-11-02 05:32 - 00045056 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-03-02 15:42 - 2016-11-02 05:31 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2017-03-02 15:42 - 2016-11-02 05:31 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\wininetlui.dll
2017-03-02 15:42 - 2016-11-02 05:30 - 00134144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ErrorDetails.dll
2017-03-02 15:42 - 2016-11-02 05:29 - 01247232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2017-03-02 15:42 - 2016-11-02 05:29 - 00884224 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-03-02 15:42 - 2016-11-02 05:29 - 00122368 _____ (Microsoft Corporation) C:\windows\SysWOW64\NPSM.dll
2017-03-02 15:42 - 2016-11-02 05:28 - 00807424 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2017-03-02 15:42 - 2016-11-02 05:28 - 00321024 _____ (Microsoft Corporation) C:\windows\system32\NetworkUXBroker.dll
2017-03-02 15:42 - 2016-11-02 05:28 - 00079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2017-03-02 15:42 - 2016-11-02 05:26 - 00798208 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-03-02 15:42 - 2016-11-02 05:26 - 00579072 _____ (Microsoft Corporation) C:\windows\system32\ddraw.dll
2017-03-02 15:42 - 2016-11-02 05:26 - 00273920 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2017-03-02 15:42 - 2016-11-02 05:25 - 00956416 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.desktop.dll
2017-03-02 15:42 - 2016-11-02 05:23 - 00199680 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2017-03-02 15:42 - 2016-11-02 05:18 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2017-03-02 15:42 - 2016-10-14 23:38 - 00409952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-03-02 15:42 - 2016-10-14 23:30 - 00557408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2017-03-02 15:42 - 2016-10-14 23:26 - 00160096 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostBroker.dll
2017-03-02 15:42 - 2016-10-14 23:21 - 02537824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-03-02 15:42 - 2016-10-14 23:21 - 01100128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-03-02 15:42 - 2016-10-14 23:18 - 00749920 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2017-03-02 15:42 - 2016-10-14 23:06 - 05685760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-03-02 15:42 - 2016-10-14 22:56 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\daxexec.dll
2017-03-02 15:42 - 2016-10-14 22:56 - 00306688 _____ (Microsoft Corporation) C:\windows\SysWOW64\esentutl.exe
2017-03-02 15:42 - 2016-10-14 22:56 - 00219648 _____ (Microsoft Corporation) C:\windows\system32\AudioSrvPolicyManager.dll
2017-03-02 15:42 - 2016-10-14 22:55 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFi.dll
2017-03-02 15:42 - 2016-10-14 22:43 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\energy.dll
2017-03-02 15:42 - 2016-10-14 22:41 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsiwmi.dll
2017-03-02 15:42 - 2016-10-14 22:39 - 00631296 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2017-03-02 15:42 - 2016-10-14 22:39 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Geolocation.dll
2017-03-02 15:42 - 2016-10-14 22:36 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.dll
2017-03-02 15:42 - 2016-10-14 22:36 - 00983040 _____ (Microsoft Corporation) C:\windows\system32\RemoteNaturalLanguage.dll
2017-03-02 15:42 - 2016-10-14 22:31 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2017-03-02 15:42 - 2016-10-05 05:33 - 00128864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-03-02 15:42 - 2016-10-05 05:09 - 00064352 _____ (Avago Technologies) C:\windows\system32\Drivers\MegaSas2i.sys
2017-03-02 15:42 - 2016-10-05 04:36 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2017-03-02 15:42 - 2016-10-05 04:33 - 00651264 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.AllJoyn.dll
2017-03-02 15:42 - 2016-10-05 04:31 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\ChatApis.dll
2017-03-02 15:42 - 2016-10-05 04:29 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\EmailApis.dll
2017-03-02 15:42 - 2016-10-05 04:25 - 00117760 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2017-03-02 15:42 - 2016-10-05 04:23 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\dialclient.dll
2017-03-02 15:42 - 2016-10-05 04:16 - 00771072 _____ (Microsoft Corporation) C:\windows\system32\AppointmentApis.dll
2017-03-02 15:42 - 2016-10-05 04:16 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Sensors.dll
2017-03-02 15:42 - 2016-10-05 04:14 - 01013760 _____ (Microsoft Corporation) C:\windows\system32\ContactApis.dll
2017-03-02 15:42 - 2016-09-15 12:40 - 00965472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2017-03-02 15:42 - 2016-09-15 12:37 - 00496872 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-03-02 15:42 - 2016-09-15 12:29 - 00081760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2017-03-02 15:42 - 2016-09-15 12:29 - 00074080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2017-03-02 15:42 - 2016-09-15 12:29 - 00023392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cmimcext.sys
2017-03-02 15:42 - 2016-09-15 12:27 - 00434528 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2017-03-02 15:42 - 2016-09-15 12:25 - 00280472 _____ (Microsoft Corporation) C:\windows\system32\bdeunlock.exe
2017-03-02 15:42 - 2016-09-15 12:21 - 01000288 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2017-03-02 15:42 - 2016-09-15 12:15 - 00130912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storahci.sys
2017-03-02 15:42 - 2016-09-15 12:13 - 00113504 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2017-03-02 15:42 - 2016-09-15 12:01 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Radios.dll
2017-03-02 15:42 - 2016-09-15 11:59 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\credprovslegacy.dll
2017-03-02 15:42 - 2016-09-15 11:58 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\credprovhost.dll
2017-03-02 15:42 - 2016-09-15 11:58 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-03-02 15:42 - 2016-09-15 11:57 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.Input.dll
2017-03-02 15:42 - 2016-09-15 11:57 - 00315904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-02 15:42 - 2016-09-15 11:56 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Import.dll
2017-03-02 15:42 - 2016-09-15 11:56 - 00265728 _____ C:\windows\SysWOW64\Windows.Perception.Stub.dll
2017-03-02 15:42 - 2016-09-15 11:55 - 01243136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-02 15:42 - 2016-09-15 11:54 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2017-03-02 15:42 - 2016-09-15 11:54 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\CredProvDataModel.dll
2017-03-02 15:42 - 2016-09-15 11:53 - 00819200 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppContracts.dll
2017-03-02 15:42 - 2016-09-15 11:53 - 00466432 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcext.dll
2017-03-02 15:42 - 2016-09-15 11:53 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Usb.dll
2017-03-02 15:42 - 2016-09-15 11:52 - 00500224 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2017-03-02 15:42 - 2016-09-15 11:51 - 00762368 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2017-03-02 15:42 - 2016-09-15 11:49 - 00653312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AccountsControl.dll
2017-03-02 15:42 - 2016-09-15 11:46 - 00558080 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2017-03-02 15:42 - 2016-09-15 11:46 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\ffbroker.dll
2017-03-02 15:42 - 2016-09-15 11:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dlnashext.dll
2017-03-02 15:42 - 2016-09-15 11:44 - 02153984 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2017-03-02 15:42 - 2016-09-15 11:44 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAC3ENC.DLL
2017-03-02 15:42 - 2016-09-15 11:44 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2017-03-02 15:42 - 2016-09-15 11:42 - 00545792 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-03-02 15:42 - 2016-09-15 11:42 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-03-02 15:42 - 2016-09-15 11:40 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-03-02 15:42 - 2016-09-15 11:39 - 00418304 _____ C:\windows\system32\Windows.Perception.Stub.dll
2017-03-02 15:42 - 2016-09-15 11:38 - 00654336 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2017-03-02 15:42 - 2016-09-15 11:38 - 00427008 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2017-03-02 15:42 - 2016-09-15 11:38 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\icsvcext.dll
2017-03-02 15:42 - 2016-09-15 11:38 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\provops.dll
2017-03-02 15:42 - 2016-09-15 11:38 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2017-03-02 15:42 - 2016-09-15 11:37 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-02 15:42 - 2016-09-15 11:36 - 00448512 _____ (Microsoft Corporation) C:\windows\SysWOW64\TpmCoreProvisioning.dll
2017-03-02 15:42 - 2016-09-15 11:36 - 00349184 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-03-02 15:42 - 2016-09-15 11:36 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\usbmon.dll
2017-03-02 15:42 - 2016-09-15 11:34 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.InkControls.dll
2017-03-02 15:42 - 2016-09-15 11:33 - 00896512 _____ (Microsoft Corporation) C:\windows\system32\Windows.AccountsControl.dll
2017-03-02 15:42 - 2016-09-15 11:29 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\RelPost.exe
2017-03-02 15:42 - 2016-09-15 11:28 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\PlayToDevice.dll
2017-03-02 15:42 - 2016-09-15 11:25 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll
2017-03-02 15:42 - 2016-09-15 11:23 - 03405824 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-03-02 15:42 - 2016-09-15 11:23 - 01040896 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
2017-03-02 15:42 - 2016-09-15 11:21 - 02538496 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-03-02 15:42 - 2016-09-15 11:21 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2017-03-02 15:42 - 2016-09-15 11:19 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Maps.dll
2017-03-02 15:42 - 2016-09-15 11:19 - 00903680 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-03-02 15:42 - 2016-09-15 11:18 - 01369088 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Phone.dll
2017-03-02 15:42 - 2016-09-15 11:16 - 00531456 _____ (Microsoft Corporation) C:\windows\system32\TpmCoreProvisioning.dll
2017-03-02 15:42 - 2016-08-05 03:29 - 00568832 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.UXRes.dll
2017-03-02 15:41 - 2016-12-20 23:24 - 03733504 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-03-02 15:41 - 2016-11-11 04:28 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\CbtBackgroundManagerPolicy.dll
2017-03-02 15:41 - 2016-11-11 04:26 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\modem.sys
2017-03-02 15:41 - 2016-11-02 05:43 - 00198144 _____ (Microsoft Corporation) C:\windows\SysWOW64\FSClient.dll
2017-03-02 15:41 - 2016-09-15 11:59 - 00255488 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
2017-03-02 15:41 - 2016-09-15 11:57 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ClipboardServer.dll
2017-03-02 15:41 - 2016-09-15 11:41 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
2017-03-02 15:41 - 2016-09-15 11:38 - 00203776 _____ (Microsoft Corporation) C:\windows\system32\PimIndexMaintenance.dll
2017-03-02 15:41 - 2016-09-15 11:36 - 00456192 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-03-02 15:41 - 2016-09-15 11:36 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\credprovslegacy.dll
2017-03-02 15:41 - 2016-09-15 11:35 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\rshx32.dll
2017-03-02 14:54 - 2017-03-02 08:43 - 00485032 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2017-03-02 14:49 - 2017-03-02 14:50 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\.minecraft
2017-03-02 14:48 - 2017-03-03 20:53 - 00000000 ____D C:\Program Files (x86)\Minecraft
2017-03-02 07:24 - 2016-12-21 02:08 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2017-03-02 07:24 - 2016-12-20 23:44 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2017-03-01 12:32 - 2017-03-06 07:05 - 00000000 ____D C:\Users\Kaden\AppData\Local\llssoft
2017-03-01 12:32 - 2017-03-01 12:32 - 00000000 ____D C:\Users\Kaden\AppData\Local\CEF
2017-03-01 11:31 - 2017-03-06 07:05 - 00000000 ____D C:\Program Files (x86)\qdcomsvc
2017-03-01 11:31 - 2017-03-06 06:23 - 00000000 ____D C:\Program Files (x86)\winscr
2017-03-01 11:31 - 2017-03-01 11:31 - 00140288 _____ C:\Users\Kaden\AppData\Roaming\Installer.dat
2017-03-01 11:31 - 2017-03-01 11:31 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\c
2017-03-01 11:31 - 2017-03-01 11:31 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-03-01 11:31 - 2017-03-01 11:31 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-28 23:50 - 2017-02-28 23:50 - 00000000 ____D C:\Users\Kaden\AppData\Local\NetworkTiles
2017-02-28 20:27 - 2017-02-28 20:30 - 00003290 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 20:25 - 2017-03-06 18:31 - 00001488 _____ C:\Users\Kaden\Desktop\watch me.lnk
2017-02-28 20:25 - 2017-02-28 20:25 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Skype
2017-02-28 16:08 - 2017-02-28 16:08 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Macromedia
2017-02-28 15:58 - 2017-03-04 09:03 - 00000249 _____ C:\Users\Kaden\AppData\LocalLow\rbxcsettings.rbx
2017-02-28 15:58 - 2017-02-28 16:05 - 00000000 ____D C:\Users\Kaden\AppData\Local\Roblox
2017-02-28 15:57 - 2017-02-28 15:58 - 00836152 _____ (ROBLOX Corporation) C:\Users\Kaden\Downloads\RobloxPlayerLauncher.exe
2017-02-27 18:01 - 2017-02-27 18:01 - 00001488 _____ C:\Users\Kaden\Downloads\Watch Me.lnk
2017-02-26 03:30 - 2017-02-27 01:56 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\hpqLog
2017-02-26 03:30 - 2017-02-26 03:30 - 00000000 ____D C:\Users\Kaden\AppData\Local\Hewlett-Packard
2017-02-26 03:29 - 2017-02-26 03:29 - 00000000 ____D C:\ProgramData\BlueStacks
2017-02-26 02:32 - 2017-02-26 02:32 - 00000000 ____D C:\Users\Kaden\AppData\Local\HP_Inc
2017-02-26 02:23 - 2017-02-26 02:23 - 00000000 ____D C:\Users\Kaden\AppData\Local\Comms
2017-02-26 02:18 - 2017-02-26 02:18 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\WildTangent
2017-02-26 02:16 - 2017-02-28 15:51 - 00000000 ____D C:\Users\Kaden\AppData\Local\MicrosoftEdge
2017-02-26 02:16 - 2017-02-26 02:16 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Hewlett-Packard
2017-02-26 02:15 - 2017-03-03 20:49 - 00000000 ___RD C:\Users\Kaden\OneDrive
2017-02-26 02:15 - 2017-02-26 02:15 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\HP
2017-02-26 02:13 - 2017-02-28 15:50 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\DropboxOEM
2017-02-26 02:13 - 2017-02-26 02:13 - 00000000 ____D C:\Users\Kaden\AppData\Local\DropboxOEM
2017-02-26 02:12 - 2017-03-06 18:29 - 00000000 __SHD C:\Users\Kaden\IntelGraphicsProfiles
2017-02-26 02:12 - 2017-03-02 22:32 - 00000000 ____D C:\Users\Kaden\AppData\Local\Packages
2017-02-26 02:12 - 2017-02-26 02:21 - 00000000 ____D C:\Users\Kaden\AppData\Local\ConnectedDevicesPlatform
2017-02-26 02:12 - 2017-02-26 02:12 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Synaptics
2017-02-26 02:12 - 2017-02-26 02:12 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Intel
2017-02-26 02:12 - 2017-02-26 02:12 - 00000000 ____D C:\Users\Kaden\AppData\Roaming\Adobe
2017-02-26 02:12 - 2017-02-26 02:12 - 00000000 ____D C:\Users\Kaden\AppData\Local\VirtualStore
2017-02-26 02:12 - 2017-02-26 02:12 - 00000000 ____D C:\Users\Kaden\AppData\Local\TileDataLayer
2017-02-26 02:12 - 2017-02-26 02:12 - 00000000 ____D C:\Users\Kaden\AppData\Local\Publishers
2017-02-26 02:11 - 2017-03-06 18:27 - 00000000 ____D C:\Users\Kaden
2017-02-26 02:11 - 2017-02-26 02:11 - 00000020 ___SH C:\Users\Kaden\ntuser.ini
2017-02-26 02:11 - 2017-02-26 02:11 - 00000000 _SHDL C:\Users\Kaden\My Documents
2017-02-26 02:11 - 2017-02-26 02:11 - 00000000 _SHDL C:\Users\Kaden\Documents\My Videos
2017-02-26 02:11 - 2017-02-26 02:11 - 00000000 _SHDL C:\Users\Kaden\Documents\My Pictures
2017-02-26 02:11 - 2017-02-26 02:11 - 00000000 _SHDL C:\Users\Kaden\Documents\My Music
2017-02-26 02:11 - 2016-10-24 11:13 - 00000000 ___HD C:\Users\Kaden\Documents\hp.system.package.metadata
2017-02-26 02:11 - 2016-10-24 11:13 - 00000000 ___HD C:\Users\Kaden\Documents\hp.applications.package.appdata
2017-02-26 02:09 - 2017-02-26 02:09 - 00000000 ____D C:\Users\defaultuser0\AppData\Roaming\DropboxOEM
2017-02-26 02:09 - 2017-02-26 02:09 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\DropboxOEM
2017-02-26 02:08 - 2017-02-26 02:10 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2017-02-26 02:08 - 2017-02-26 02:08 - 00000000 __SHD C:\Users\defaultuser0\IntelGraphicsProfiles
2017-02-26 02:08 - 2017-02-26 02:08 - 00000000 ____D C:\Users\defaultuser0\AppData\Roaming\Synaptics
2017-02-26 02:08 - 2017-02-26 02:08 - 00000000 ____D C:\Users\defaultuser0\AppData\Roaming\Intel
2017-02-26 02:08 - 2017-02-26 02:08 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2017-02-26 02:08 - 2017-02-26 02:08 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2017-02-26 02:08 - 2017-02-26 02:08 - 00000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2017-02-26 02:02 - 2017-02-26 02:08 - 00000000 ____D C:\Users\defaultuser0
2017-02-26 02:02 - 2017-02-26 02:02 - 00000020 ___SH C:\Users\defaultuser0\ntuser.ini
2017-02-26 02:02 - 2017-02-26 02:02 - 00000000 _SHDL C:\Users\defaultuser0\My Documents
2017-02-26 02:02 - 2017-02-26 02:02 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Videos
2017-02-26 02:02 - 2017-02-26 02:02 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Pictures
2017-02-26 02:02 - 2017-02-26 02:02 - 00000000 _SHDL C:\Users\defaultuser0\Documents\My Music
2017-02-26 02:02 - 2016-10-24 11:13 - 00000000 ___HD C:\Users\defaultuser0\Documents\hp.system.package.metadata
2017-02-26 02:02 - 2016-10-24 11:13 - 00000000 ___HD C:\Users\defaultuser0\Documents\hp.applications.package.appdata
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default\My Documents
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2017-02-26 02:00 - 2017-02-26 02:00 - 00000000 _SHDL C:\Documents and Settings
2017-02-04 04:22 - 2016-07-16 06:43 - 00033498 _____ C:\windows\Core.xml
2017-02-04 04:17 - 2017-03-03 19:21 - 00025334 _____ C:\windows\diagwrn.xml
2017-02-04 04:17 - 2017-03-03 19:21 - 00023462 _____ C:\windows\diagerr.xml
2017-02-04 03:58 - 2016-08-02 01:03 - 00216704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2017-02-04 03:57 - 2017-03-06 08:56 - 00003126 _____ C:\windows\System32\Tasks\McAfeeLogon
2017-02-04 03:57 - 2017-03-06 08:56 - 00000000 ____D C:\windows\System32\Tasks\McAfee
2017-02-04 03:57 - 2017-02-04 03:57 - 00000000 ____D C:\ProgramData\Intel Security
2017-02-04 03:55 - 2016-11-14 17:41 - 00342768 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe
2017-02-04 03:54 - 2017-03-06 17:44 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-04 03:54 - 2017-03-06 17:44 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-02-04 03:54 - 2017-03-06 08:58 - 00000000 ____D C:\Program Files\mcafee
2017-02-04 03:54 - 2017-03-06 08:54 - 00000000 ____D C:\ProgramData\mcafee
2017-02-04 03:54 - 2017-02-04 03:54 - 00000000 ____D C:\Program Files\mcafee.com
2017-02-04 03:54 - 2017-02-04 03:54 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2017-02-04 03:54 - 2017-02-04 03:54 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-04 03:53 - 2017-03-06 18:32 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Smart Friend.lnk
2017-02-04 03:53 - 2017-03-06 18:32 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk
2017-02-04 03:52 - 2017-03-06 18:32 - 00002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk
2017-02-04 03:52 - 2017-02-26 18:09 - 00000000 ____D C:\ProgramData\WildTangent
2017-02-04 03:52 - 2017-02-26 18:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-04 03:52 - 2017-02-04 03:52 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2017-02-04 03:51 - 2017-02-04 03:51 - 00000000 ____D C:\windows\HP
2017-02-04 03:50 - 2017-02-04 03:50 - 00000000 __RSH C:\windows\SysWOW64\Drivers\103C_HP_cNB_Stream Laptop 11-y0XX_Y5335KV_0U_Q5CD7043NGK_E5CD6170CPYA7 DPS_4A_I82A9_SHP_V04.20_BF.10_T160902_W1101-0_L409_M4002_J31_7Intel_86C4_91.60_#170204_N8086095A_(X7V33UA#ABA)_XMOBILE_CN10_Z.MRK
2017-02-04 03:50 - 2017-02-04 03:50 - 00000000 __RSH C:\windows\system32\Drivers\103C_HP_cNB_Stream Laptop 11-y0XX_Y5335KV_0U_Q5CD7043NGK_E5CD6170CPYA7 DPS_4A_I82A9_SHP_V04.20_BF.10_T160902_W1101-0_L409_M4002_J31_7Intel_86C4_91.60_#170204_N8086095A_(X7V33UA#ABA)_XMOBILE_CN10_Z.MRK
2017-02-04 03:49 - 2017-02-04 03:49 - 00016230 _____ C:\windows\system32\results.xml
2017-02-04 03:49 - 2017-02-04 03:49 - 00000000 ____D C:\ProgramData\Synaptics
2017-02-04 03:48 - 2017-02-26 02:00 - 00002252 _____ C:\windows\System32\Tasks\HPJumpStartProvider
2017-02-04 03:43 - 2017-02-04 03:43 - 00000000 ___HD C:\windows\system32\WLANProfiles
2017-02-04 03:43 - 2017-02-04 03:43 - 00000000 ____D C:\windows\SysWOW64\sda
2017-02-04 03:43 - 2017-02-04 03:43 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-02-04 03:43 - 2016-08-19 02:03 - 09891328 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2017-02-04 03:43 - 2016-08-19 02:03 - 04332032 _____ (Realtek Semiconductor Corp.) C:\windows\RtCRU64.exe
2017-02-04 03:43 - 2016-08-19 02:03 - 00329184 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsP2Stor.sys
2017-02-04 03:43 - 2016-08-19 02:03 - 00084480 _____ (Realtek Semiconductor.) C:\windows\system32\RtCRX64.dll
2017-02-04 03:41 - 2017-02-04 03:41 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-02-04 03:41 - 2017-02-04 03:41 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-02-04 03:41 - 2017-02-04 03:41 - 00000000 ____D C:\Program Files\Synaptics
2017-02-04 03:41 - 2016-08-22 05:57 - 00064104 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\Smb_driver_Intel.sys
2017-02-04 03:41 - 2016-08-22 05:57 - 00060008 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\Smb_driver_AMDASF.sys
2017-02-04 03:40 - 2017-02-04 03:40 - 00000000 _____ C:\windows\system32\GfxValDisplayLog.bin
2017-02-04 03:40 - 2016-06-21 04:05 - 00095232 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.DLL
2017-02-04 03:40 - 2016-06-21 04:05 - 00091136 _____ (Khronos Group) C:\windows\system32\OpenCL.DLL
2017-02-04 03:39 - 2017-02-04 03:40 - 00000000 ____D C:\Intel
2017-02-04 03:39 - 2017-02-04 03:39 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2017-02-04 03:38 - 2017-03-06 18:32 - 00001851 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk
2017-02-04 03:38 - 2017-02-04 03:44 - 00000000 ____D C:\Program Files\Intel
2017-02-04 03:38 - 2017-02-04 03:44 - 00000000 ____D C:\Program Files (x86)\Intel
2017-02-04 03:38 - 2017-02-04 03:43 - 00000000 ____D C:\ProgramData\Intel
2017-02-04 03:38 - 2017-02-04 03:38 - 00013730 _____ C:\windows\system32\Drivers\rtkhdasetting.zip
2017-02-04 03:38 - 2017-02-04 03:38 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2017-02-04 03:38 - 2017-02-04 03:38 - 00000000 ____D C:\windows\system32\SRSLabs
2017-02-04 03:38 - 2017-02-04 03:38 - 00000000 ____D C:\ProgramData\SRS Labs
2017-02-04 03:38 - 2017-02-04 03:38 - 00000000 ____D C:\Program Files\Realtek
2017-02-04 03:38 - 2016-04-29 04:06 - 01804688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfCoInstaller01011.dll
2017-02-04 03:38 - 2016-04-29 04:06 - 01392792 _____ (Intel Corporation) C:\windows\SysWOW64\esif_uf.exe
2017-02-04 03:38 - 2016-04-29 04:06 - 00971944 _____ (Microsoft Corporation) C:\windows\system32\msvcr120.dll
2017-02-04 03:38 - 2016-04-29 04:06 - 00668840 _____ (Microsoft Corporation) C:\windows\system32\msvcp120.dll
2017-02-04 03:38 - 2016-04-29 04:06 - 00260072 _____ (Intel Corporation) C:\windows\system32\Drivers\esif_lf.sys
2017-02-04 03:38 - 2016-04-29 04:06 - 00055784 _____ (Intel Corporation) C:\windows\system32\Drivers\dptf_acpi.sys
2017-02-04 03:38 - 2016-04-29 04:06 - 00052200 _____ (Intel Corporation) C:\windows\system32\Drivers\dptf_cpu.sys
2017-02-04 03:37 - 2017-02-04 03:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2017-02-04 03:37 - 2017-02-04 03:38 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-02-04 03:37 - 2016-08-22 04:44 - 72520720 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2017-02-04 03:37 - 2016-08-22 04:44 - 06910841 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2017-02-04 03:37 - 2016-08-22 04:44 - 05276168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2017-02-04 03:37 - 2016-08-22 04:44 - 03283248 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 03203592 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 03134720 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 02895104 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2017-02-04 03:37 - 2016-08-22 04:44 - 02706864 _____ (DTS, Inc.) C:\windows\system32\sltech64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 02203752 _____ (DTS, Inc.) C:\windows\system32\slcnt64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 02073096 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 01607136 _____ (Conexant Systems Inc.) C:\windows\system32\CX64APO.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 01529144 _____ (Conexant Systems Inc.) C:\windows\system32\CX64Proxy.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 01435144 _____ (Synopsys, Inc.) C:\windows\system32\SRRPTR64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 01360520 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 01041744 _____ (DTS, Inc.) C:\windows\system32\sl3apo64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 01001800 _____ (Sound Research, Corp.) C:\windows\system32\SEHDHF64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00864344 _____ (Sound Research, Corp.) C:\windows\SysWOW64\SEHDHF32.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00858200 _____ (Sound Research, Corp.) C:\windows\system32\SEHDRA64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00854032 _____ (Sound Research, Corp.) C:\windows\system32\SECOMN64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00725944 _____ (Sound Research, Corp.) C:\windows\SysWOW64\SECOMN32.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00689888 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00574760 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00532384 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00498648 _____ (Sound Research, Corp.) C:\windows\system32\SEAPO64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00467160 _____ (Synopsys, Inc.) C:\windows\system32\SRAPO64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00438696 _____ (Conexant Systems, Inc.) C:\windows\system32\CAF64APO2.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00387320 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00381416 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00343712 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00341152 _____ (Synopsys, Inc.) C:\windows\SysWOW64\SRCOM.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00341152 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00321720 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00321720 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00258864 _____ (TODO: <Company name>) C:\windows\system32\slprp64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00214832 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00192984 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00166208 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00122320 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00118600 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00112496 _____ (Conexant Systems, Inc.) C:\windows\system32\Caf64api.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00110984 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00088352 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00023696 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2017-02-04 03:37 - 2016-08-22 04:44 - 00005604 _____ C:\windows\system32\cxapo.lncs
2017-02-04 03:37 - 2016-08-22 04:44 - 00000736 _____ C:\windows\system32\cxapo.prop
2017-02-04 03:37 - 2016-08-22 04:43 - 02838232 _____ (Realtek Semiconductor Corp.) C:\windows\RtlExUpd.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-06 19:55 - 2016-07-16 06:45 - 00000000 ____D C:\windows\INF
2017-03-06 19:52 - 2016-07-29 07:37 - 01558294 _____ C:\windows\system32\PerfStringBackup.INI
2017-03-06 19:49 - 2016-07-29 07:32 - 00000000 ____D C:\windows\system32\SleepStudy
2017-03-06 18:32 - 2016-10-24 11:17 - 00002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-03-06 18:32 - 2016-10-24 11:17 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-03-06 18:32 - 2016-10-24 11:17 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-03-06 18:32 - 2016-10-24 11:17 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-03-06 18:32 - 2016-10-24 11:16 - 00002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Audio Switch.lnk
2017-03-06 18:32 - 2016-10-24 11:16 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB.lnk
2017-03-06 18:31 - 2016-10-24 11:14 - 00002682 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk
2017-03-06 18:29 - 2016-07-29 07:32 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-03-06 18:29 - 2016-07-16 01:04 - 00524288 _____ C:\windows\system32\config\BBI
2017-03-06 18:06 - 2016-07-29 07:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-06 18:06 - 2016-07-16 06:47 - 00000000 ____D C:\windows\AppReadiness
2017-03-06 17:44 - 2016-07-29 07:32 - 00234464 _____ C:\windows\system32\FNTCACHE.DAT
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ___SD C:\windows\SysWOW64\F12
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ___SD C:\windows\system32\F12
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ___SD C:\windows\system32\DiagSvcs
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\SysWOW64\setup
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\SysWOW64\oobe
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\WinBioPlugIns
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\setup
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\oobe
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\migwiz
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\appraiser
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\ShellExperiences
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\Provisioning
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\windows\bcastdvr
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-06 17:40 - 2016-07-16 06:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-06 17:40 - 2016-07-16 01:04 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-03-06 17:40 - 2016-07-16 01:04 - 00000000 ____D C:\windows\system32\Sysprep
2017-03-06 17:40 - 2016-07-16 01:04 - 00000000 ____D C:\windows\system32\Dism
2017-03-06 17:40 - 2016-07-16 01:04 - 00000000 ____D C:\windows\servicing
2017-03-06 17:38 - 2016-07-16 06:47 - 00015425 _____ C:\windows\system32\OEMDefaultAssociations.xml
2017-03-06 08:57 - 2016-07-16 06:47 - 00000000 ___HD C:\windows\ELAMBKUP
2017-03-06 08:51 - 2016-07-16 06:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-06 08:49 - 2016-07-16 06:36 - 00000000 ____D C:\windows\CbsTemp
2017-03-06 07:06 - 2016-07-16 01:04 - 00032768 _____ C:\windows\system32\config\ELAM
2017-03-03 19:59 - 2016-07-16 06:47 - 00000000 ____D C:\windows\LiveKernelReports
2017-03-03 19:20 - 2016-07-29 08:23 - 00000000 ____D C:\windows\Panther
2017-03-02 23:30 - 2016-10-24 11:14 - 00000000 ____D C:\Program Files\HPCommRecovery
2017-03-02 23:15 - 2016-07-16 06:47 - 00000000 ___HD C:\windows\system32\GroupPolicy
2017-03-02 09:12 - 2016-07-16 06:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 08:33 - 2016-10-24 11:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 07:16 - 2016-10-24 11:16 - 00000948 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-03-02 07:16 - 2016-10-24 11:16 - 00000944 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-02-28 16:35 - 2016-10-24 11:16 - 00004008 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-02-28 16:35 - 2016-10-24 11:16 - 00003776 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-02-27 20:10 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\NDF
2017-02-27 03:57 - 2016-07-16 06:47 - 00000000 ____D C:\windows\appcompat
2017-02-26 02:17 - 2016-10-24 11:11 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2017-02-26 02:16 - 2016-10-24 11:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-02-26 02:12 - 2016-07-19 19:09 - 00000000 ___HD C:\system.sav
2017-02-26 02:11 - 2016-07-16 06:47 - 00000000 ____D C:\windows\system32\WinBioDatabase
2017-02-26 02:01 - 2016-10-24 11:16 - 00002262 _____ C:\windows\System32\Tasks\DropboxOEM
2017-02-26 02:01 - 2016-07-16 06:47 - 00000000 ____D C:\windows\rescache
2017-02-26 02:00 - 2016-10-24 11:14 - 00002500 _____ C:\windows\System32\Tasks\HPEA3JOBS
2017-02-06 14:48 - 2016-07-16 06:49 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 14:48 - 2016-07-16 06:49 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-04 04:53 - 2016-10-24 11:13 - 00000000 ___RD C:\Program Files\Online Services
2017-02-04 04:53 - 2016-10-24 11:13 - 00000000 ___RD C:\Program Files (x86)\Online Services
2017-02-04 04:18 - 2016-07-16 06:47 - 00028672 _____ C:\windows\system32\config\BCD-Template
2017-02-04 04:17 - 2016-07-16 06:47 - 00000000 ____D C:\windows\Registration
2017-02-04 04:11 - 2016-10-24 11:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-02-04 04:11 - 2016-10-24 11:13 - 00000000 ____D C:\ProgramData\HP
2017-02-04 03:53 - 2016-10-24 11:12 - 00000000 ____D C:\Program Files (x86)\HP
2017-02-04 03:50 - 2016-10-24 11:13 - 00000000 ____D C:\Program Files\HP
2017-02-04 03:46 - 2016-10-24 11:14 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-04 03:43 - 2016-10-24 11:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-04 03:35 - 2016-09-01 17:46 - 00000000 ___HD C:\hp
==================== Files in the root of some directories =======
2017-03-01 11:31 - 2017-03-01 11:31 - 0140288 _____ () C:\Users\Kaden\AppData\Roaming\Installer.dat
Some files in TEMP:
====================
2017-03-02 21:44 - 2016-10-24 11:00 - 1883784 _____ (Microsoft Corporation) C:\Users\Kaden\AppData\Local\Temp\dllnt_dump.dll
2017-03-03 19:19 - 2017-03-03 19:19 - 18309328 _____ (Microsoft Corporation) C:\Users\Kaden\AppData\Local\Temp\MediaCreationTool.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-29 07:32
==================== End of FRST.txt ============================
 

Share this post


Link to post
Share on other sites

I can't find the 'Reports' section on the Malwarebytes... I am very appreciative of your help and hope I'm making good progress on cleaning this computer!  Since it was so new I question that it wouldn't have been easier to just reinstall windows, but I really am inexperienced so hopefully this will work and my son can get it back! Thanks again for your assistance!

 

Share this post


Link to post
Share on other sites

Thank you for the FRST.txt log :) Here, this screenshot might help you.

EkLJVZJ.png

Share this post


Link to post
Share on other sites

Hi again,

Ok so there isn't a spot that I can find that says Report for me to copy and paste (please see the attached screenshot)  Can I get some feedback on how it's going in terms of cleaning the computer of viruses so my young son can use the computer again please?

I'm nervous about it still being infected before I let him use it again.  I would like to wrap this up asap and honestly do not have the expertise to know if it's safe or not!  Thanks again for your assistance!!

screenshot.PNG

Share this post


Link to post
Share on other sites

You're still using Malwarebytes 2.2.1. Sorry I thought you were on 3.0, and my screenshots are for that version. Your logs should be under the History tab.

Quote

Can I get some feedback on how it's going in terms of cleaning the computer of viruses so my young son can use the computer again please?

We're almost done. I just need to see the Malwarebytes log, then I'll make you run a fixlist with FRST to remove harmless remnants and that should be it.

Share this post


Link to post
Share on other sites

Hi worldtraveler,

Are you still with me?

Share this post


Link to post
Share on other sites

Yes! I'm so sorry.  I will get back to you by Saturday for sure. I'm working on this at night after work and my little boy got inpatient with me and started using his computer.  There is one icon on the desktop that I can't identify what it is nor will it allow me to delete it.  That concerns me.  I will work on getting you the requested information asap.  

Thank you again so much! ;)

Share this post


Link to post
Share on other sites

I'll be waiting then, thank you for the update :) 

Share this post


Link to post
Share on other sites

Hi worldtraveler5,

Are you still with me?

Share this post


Link to post
Share on other sites

YES! My son was just alerted the computer is hacked and all credit cards are unsafe and the computer will be shut down if he doesn't pay :(:(

I am at work, have an appointment and will message you again hopefully before the end of the night.  We need help! My 9 year old is too impatient to wait on his Mom (who is spread a bit thin) lol  Thanks for checking in!

 

Share this post


Link to post
Share on other sites

I'll be waiting. For now, it might be a good idea to ask your son not to use the computer until it is fully cleaned, as more malware might find their way in if he keeps on using it before we remove the infection.

Share this post


Link to post
Share on other sites

Hello again! Ok, I worked for several more hours over the last week or so to try to address the situation.  

I finally got enough things deleted as the C drive was too full to even do a recovery/factory reset (this seems strange to me as my son literally has no files and I've deleted everything I can find! And it's a couple of weeks old!).  When I ran the reset it did the whole process and said it wasn't able to delete all of the personal files but was resetting and reinstalling windows.  I'm not sure what that means other than there must be some resistant files.  I will upload Malewarebytes on his computer again tonight.  If you have any other suggestions please let me know.  I'm trying so hard to get this sorted for my little boy!

Share this post


Link to post
Share on other sites

So you did a Factory Reset of your system? If so, that should be it. But yes, please install and run a scan with Malwarebytes. And also, run a new scan with FRST and provide me the FRST.txt and Addition.txt logs.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.