Jump to content

ProblemsRBad

Members
  • Content count

    1,049
  • Joined

  • Last visited

  • Days Won

    1

About ProblemsRBad

  • Rank
    $ Supporting Member

Profile Information

  • Gender
    Not Telling
  • OS
    Windows 10

Profile Fields

  • Country
  1. Can't uninstall Comodo firewall

    Thanks a lot that did the trick!
  2. Can't uninstall Comodo firewall

    That program don't work as I cant see Comodo inside add/remove programs . I tried to just install Comodo again but it says I have to uninstall the old one first . :/ I'm stuck now. There is no earlier restore point before installing Comodo firewall, they seems to have gotten deleted :(.
  3. Can't uninstall Comodo firewall

    Well I ran into a problem with a chat program not having permission to open. I'm on admin account so I don't know why it wont let me. I tried to uninstall/reinstall the chat program, it didn't work. So I uninstall Comodo firewall, I thought its the problem. After uninstall Comodo and reboot, Comodo was still loading and there but I can't see it in the add/remove programs anymore. So I did a system restore. After restore I scanned the system with Roguekiller and it found 2 items ccomodo.vbs (something like that) files. I allow to clean these 2 files. So what I did after this was download the Comodo uninstall tool from Comodo forum. After using this tool and rebooting the system, it would not boot. I ended up having to do a system restore again to the same point as first restore as it was the one that working. Now I'm back after successful restore to still having comodo. I tried to uninstall/reboot to still have Comodo load and not in add/remove programs. Now I'm stuck, I don't want to use the uninstall tool from Comodo forums.
  4. Having some problems with me desktop

    Ok thanks for your time Broni.
  5. Having some problems with me desktop

    I can't as there is none to restore to. System restore says no restore points. :(
  6. I uploaded the .exe my friend had downloaded to here https://www.virustotal.com/#/file/868c026c893d6b214f323d37614eabc1cf3733579ea5084abb1617ade392804d/detection I then deleted the file from the desktop after seeing it potently had malware. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017 Ran by ASUS (administrator) on A455L-PC (09-10-2017 10:04:15) Running from C:\Users\ASUS\Desktop Loaded Profiles: ASUS (Available Profiles: ASUS) Platform: Windows 10 Pro Version 1607 14393.1715.amd64fre.rs1_release_inmarket.170906-1810 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe ((C) LINE Corporation) C:\Program Files\WindowsApps\NAVER.LINEwin8_5.5.3.0_x64__8ptj331gd3tyt\LINE_APP.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [109312 2015-03-31] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-05] (AVAST Software) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-08-29] (COMODO) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [36352 2008-03-27] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe [14411808 2017-08-21] (SplitCam Co.) GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 5.152.208.2 31.3.244.138 5.152.208.4 Tcpip\..\Interfaces\{960c0e15-4945-43be-9e36-cb596d04f045}: [DhcpNameServer] 5.152.208.2 31.3.244.138 5.152.208.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-907509582-2581158687-2100573859-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 7w3hjx1v.default FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default [2017-10-09] FF Homepage: Mozilla\Firefox\Profiles\7w3hjx1v.default -> hxxp://google.com FF Extension: (Avast SafePrice) - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default\Extensions\sp@avast.com.xpi [2017-10-05] FF Extension: (TAARExperiment) - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default\Extensions\taarexp@mozilla.com.xpi [2017-10-09] FF Extension: (Avast Online Security) - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default\Extensions\wrc@avast.com.xpi [2017-10-09] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-05-13] [not signed] FF HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.6\npGoogleUpdate3.dll [2017-07-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.6\npGoogleUpdate3.dll [2017-07-27] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR NewTab: Default -> Not-active:"chrome-extension://ljgpiikiibdligadiaifmdemkbkahfnf/index.html" CHR DefaultSearchURL: Default -> hxxp://photoz.searchalgo.com/search/?category=web&s=ypds&q={searchTerms} CHR DefaultSearchKeyword: Default -> myPhotoz CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-10-09] CHR Extension: (Google Slides) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-11] CHR Extension: (Google Docs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-12] CHR Extension: (Google Drive) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-12] CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12] CHR Extension: (Google Search) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12] CHR Extension: (Dropbox for Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-06-16] CHR Extension: (hTab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [2017-07-27] CHR Extension: (Avast SafePrice) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-07] CHR Extension: (Google Sheets) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-11] CHR Extension: (Google Docs Offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (AdBlock) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-23] CHR Extension: (Avast Online Security) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-07] CHR Extension: (anonymoX) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2017-05-30] CHR Extension: (Home Tab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg [2017-10-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-12] CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-28] CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found> CHR HKU\S-1-5-21-907509582-2581158687-2100573859-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-907509582-2581158687-2100573859-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-05] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-05] (AVAST Software) R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-12-19] (Camshare Inc.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-08-29] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-08-29] (COMODO) R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [115192 2015-03-31] (Intel Corporation) R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [122624 2015-03-31] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-08-08] (Microsoft Corporation) R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [321056 2017-08-21] (SplitCam Co.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-05] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-05] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-05] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-05] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-05] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-05] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-05] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-05] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-05] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-05] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-05] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-05] (AVAST Software) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (COMODO) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [490064 2015-03-31] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [41552 2015-03-06] (Intel Corporation) R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41256 2015-03-06] (Intel Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2016-04-15] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-08] () S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.) S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-08-09] (COMODO) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79528 2014-09-05] (Intel Corporation) S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-08] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-09] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-09] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-09] (Malwarebytes) S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [46728 2011-11-07] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SplitCamAudio; C:\WINDOWS\system32\drivers\SplitCamAudio.sys [33904 2017-08-11] (SplitCam Co.) R3 splitcam_hd_driver; C:\WINDOWS\system32\DRIVERS\splitcam_hd_driver.sys [38000 2017-08-11] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 VASDeviceDrm; C:\WINDOWS\system32\drivers\vasdDev.sys [1454896 2015-07-21] (ShiningMorning Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-09 10:04 - 2017-10-09 10:05 - 000020963 _____ C:\Users\ASUS\Desktop\FRST.txt 2017-10-09 09:09 - 2017-10-09 09:09 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-10-09 09:09 - 2017-10-03 13:17 - 001790024 _____ (Malwarebytes) C:\Users\ASUS\Desktop\JRT.exe 2017-10-09 07:53 - 2017-10-09 08:08 - 000000000 ____D C:\AdwCleaner 2017-10-09 06:20 - 2017-10-09 06:20 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-10-09 06:13 - 2017-10-09 06:18 - 035867864 _____ (Adlice Software ) C:\Users\ASUS\Downloads\RogueKiller_setup_ref3.exe 2017-10-09 05:40 - 2017-10-09 10:04 - 000000000 ____D C:\FRST 2017-10-09 05:37 - 2017-10-09 06:10 - 000001076 _____ C:\Users\ASUS\Desktop\SplitCam.lnk 2017-10-09 05:37 - 2017-10-09 05:38 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\SplitCam 2017-10-09 05:37 - 2017-10-09 05:37 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SplitCam 2017-10-09 05:35 - 2017-10-09 05:37 - 000000000 ____D C:\Program Files (x86)\SplitCam 2017-10-09 05:28 - 2017-10-09 05:32 - 101041968 _____ (SplitCam Co.) C:\Users\ASUS\Downloads\SplitCamSetup.exe 2017-10-09 05:26 - 2017-10-09 05:27 - 002401792 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe 2017-10-08 17:15 - 2017-10-09 08:55 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-10-08 17:15 - 2017-10-09 08:55 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-10-08 17:15 - 2017-10-09 08:55 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-10-08 17:15 - 2017-10-09 08:55 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-10-08 17:15 - 2017-10-08 17:15 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2017-10-05 06:01 - 2017-10-05 06:01 - 000002271 _____ C:\Users\ASUS\Desktop\WhatsApp.lnk 2017-10-05 06:00 - 2017-10-05 06:01 - 000000000 ____D C:\Users\ASUS\AppData\Local\WhatsApp 2017-10-05 05:26 - 2017-10-05 05:41 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\vlc 2017-10-05 05:26 - 2017-10-05 05:26 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-10-05 05:26 - 2017-10-05 05:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-10-05 05:25 - 2017-10-05 05:25 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2017-10-05 04:27 - 2017-10-05 04:27 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2017-10-05 04:27 - 2017-10-05 04:27 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2017-10-05 04:01 - 2017-10-05 06:12 - 000003640 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2017-10-05 04:00 - 2017-10-05 06:12 - 000000408 _____ C:\DelFix.txt 2017-10-05 04:00 - 2017-10-05 04:00 - 000000000 ____D C:\WINDOWS\ERUNT 2017-10-05 02:01 - 2017-10-05 02:01 - 000001240 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk 2017-10-05 02:01 - 2017-10-05 02:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2017-10-05 02:00 - 2017-10-05 02:00 - 000000000 ____D C:\Program Files\COMODO 2017-10-05 01:59 - 2017-10-05 04:28 - 000000000 ____D C:\Users\ASUS\AppData\Local\Comodo 2017-10-05 01:59 - 2017-10-05 04:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2017-10-05 01:36 - 2017-10-05 04:26 - 000000000 ____D C:\ProgramData\Comodo 2017-10-05 01:36 - 2017-10-05 01:36 - 000000000 ____D C:\ProgramData\Shared Space 2017-10-05 01:36 - 2017-10-05 01:36 - 000000000 ____D C:\ProgramData\Comodo Downloader 2017-10-05 01:24 - 2017-10-05 01:24 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-10-05 01:24 - 2017-10-05 01:24 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-10-05 01:24 - 2017-10-05 01:24 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-10-05 01:24 - 2017-10-05 01:24 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\AVAST Software 2017-10-05 01:23 - 2017-10-05 01:23 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-10-05 01:23 - 2017-10-05 01:22 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-10-05 01:22 - 2017-10-05 01:22 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-10-05 01:16 - 2017-10-05 01:16 - 000000000 ____D C:\Program Files\AVAST Software 2017-10-05 00:13 - 2017-10-05 00:13 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\SUPERAntiSpyware.com 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2017-10-05 00:09 - 2017-10-05 00:11 - 000000000 ____D C:\ProgramData\TEMP 2017-10-05 00:09 - 2017-10-05 00:10 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster 2017-10-05 00:09 - 2017-10-05 00:09 - 000001148 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk 2017-10-05 00:09 - 2017-10-05 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2017-10-05 00:09 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX 2017-10-05 00:09 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 2017-10-04 12:05 - 2017-10-04 12:05 - 000000000 ____D C:\ProgramData\Sophos 2017-10-04 11:42 - 2017-10-04 11:42 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk 2017-10-04 11:42 - 2017-10-04 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2017-10-04 11:41 - 2017-10-04 11:41 - 000000000 ____D C:\Program Files (x86)\Sophos 2017-10-04 11:33 - 2017-10-05 03:57 - 000000000 ____D C:\Users\ASUS\Desktop\PC Cleaner Tools 2017-10-04 11:32 - 2017-10-04 11:32 - 000000000 ____D C:\Users\ASUS\Documents\lampiran 2017-10-04 05:31 - 2017-10-05 06:02 - 000000000 ____D C:\Program Installers 2017-10-04 01:19 - 2017-10-04 01:19 - 000002640 _____ C:\Users\Public\Desktop\Skype.lnk 2017-10-04 01:19 - 2017-10-04 01:19 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-10-04 01:19 - 2017-10-04 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-10-04 01:16 - 2017-10-04 01:16 - 000003270 _____ C:\WINDOWS\System32\Tasks\{F6AEFBA2-1D51-4816-B6BD-2F6843D3449E} 2017-10-03 13:28 - 2017-10-09 06:20 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-10-03 13:26 - 2017-10-09 07:30 - 000000000 ____D C:\ProgramData\RogueKiller 2017-10-03 13:26 - 2017-10-09 06:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-10-03 13:25 - 2017-10-09 06:20 - 000000000 ____D C:\Program Files\RogueKiller 2017-10-03 12:17 - 2017-10-08 17:14 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-10-03 12:17 - 2017-10-03 12:17 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-03 12:17 - 2017-10-03 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-03 12:17 - 2017-10-03 12:17 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-03 12:17 - 2017-10-03 12:17 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-03 11:56 - 2017-10-03 11:56 - 000000000 ____D C:\Users\ASUS\AppData\Local\CrashRpt 2017-10-03 11:51 - 2017-10-05 03:34 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-03 11:48 - 2017-10-09 09:32 - 000000000 ____D C:\Users\ASUS\AppData\LocalLow\Mozilla 2017-10-03 11:48 - 2017-10-03 11:49 - 000000000 ____D C:\Users\ASUS\AppData\Local\Mozilla 2017-10-03 11:48 - 2017-10-03 11:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-03 11:48 - 2017-10-03 11:48 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-10-03 11:48 - 2017-10-03 11:48 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-10-03 11:48 - 2017-10-03 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-02 01:15 - 2017-10-02 01:15 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-30 18:26 - 2017-09-30 22:14 - 000000000 ____D C:\Program Files\rempl 2017-09-16 01:17 - 2017-09-16 01:17 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-09-16 01:17 - 2017-09-16 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-09-16 01:17 - 2017-09-16 01:17 - 000000000 ____D C:\Program Files\iPod 2017-09-16 01:16 - 2017-09-16 01:17 - 000000000 ____D C:\Program Files\iTunes 2017-09-16 01:12 - 2017-09-16 01:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple 2017-09-16 01:12 - 2017-09-16 01:12 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2017-09-13 20:26 - 2017-09-07 15:07 - 000315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-09-13 20:26 - 2017-09-07 14:59 - 001470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-09-13 20:26 - 2017-09-07 14:22 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-09-13 20:26 - 2017-09-07 14:13 - 000546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-09-13 20:26 - 2017-09-07 14:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-09-13 20:26 - 2017-09-07 14:00 - 000037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-09-13 20:26 - 2017-09-07 13:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-09-13 20:26 - 2017-09-07 13:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-09-13 20:26 - 2017-09-07 13:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-09-13 20:26 - 2017-09-07 13:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-09-13 20:26 - 2017-09-07 13:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-09-13 20:26 - 2017-09-07 13:40 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2017-09-13 20:26 - 2017-09-07 13:36 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-09-13 20:26 - 2017-09-07 13:35 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-09-13 20:26 - 2017-09-07 13:33 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-09-13 20:26 - 2017-09-07 13:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-09-13 20:26 - 2017-09-07 13:32 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-09-13 20:26 - 2017-09-07 13:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-09-13 20:26 - 2017-09-07 13:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-09-13 20:26 - 2017-09-07 13:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-09-13 20:26 - 2017-09-07 13:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-09-13 20:26 - 2017-03-04 14:05 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2017-09-13 20:25 - 2017-09-07 14:32 - 001573792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-09-13 20:25 - 2017-09-07 14:32 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-09-13 20:25 - 2017-09-07 14:29 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-09-13 20:25 - 2017-09-07 14:24 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-09-13 20:25 - 2017-09-07 14:24 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-09-13 20:25 - 2017-09-07 14:22 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 002265368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 000780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-09-13 20:25 - 2017-09-07 14:21 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 000267104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-09-13 20:25 - 2017-09-07 14:20 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-09-13 20:25 - 2017-09-07 14:20 - 000037200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 000606560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-09-13 20:25 - 2017-09-07 14:16 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-09-13 20:25 - 2017-09-07 14:16 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-09-13 20:25 - 2017-09-07 14:13 - 001412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-09-13 20:25 - 2017-09-07 14:12 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2017-09-13 20:25 - 2017-09-07 14:01 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-09-13 20:25 - 2017-09-07 14:01 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-09-13 20:25 - 2017-09-07 13:59 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe 2017-09-13 20:25 - 2017-09-07 13:58 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-09-13 20:25 - 2017-09-07 13:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-09-13 20:25 - 2017-09-07 13:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-09-13 20:25 - 2017-09-07 13:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-09-13 20:25 - 2017-09-07 13:56 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-09-13 20:25 - 2017-09-07 13:55 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-09-13 20:25 - 2017-09-07 13:55 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-09-13 20:25 - 2017-09-07 13:55 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-09-13 20:25 - 2017-09-07 13:54 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-09-13 20:25 - 2017-09-07 13:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-09-13 20:25 - 2017-09-07 13:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-09-13 20:25 - 2017-09-07 13:51 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-09-13 20:25 - 2017-09-07 13:50 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-09-13 20:25 - 2017-09-07 13:49 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-09-13 20:25 - 2017-09-07 13:46 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-09-13 20:25 - 2017-09-07 13:45 - 013875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-09-13 20:25 - 2017-09-07 13:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-09-13 20:25 - 2017-09-07 13:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-09-13 20:25 - 2017-09-07 13:42 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-09-13 20:25 - 2017-09-07 13:42 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-09-13 20:25 - 2017-09-07 13:42 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-09-13 20:25 - 2017-09-07 13:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-09-13 20:25 - 2017-09-07 13:39 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-09-13 20:25 - 2017-09-07 13:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-09-13 20:25 - 2017-09-07 13:38 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-09-13 20:25 - 2017-09-07 13:38 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-09-13 20:25 - 2017-09-07 13:38 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-09-13 20:25 - 2017-09-07 13:37 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-09-13 20:25 - 2017-09-07 13:37 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-09-13 20:25 - 2017-09-07 13:36 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-09-13 20:25 - 2017-09-07 13:36 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-09-13 20:25 - 2017-09-07 13:36 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll 2017-09-13 20:25 - 2017-09-07 13:35 - 007470080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-09-13 20:25 - 2017-09-07 13:35 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-09-13 20:25 - 2017-09-07 13:35 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 001135616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 001993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 001988608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 002747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-09-13 20:25 - 2017-09-07 13:29 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-09-13 20:25 - 2017-09-07 13:29 - 001576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-09-13 20:25 - 2017-09-07 13:29 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-09-13 20:25 - 2017-09-07 13:29 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-09-13 20:25 - 2017-09-07 13:28 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-09-13 20:25 - 2017-09-07 13:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-09-13 20:25 - 2017-09-07 13:28 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-09-13 20:25 - 2017-09-07 13:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-09-13 20:25 - 2017-09-07 13:19 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-09-13 20:25 - 2017-09-07 13:16 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-09-13 20:25 - 2017-09-07 13:15 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-09-13 20:25 - 2017-09-07 13:14 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-09-13 20:25 - 2017-09-07 13:14 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-09-13 20:25 - 2017-09-07 13:13 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2017-09-13 20:25 - 2017-09-07 13:13 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-09-13 20:25 - 2017-09-07 13:12 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-09-13 20:25 - 2017-09-07 13:07 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-09-13 20:25 - 2017-09-07 13:01 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-09-13 20:25 - 2017-09-07 13:01 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-09-13 20:25 - 2017-09-07 12:58 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-09-13 20:25 - 2017-09-07 12:56 - 002539008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-09-13 20:25 - 2017-09-07 12:55 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-09-13 20:25 - 2017-09-07 12:54 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-09-13 20:25 - 2017-08-22 13:08 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-09-13 20:25 - 2017-08-22 12:57 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-09-13 20:25 - 2017-08-22 12:55 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-09-13 20:25 - 2017-08-22 12:49 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-09-13 20:25 - 2017-08-08 14:03 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-09-13 20:25 - 2017-08-08 14:03 - 000102240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2017-09-13 20:25 - 2017-08-08 13:56 - 000054240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-09-13 20:25 - 2017-08-08 13:53 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-09-13 20:25 - 2017-08-08 13:53 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-09-13 20:25 - 2017-08-08 13:25 - 000255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2017-09-13 20:25 - 2017-08-08 13:21 - 000340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-09-13 20:25 - 2017-08-08 13:16 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-09-13 20:25 - 2017-08-08 13:16 - 000086232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll 2017-09-13 20:25 - 2017-08-08 12:58 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-09-13 20:25 - 2017-08-08 12:56 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-09-13 20:25 - 2017-08-08 12:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe 2017-09-13 20:25 - 2017-08-08 12:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-09-13 20:25 - 2017-08-08 12:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-09-13 20:25 - 2017-08-08 12:53 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2017-09-13 20:25 - 2017-08-08 12:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll 2017-09-13 20:25 - 2017-08-08 12:50 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-09-13 20:25 - 2017-08-08 12:50 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-09-13 20:25 - 2017-08-08 12:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-09-13 20:25 - 2017-08-08 12:49 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll 2017-09-13 20:25 - 2017-08-08 12:48 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2017-09-13 20:25 - 2017-08-08 12:47 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-09-13 20:25 - 2017-08-08 12:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-09-13 20:25 - 2017-03-04 14:53 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-09-13 20:25 - 2017-03-04 14:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-09-13 20:25 - 2017-03-04 14:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-09-13 20:25 - 2017-03-04 14:13 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-09-13 20:25 - 2017-03-04 14:01 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-09-13 20:25 - 2016-12-21 12:43 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-09-13 20:25 - 2016-09-16 00:40 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-09-13 20:25 - 2016-09-16 00:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-09-13 20:24 - 2017-09-07 14:32 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-09-13 20:24 - 2017-09-07 14:10 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-09-13 20:24 - 2017-09-07 14:03 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-09-13 20:24 - 2017-09-07 14:03 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-09-13 20:24 - 2017-09-07 14:01 - 002049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-09-13 20:24 - 2017-09-07 13:57 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-09-13 20:24 - 2017-09-07 13:54 - 007220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-09-13 20:24 - 2017-09-07 13:54 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-09-13 20:24 - 2017-09-07 13:53 - 000097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll 2017-09-13 20:24 - 2017-09-07 13:52 - 000858464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-09-13 20:24 - 2017-09-07 13:52 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2017-09-13 20:24 - 2017-09-07 13:52 - 000044464 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2017-09-13 20:24 - 2017-09-07 13:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-09-13 20:24 - 2017-09-07 13:51 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 008168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 000244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-09-13 20:24 - 2017-09-07 13:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-09-13 20:24 - 2017-09-07 13:49 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-09-13 20:24 - 2017-09-07 13:45 - 002532704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-09-13 20:24 - 2017-09-07 13:45 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-09-13 20:24 - 2017-09-07 13:43 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-09-13 20:24 - 2017-09-07 13:41 - 019413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-09-13 20:24 - 2017-09-07 13:39 - 018363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-09-13 20:24 - 2017-09-07 13:37 - 012204544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-09-13 20:24 - 2017-09-07 13:34 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-09-13 20:24 - 2017-09-07 13:31 - 003663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-09-13 20:24 - 2017-09-07 13:31 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-09-13 20:24 - 2017-09-07 13:23 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-09-13 20:24 - 2017-09-07 13:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2017-09-13 20:24 - 2017-09-07 13:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-09-13 20:24 - 2017-09-07 13:21 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-09-13 20:24 - 2017-09-07 13:21 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-09-13 20:24 - 2017-09-07 13:21 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-09-13 20:24 - 2017-09-07 13:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-09-13 20:24 - 2017-09-07 13:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe 2017-09-13 20:24 - 2017-09-07 13:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-09-13 20:24 - 2017-09-07 13:20 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-09-13 20:24 - 2017-09-07 13:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2017-09-13 20:24 - 2017-09-07 13:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-09-13 20:24 - 2017-09-07 13:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-09-13 20:24 - 2017-09-07 13:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-09-13 20:24 - 2017-09-07 13:17 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-09-13 20:24 - 2017-09-07 13:14 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-09-13 20:24 - 2017-09-07 13:13 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-09-13 20:24 - 2017-09-07 13:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-09-13 20:24 - 2017-09-07 13:13 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-09-13 20:24 - 2017-09-07 13:12 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-09-13 20:24 - 2017-09-07 13:12 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-09-13 20:24 - 2017-09-07 13:11 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-09-13 20:24 - 2017-09-07 13:11 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-09-13 20:24 - 2017-09-07 13:09 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2017-09-13 20:24 - 2017-09-07 13:08 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-09-13 20:24 - 2017-09-07 13:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2017-09-13 20:24 - 2017-09-07 13:05 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-09-13 20:24 - 2017-09-07 13:05 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-09-13 20:24 - 2017-09-07 13:05 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-09-13 20:24 - 2017-09-07 13:04 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-09-13 20:24 - 2017-09-07 13:04 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2017-09-13 20:24 - 2017-09-07 13:03 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-09-13 20:24 - 2017-09-07 13:03 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-09-13 20:24 - 2017-09-07 13:03 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-09-13 20:24 - 2017-09-07 13:01 - 002390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-09-13 20:24 - 2017-09-07 13:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-09-13 20:24 - 2017-09-07 13:01 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-09-13 20:24 - 2017-09-07 13:01 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll 2017-09-13 20:24 - 2017-09-07 13:00 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-09-13 20:24 - 2017-09-07 13:00 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-09-13 20:24 - 2017-09-07 12:58 - 002097152 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-09-13 20:24 - 2017-09-07 12:58 - 001700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-09-13 20:24 - 2017-09-07 12:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2017-09-13 20:24 - 2017-09-07 12:57 - 003134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-09-13 20:24 - 2017-09-07 12:57 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-09-13 20:24 - 2017-09-07 12:57 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-09-13 20:24 - 2017-09-07 12:56 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-09-13 20:24 - 2017-09-07 12:56 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-09-13 20:24 - 2017-09-07 12:56 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-09-13 20:24 - 2017-09-07 12:54 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-09-13 20:24 - 2017-09-07 12:54 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-09-13 20:24 - 2017-09-07 12:52 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-09-13 20:24 - 2017-09-07 12:52 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-09-13 20:24 - 2017-09-07 12:52 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-09-13 20:24 - 2017-09-07 12:52 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-09-13 20:24 - 2017-09-07 12:50 - 000119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll 2017-09-13 20:24 - 2017-08-22 13:46 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-09-13 20:24 - 2017-08-22 13:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-09-13 20:24 - 2017-08-22 13:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-09-13 20:24 - 2017-08-22 13:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-09-13 20:24 - 2017-08-22 13:02 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-09-13 20:24 - 2017-08-22 12:53 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-09-13 20:24 - 2017-08-22 12:50 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-09-13 20:24 - 2017-08-22 12:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-09-13 20:24 - 2017-08-22 12:38 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll 2017-09-13 20:24 - 2017-08-08 14:06 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-09-13 20:24 - 2017-08-08 13:59 - 000357984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2017-09-13 20:24 - 2017-08-08 13:59 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-09-13 20:24 - 2017-08-08 13:53 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2017-09-13 20:24 - 2017-08-08 13:45 - 000453544 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-09-13 20:24 - 2017-08-08 13:23 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-09-13 20:24 - 2017-08-08 13:18 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-09-13 20:24 - 2017-08-08 13:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-09-13 20:24 - 2017-08-08 13:17 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-09-13 20:24 - 2017-08-08 13:15 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-09-13 20:24 - 2017-08-08 13:14 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-09-13 20:24 - 2017-08-08 13:12 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-09-13 20:24 - 2017-08-08 13:04 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2017-09-13 20:24 - 2017-03-04 15:03 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-09-13 20:24 - 2017-03-04 14:39 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-09-13 20:24 - 2017-03-04 14:28 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2017-09-13 20:24 - 2017-03-04 14:28 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-09-13 20:24 - 2017-03-04 14:27 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-09-13 20:24 - 2017-03-04 14:27 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-09-13 20:24 - 2017-03-04 14:13 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll 2017-09-13 20:24 - 2017-03-04 14:08 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-09-13 20:24 - 2016-09-16 00:34 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2017-09-13 20:24 - 2016-09-16 00:30 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-09-13 20:23 - 2017-09-07 14:20 - 000367208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-09-13 20:23 - 2017-09-07 14:16 - 000379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-09-13 20:23 - 2017-09-07 14:03 - 007780704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-09-13 20:23 - 2017-09-07 14:02 - 032693432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2017-09-13 20:23 - 2017-09-07 14:01 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-09-13 20:23 - 2017-09-07 14:00 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-09-13 20:23 - 2017-09-07 13:56 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-09-13 20:23 - 2017-09-07 13:56 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 002761248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 002188128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-09-13 20:23 - 2017-09-07 13:54 - 001739072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-09-13 20:23 - 2017-09-07 13:54 - 000402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-09-13 20:23 - 2017-09-07 13:54 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-09-13 20:23 - 2017-09-07 13:53 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-09-13 20:23 - 2017-09-07 13:53 - 000684896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-09-13 20:23 - 2017-09-07 13:53 - 000431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-09-13 20:23 - 2017-09-07 13:52 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-09-13 20:23 - 2017-09-07 13:52 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-09-13 20:23 - 2017-09-07 13:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-09-13 20:23 - 2017-09-07 13:50 - 001694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-09-13 20:23 - 2017-09-07 13:50 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-09-13 20:23 - 2017-09-07 13:49 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-09-13 20:23 - 2017-09-07 13:49 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-09-13 20:23 - 2017-09-07 13:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-09-13 20:23 - 2017-09-07 13:46 - 000628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-09-13 20:23 - 2017-09-07 13:31 - 001509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-09-13 20:23 - 2017-09-07 13:30 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-09-13 20:23 - 2017-09-07 13:24 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-09-13 20:23 - 2017-09-07 13:23 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-09-13 20:23 - 2017-09-07 13:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-09-13 20:23 - 2017-09-07 13:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-09-13 20:23 - 2017-09-07 13:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-09-13 20:23 - 2017-09-07 13:18 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-09-13 20:23 - 2017-09-07 13:18 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-09-13 20:23 - 2017-09-07 13:18 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-09-13 20:23 - 2017-09-07 13:14 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-09-13 20:23 - 2017-09-07 13:14 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-09-13 20:23 - 2017-09-07 13:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2017-09-13 20:23 - 2017-09-07 13:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2017-09-13 20:23 - 2017-09-07 13:13 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-09-13 20:23 - 2017-09-07 13:13 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-09-13 20:23 - 2017-09-07 13:12 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-09-13 20:23 - 2017-09-07 13:12 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-09-13 20:23 - 2017-09-07 13:12 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-09-13 20:23 - 2017-09-07 13:11 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2017-09-13 20:23 - 2017-09-07 13:11 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-09-13 20:23 - 2017-09-07 13:11 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-09-13 20:23 - 2017-09-07 13:11 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-09-13 20:23 - 2017-09-07 13:10 - 017200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-09-13 20:23 - 2017-09-07 13:10 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-09-13 20:23 - 2017-09-07 13:09 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 001639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2017-09-13 20:23 - 2017-09-07 13:07 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-09-13 20:23 - 2017-09-07 13:07 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-09-13 20:23 - 2017-09-07 13:05 - 005114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2017-09-13 20:23 - 2017-09-07 13:04 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-09-13 20:23 - 2017-09-07 13:04 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-09-13 20:23 - 2017-09-07 13:03 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-09-13 20:23 - 2017-09-07 13:03 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-09-13 20:23 - 2017-09-07 13:02 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-09-13 20:23 - 2017-09-07 13:02 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-09-13 20:23 - 2017-09-07 13:02 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-09-13 20:23 - 2017-09-07 13:01 - 023675904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-09-13 20:23 - 2017-09-07 13:01 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 008114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 005611520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 002286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-09-13 20:23 - 2017-09-07 12:55 - 003616256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-09-13 20:23 - 2017-09-07 12:55 - 002820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-09-13 20:23 - 2017-09-07 12:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-09-13 20:23 - 2017-09-07 12:55 - 001512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-09-13 20:23 - 2017-09-07 12:55 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-09-13 20:23 - 2017-09-07 12:54 - 003542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-09-13 20:23 - 2017-09-07 12:54 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-09-13 20:23 - 2017-09-07 12:54 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-09-13 20:23 - 2017-09-07 12:53 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-09-13 20:23 - 2017-09-07 12:53 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-09-13 20:23 - 2017-09-07 12:52 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-09-13 20:23 - 2017-08-22 12:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2017-09-13 20:23 - 2017-08-22 12:52 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-09-13 20:23 - 2017-08-22 12:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-09-13 20:23 - 2017-08-22 12:43 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-09-13 20:23 - 2017-08-22 12:41 - 002319872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-09-13 20:23 - 2017-08-08 14:15 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-09-13 20:23 - 2017-08-08 14:01 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-09-13 20:23 - 2017-08-08 13:55 - 000404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-09-13 20:23 - 2017-08-08 13:52 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-09-13 20:23 - 2017-08-08 13:45 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-09-13 20:23 - 2017-08-08 13:17 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-09-13 20:23 - 2017-08-08 13:16 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll 2017-09-13 20:23 - 2017-08-08 13:15 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-09-13 20:23 - 2017-08-08 13:15 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-09-13 20:23 - 2017-08-08 13:14 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-09-13 20:23 - 2017-08-08 13:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2017-09-13 20:23 - 2017-08-08 13:10 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-09-13 20:23 - 2017-08-08 13:04 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-09-13 20:23 - 2017-08-08 12:55 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-09-13 20:23 - 2017-08-08 12:54 - 001228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-09-13 20:23 - 2017-08-01 13:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-09-13 20:23 - 2017-03-04 15:09 - 000178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-09-13 20:23 - 2017-03-04 14:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-09-13 20:23 - 2017-03-04 14:29 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-09-13 20:23 - 2017-03-04 14:10 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-09-13 20:23 - 2016-11-02 18:43 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-09-13 20:22 - 2017-09-07 14:11 - 000076128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2017-09-13 20:22 - 2017-09-07 14:10 - 002170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 001408352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 001054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000825696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-09-13 20:22 - 2017-09-07 14:10 - 000813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000766304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000699232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2017-09-13 20:22 - 2017-09-07 14:10 - 000202592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2017-09-13 20:22 - 2017-09-07 14:04 - 000894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-09-13 20:22 - 2017-09-07 14:03 - 001887408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-09-13 20:22 - 2017-09-07 13:58 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2017-09-13 20:22 - 2017-09-07 13:57 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-09-13 20:22 - 2017-09-07 13:53 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-09-13 20:22 - 2017-09-07 13:53 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-09-13 20:22 - 2017-09-07 13:53 - 000296288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-09-13 20:22 - 2017-09-07 13:53 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-09-13 20:22 - 2017-09-07 13:52 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-09-13 20:22 - 2017-09-07 13:52 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-09-13 20:22 - 2017-09-07 13:46 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-09-13 20:22 - 2017-09-07 13:45 - 000372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2017-09-13 20:22 - 2017-09-07 13:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-09-13 20:22 - 2017-09-07 13:22 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-09-13 20:22 - 2017-09-07 13:22 - 000045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-09-13 20:22 - 2017-09-07 13:22 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll 2017-09-13 20:22 - 2017-09-07 13:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-09-13 20:22 - 2017-09-07 13:17 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-09-13 20:22 - 2017-09-07 13:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-09-13 20:22 - 2017-09-07 13:16 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-09-13 20:22 - 2017-09-07 13:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll 2017-09-13 20:22 - 2017-09-07 13:15 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-09-13 20:22 - 2017-09-07 13:15 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-09-13 20:22 - 2017-09-07 13:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-09-13 20:22 - 2017-09-07 13:13 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-09-13 20:22 - 2017-09-07 13:12 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-09-13 20:22 - 2017-09-07 13:04 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-09-13 20:22 - 2017-09-07 13:04 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2017-09-13 20:22 - 2017-09-07 13:01 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-09-13 20:22 - 2017-09-07 12:59 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-09-13 20:22 - 2017-09-07 12:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-09-13 20:22 - 2017-09-07 12:59 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-09-13 20:22 - 2017-09-07 12:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-09-13 20:22 - 2017-09-07 12:58 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-09-13 20:22 - 2017-09-07 12:55 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-09-13 20:22 - 2017-08-22 13:43 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-09-13 20:22 - 2017-08-22 13:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-09-13 20:22 - 2017-08-08 14:09 - 000065648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-09-13 20:22 - 2017-08-08 14:03 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-09-13 20:22 - 2017-08-08 13:52 - 000649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-09-13 20:22 - 2017-08-08 13:52 - 000386408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-09-13 20:22 - 2017-08-08 13:52 - 000101776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll 2017-09-13 20:22 - 2017-08-08 13:52 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-09-13 20:22 - 2017-08-08 13:20 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-09-13 20:22 - 2017-08-08 13:20 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2017-09-13 20:22 - 2017-08-08 13:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-09-13 20:22 - 2017-08-08 13:20 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe 2017-09-13 20:22 - 2017-08-08 13:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-09-13 20:22 - 2017-08-08 13:16 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll 2017-09-13 20:22 - 2017-08-08 13:13 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll 2017-09-13 20:22 - 2017-08-08 12:58 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-09-13 20:22 - 2017-08-08 12:51 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-09-13 20:22 - 2017-03-04 15:07 - 000947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-09 08:57 - 2016-10-10 22:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-10-09 08:57 - 2016-03-11 15:37 - 000000000 __SHD C:\Users\ASUS\IntelGraphicsProfiles 2017-10-09 08:55 - 2016-10-10 23:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-09 08:54 - 2016-07-16 14:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-10-09 08:51 - 2017-03-14 23:25 - 000005200 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for A455L-PC-ASUS A455L-PC 2017-10-09 08:37 - 2016-07-19 05:23 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Skype 2017-10-09 07:50 - 2016-10-10 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-09 05:37 - 2016-03-20 23:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-10-09 04:20 - 2016-03-12 03:00 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Camfrog 2017-10-09 04:14 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-10-08 02:06 - 2016-06-09 11:17 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\WhatsApp 2017-10-06 01:24 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-05 06:01 - 2016-06-09 11:17 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2017-10-05 06:01 - 2016-06-09 11:17 - 000000000 ____D C:\Users\ASUS\AppData\Local\SquirrelTemp 2017-10-05 04:19 - 2016-07-16 19:45 - 000000000 ____D C:\WINDOWS\INF 2017-10-05 02:03 - 2016-03-31 11:59 - 000000000 ____D C:\Program Files\Google 2017-10-05 02:03 - 2014-03-18 23:52 - 000000000 ____D C:\Program Files (x86)\Google 2017-10-05 00:36 - 2016-03-24 01:42 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio 2017-10-05 00:36 - 2016-03-24 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio 2017-10-05 00:36 - 2016-03-24 01:42 - 000000000 ____D C:\Program Files\VB 2017-10-05 00:34 - 2014-03-18 23:52 - 000000000 ____D C:\Users\ASUS\AppData\Local\Google 2017-10-05 00:32 - 2017-08-08 21:51 - 000004156 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1502200294 2017-10-05 00:32 - 2017-08-08 21:51 - 000001389 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk 2017-10-05 00:11 - 2016-04-16 03:21 - 000040924 __RSH C:\ProgramData\ntuser.pol 2017-10-05 00:11 - 2013-08-22 23:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-10-05 00:09 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-10-04 10:47 - 2016-07-16 19:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-04 05:06 - 2016-05-27 16:34 - 001344514 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-04 01:20 - 2016-07-19 05:13 - 000000000 ____D C:\ProgramData\Skype 2017-10-03 15:12 - 2017-04-22 09:54 - 000002256 _____ C:\Users\ASUS\Desktop\Camfrog Video Chat.lnk 2017-10-03 14:46 - 2015-10-30 15:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-10-03 12:12 - 2016-05-28 16:13 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2017-10-03 11:48 - 2016-03-24 13:53 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Mozilla 2017-10-03 03:55 - 2017-07-26 20:39 - 000002810 _____ C:\WINDOWS\System32\Tasks\{40CB427E-3C73-04B9-BB6A-20B1B45C9EC0} 2017-09-26 09:03 - 2016-03-24 02:58 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\AIMP 2017-09-22 06:24 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\rescache 2017-09-22 04:44 - 2017-07-27 21:37 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-907509582-2581158687-2100573859-1001 2017-09-22 04:44 - 2016-05-27 16:45 - 000002398 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-22 04:44 - 2016-05-27 16:45 - 000000000 ___RD C:\Users\ASUS\OneDrive 2017-09-16 20:51 - 2017-07-30 14:12 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\MPC-HC 2017-09-16 20:51 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-09-16 01:12 - 2016-04-18 16:26 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-09-14 22:49 - 2016-02-14 01:33 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-14 22:34 - 2016-10-10 22:35 - 000338616 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-14 22:30 - 2016-07-16 19:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-09-14 22:30 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB 2017-09-14 22:29 - 2016-07-17 06:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ___RD C:\Program Files\Windows Defender 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\migwiz 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\en-GB 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\Provisioning 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2017-09-13 22:46 - 2016-07-16 19:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-09-13 22:33 - 2016-03-30 14:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-13 20:29 - 2016-03-30 14:31 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-13 19:39 - 2016-07-16 19:42 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-09-13 19:38 - 2016-07-16 19:43 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-09-13 19:37 - 2016-07-16 19:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-10-09 06:33 ==================== End of FRST.txt ============================ --------------------------------------------------------------------------------------------------------------------------------------------------- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017 Ran by ASUS (09-10-2017 10:06:45) Running from C:\Users\ASUS\Desktop Windows 10 Pro Version 1607 14393.1715.amd64fre.rs1_release_inmarket.170906-1810 (X64) (2016-10-10 15:05:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-907509582-2581158687-2100573859-500 - Administrator - Disabled) ASUS (S-1-5-21-907509582-2581158687-2100573859-1001 - Administrator - Enabled) => C:\Users\ASUS DefaultAccount (S-1-5-21-907509582-2581158687-2100573859-503 - Limited - Disabled) Guest (S-1-5-21-907509582-2581158687-2100573859-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-907509582-2581158687-2100573859-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1717, 08.05.2016 - AIMP DevTeam) Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Camfrog Video Chat 6.18 (HKLM-x32\...\Camfrog) (Version: 6.18.622 - Camshare, Inc.) Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.) COMODO Firewall (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Hidden COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dukungan Aplikasi Apple (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.) Dukungan Aplikasi Apple (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) EPSON L1300 Series Printer Uninstall (HKLM\...\EPSON L1300 Series) (Version: - SEIKO EPSON Corporation) EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.53.0.0 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) iTunes (HKLM\...\{08902C71-7E55-4ABA-B406-E89DD63DB9B7}) (Version: 12.7.0.166 - Apple Inc.) KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation) K-Lite Codec Pack 13.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.3.5 - KLCP) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0 - Mozilla) NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) NVIDIA Update 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.5.28 - NVIDIA Corporation) Opera Stable 48.0.2685.35 (HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\Opera 48.0.2685.35) (Version: 48.0.2685.35 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) RogueKiller version 12.11.18.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.18.0 - Adlice Software) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited) SplitCam (HKLM-x32\...\SplitCam) (Version: 7.7.4.1 - SplitCam Co) SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) WhatsApp (HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.53 - Nullsoft, Inc) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-28] (AIMP DevTeam) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-28] (AIMP DevTeam) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05CDA15B-C688-4966-8454-3274AF5E1DB7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ASUS\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {063960B4-841E-4B73-A800-AB342780C04F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for A455L-PC-ASUS A455L-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {2A78410B-8063-48A8-B8FD-F8DD5A9E13F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.) Task: {2E4E2222-8BB0-473F-88FD-040363BBB74A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {31882BFA-5A3F-4CDE-B89D-05CB0EDBB4C8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3C5C0CE9-57BD-45E1-8C30-15A4614BCD2E} - System32\Tasks\{B209B37B-B2B1-45D3-849E-678FFDD67E63} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/id/abandoninstall?source=lightinstaller&page=tsInstall Task: {55BB16E6-9FF4-4A51-90E0-373DD3EF3806} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-07-20] () Task: {55D927EB-7DFD-446C-A7F5-78E16253440F} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {57438757-6C5E-4BB5-89B8-8DE104C5CF27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {66695AD5-5775-4D8C-949B-A2C789C98739} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {6C356D15-1619-4A4F-ACC0-1875401346A8} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {77174980-97F0-4E49-9532-8AFBA1401E69} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {7B44D61C-7EE2-48CC-B178-857226924754} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29] (COMODO) Task: {7E2DFCE5-A7FD-4152-AE31-905D170901A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.) Task: {89B8AA8B-5960-40CB-8691-D9F0B51281F5} - System32\Tasks\{F6AEFBA2-1D51-4816-B6BD-2F6843D3449E} => c:\users\asus\appdata\local\programs\opera\launcher.exe [2017-10-02] (Opera Software) Task: {93FEC667-95AF-4BBA-B1C6-14DDC617F5E5} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {9487E593-0DBF-42F2-B8AF-2FC09F059485} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {D333EFB5-990E-4E52-BF6A-18C2C48472B6} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.) Task: {DF0F9DFB-5329-4C4D-81D5-8C042A4C8D5E} - System32\Tasks\Opera scheduled Autoupdate 1502200294 => C:\Users\ASUS\AppData\Local\Programs\Opera\launcher.exe [2017-10-02] (Opera Software) Task: {E18B7EE3-658D-4739-956D-C64C5B30C671} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-05] (AVAST Software) Task: {E2769F37-60A1-40A5-AFA7-7DC77E2B7CA2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {EFF0C380-6EA9-4501-A03C-855E613FEBD5} - System32\Tasks\{40CB427E-3C73-04B9-BB6A-20B1B45C9EC0} => C:\PROGRA~2\COMMON~1\40CB42~1\SYNCVE~1.EXE (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 19:42 - 2016-07-16 19:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-09-13 20:23 - 2017-09-07 14:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-08-29 05:57 - 2017-08-29 05:57 - 000156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll 2017-10-03 12:17 - 2017-10-08 17:14 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-10-03 12:17 - 2017-10-08 17:14 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2012-10-01 20:36 - 2012-10-01 20:36 - 006522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2017-03-16 03:10 - 2017-03-04 14:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-16 03:10 - 2017-03-04 14:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-16 03:10 - 2017-03-04 14:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-09-13 20:24 - 2017-09-07 12:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-10-11 06:29 - 2016-10-11 06:29 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-16 03:09 - 2017-03-04 14:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-09-28 19:50 - 2017-09-28 19:51 - 026118656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe 2017-09-28 19:50 - 2017-09-28 19:51 - 009162240 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-28 19:50 - 2017-09-28 19:51 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-08-02 22:12 - 2017-08-02 22:12 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-08-02 22:12 - 2017-08-02 22:12 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-07-27 21:36 - 2017-07-27 21:41 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-02 22:12 - 2017-08-02 22:12 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-07-27 21:36 - 2017-07-27 21:41 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-08-02 22:12 - 2017-08-02 22:12 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-03 17:40 - 2017-06-03 17:47 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-03 17:40 - 2017-06-03 17:47 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-07-27 21:36 - 2017-07-27 21:41 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-07-21 20:01 - 2017-07-21 20:03 - 001079808 _____ () C:\Program Files\WindowsApps\NAVER.LINEwin8_5.5.3.0_x64__8ptj331gd3tyt\Sqlite.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-10-05 01:21 - 2017-10-05 01:21 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 21:25 - 2017-10-03 11:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-907509582-2581158687-2100573859-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 5.152.208.2 - 31.3.244.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "SmartAudio" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKLM\...\StartupApproved\Run32: => "Lightshot" HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{9C262D18-B663-40AF-B9C4-C0A35DBA275E}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{8812B300-9920-4CC7-AF02-F444482FFC22}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{53D81DDE-EC18-4C34-A073-8FB4FED76FDD}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe FirewallRules: [TCP Query User{D2206544-9E54-465E-B971-D12C41DC9820}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe FirewallRules: [TCP Query User{AAC72B79-DA76-41E7-81CB-C9FEEF78EED7}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{20058D07-1D5E-451C-95BC-D55362C97DCF}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{2AC6A031-EF6D-43EC-AB44-29E483AEDB16}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{B4A7D516-C1A2-4B26-8A35-6C76AF20109B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{F31F53FA-0BE1-4240-BE06-8C98F2A303AC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{22D894B8-85D6-41EE-9836-3DCAEAEF147A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{EF86221F-F59F-4EBF-BE48-D8006A66770C}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{206B2C81-FA76-4878-9F1A-3DF97C6B0B2A}] => (Allow) LPort=5357 FirewallRules: [{139412F7-3540-4E1F-8B4A-2ED629B4EA3C}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{5D6D5E91-D48F-4FB9-82EF-BCF906AE2E98}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1832C86F-5365-471E-A23E-82882AA1BB96}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D420B619-63F4-41C7-8589-EBFA9096C43A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{59569BEE-A414-4E48-BCC9-85CD0E588E21}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{CD928DA3-4D49-49B7-82B3-ED6D2042DCF2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{71EF30E0-B699-455C-AF23-43AAB60B881F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{17B4D8B5-5FFC-4820-8C12-7BDCE4EDBC8C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{21731325-F95F-448B-9BF8-FC499C4E9619}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7286C9E5-3F90-496B-A81A-F91E3F966669}] => (Allow) C:\Users\ASUS\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{57203A29-8EC0-4D11-B5B3-8E6875B956C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5E9A2D8E-988B-4C0F-B3F4-3F5DB2061918}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5FE2F03E-A42F-4F66-86F2-1712E95682C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{775B1127-925F-43E3-BBED-D241CAE285B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9E81FF7B-F0F7-467F-B445-25BE2B0C3D5C}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{1F6E0E70-9556-4041-9A9C-CEC65D3F4C48}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4B029561-203A-4B5E-9F4E-3DE5D4C799AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C5EC2DFC-CC1A-4A66-865A-4464200CE937}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{FB5B205C-26DD-44B7-8FB6-DC1AA4E21D64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Restore Points ========================= 09-10-2017 09:10:00 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/09/2017 09:29:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4688 Error: (10/09/2017 09:29:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4688 Error: (10/09/2017 09:29:14 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/09/2017 09:29:13 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3485 Error: (10/09/2017 09:29:13 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3485 Error: (10/09/2017 09:29:13 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/09/2017 09:29:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2313 Error: (10/09/2017 09:29:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2313 Error: (10/09/2017 09:29:12 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (10/09/2017 09:29:11 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1172 System errors: ============= Error: (10/09/2017 09:27:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:57:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:57:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:57:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:54:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:40:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:40:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Camfrog Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (10/09/2017 08:12:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:12:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 08:12:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-10-07 03:27:41.172 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-04 15:40:11.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 15:40:04.835 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 05:28:05.575 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 05:28:01.562 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:25.257 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:25.255 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:24.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:24.943 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:24.370 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage of memory in use: 58% Total physical RAM: 3998.41 MB Available physical RAM: 1661.69 MB Total Virtual: 4702.41 MB Available Virtual: 1991.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:122.98 GB) (Free:89.31 GB) NTFS Drive d: (New Volume) (Fixed) (Total:341.8 GB) (Free:237.93 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 6D40FBC1) Partition: GPT. ==================== End of Addition.txt ============================
  7. RogueKiller V12.11.18.0 (x64) [Oct 2 2017] (Gratis) oleh Adlice Software surat : http://www.adlice.com/contact/ Umpanbalik : https://forum.adlice.com Situs Jejaring : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistem Operasi : Windows 10 (10.0.14393) 64 bits version Dimulai pada : Modus normal Pengguna : ASUS [Pengurus] Dimulai dari : C:\Program Files\RogueKiller\RogueKiller64.exe Modus : Pindai -- Tanggal : 10/09/2017 06:20:56 (Duration : 00:43:09) Saklar-saklar : -refid ¤¤¤ Proses-proses : 0 ¤¤¤ ¤¤¤ Registry : 0 ¤¤¤ ¤¤¤ Tugas-tugas : 0 ¤¤¤ ¤¤¤ Berkas-berkas : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Berkas Inang-inang : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Dimuat) ¤¤¤ ¤¤¤ Peramban-peramban Jejaring : 0 ¤¤¤ ¤¤¤ Periksa MBR : ¤¤¤ +++++ PhysicalDrive0: HGST HTS545050A7E680 +++++ --- User --- [MBR] e705daf3adafef840933e00d671202b0 [BSP] 309bbe90778f9bfca20c71dea84b0ccc : Empty|VT.Unknown MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 300 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 616448 | Size: 100 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 821248 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 1083392 | Size: 125930 MB 4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 258990080 | Size: 479 MB 5 - Basic data partition | Offset (sectors): 259971072 | Size: 350000 MB User = LL1 ... OK User = LL2 ... OK --------------------------------------------------------------------------------------------- Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/9/17 Scan Time: 7:31 AM Log File: c22cfde8-ac80-11e7-91fe-f832e4014671.json Administrator: Yes -Software Information- Version: 3.2.2.2029 Components Version: 1.0.212 Update Package Version: 1.0.2976 License: Trial -System Information- OS: Windows 10 (Build 14393.1715) CPU: x64 File System: NTFS User: A455L-PC\ASUS -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 377808 Threats Detected: 0 (No malicious items detected) Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 4 min, 10 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) # AdwCleaner 7.0.3.1 - Logfile created on Sun Oct 08 23:56:23 2017 # Updated on 2017/29/09 by Malwarebytes # Database: 10-04-2017.1 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** PUP.Optional.Legacy, Plugin found: Home Tab - /!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Pro x64 Ran by ASUS (Administrator) on 09/10/2017 at 9:09:57,73 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09/10/2017 at 9:16:56,04 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  8. Having some problems with me desktop

    Some chat programs used to work fine thru Sandboxie and Comodo firewall sandbox just fine until Friday. I never downloaded/changed any setting so I don't know why I'm getting "can not connect to server" with these programs thru sandbox. Outside of sand box they are working fine. I want to sandbox them but not working now. The whole desktop freezes when I sandbox the browsers too but that was only thru Comodo sandbox. Also at first post The FRST I ran it as admin outside of both sandbox ( both I have auto sandbox feature disable) froze the desktop. It all started Fri. Hmm
  9. Having some problems with me desktop

    I have removed Comodo firewall and Avast. Windows 10 automatically enable Windows Defender and Windows firewall for me. I like Comodo firewall for the sandbox feature it has. I also use Sandboxie. Both were working great all weeks long when I first installed them last weeks (maybe 2 weeks ago). I am able to open FRST in normal mode now. When I use some programs thru Sanboxie ( have auto sandbox disable), I'm still having connection issues. Problems seem to have started with in the past 2 days (Friday night).
  10. Hello, We just scanned this one last week but a day ago my friend downloaded a sound board tool that was packed with malware. Now all restore points deleted. There seems to be some problem with the webcam and maybe more? :( Here is FRST. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017 Ran by ASUS (administrator) on A455L-PC (09-10-2017 05:41:22) Running from C:\Users\ASUS\Desktop Loaded Profiles: ASUS (Available Profiles: ASUS) Platform: Windows 10 Pro Version 1607 14393.1715.amd64fre.rs1_release_inmarket.170906-1810 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Camshare Inc.) C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe ((C) LINE Corporation) C:\Program Files\WindowsApps\NAVER.LINEwin8_5.5.3.0_x64__8ptj331gd3tyt\LINE_APP.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [109312 2015-03-31] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-05] (AVAST Software) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-08-29] (COMODO) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [36352 2008-03-27] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe [14411808 2017-08-21] (SplitCam Co.) GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1 Tcpip\..\Interfaces\{960c0e15-4945-43be-9e36-cb596d04f045}: [DhcpNameServer] 192.168.0.1 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-907509582-2581158687-2100573859-1001 -> DefaultScope {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 7w3hjx1v.default FF ProfilePath: C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default [2017-10-09] FF Homepage: Mozilla\Firefox\Profiles\7w3hjx1v.default -> hxxp://google.com FF Extension: (Avast SafePrice) - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default\Extensions\sp@avast.com.xpi [2017-10-05] FF Extension: (TAARExperiment) - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default\Extensions\taarexp@mozilla.com.xpi [2017-10-09] FF Extension: (Avast Online Security) - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\7w3hjx1v.default\Extensions\wrc@avast.com.xpi [2017-10-09] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-05-13] [not signed] FF HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.6\npGoogleUpdate3.dll [2017-07-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.6\npGoogleUpdate3.dll [2017-07-27] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR NewTab: Default -> Not-active:"chrome-extension://ljgpiikiibdligadiaifmdemkbkahfnf/index.html" CHR DefaultSearchURL: Default -> hxxp://photoz.searchalgo.com/search/?category=web&s=ypds&q={searchTerms} CHR DefaultSearchKeyword: Default -> myPhotoz CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-10-09] CHR Extension: (Google Slides) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-11] CHR Extension: (Google Docs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-12] CHR Extension: (Google Drive) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-12] CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12] CHR Extension: (Google Search) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12] CHR Extension: (Dropbox for Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-06-16] CHR Extension: (hTab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\elmkjjfkkchohaaoljobaffjeedcoocj [2017-07-27] CHR Extension: (Avast SafePrice) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-07] CHR Extension: (Google Sheets) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-11] CHR Extension: (Google Docs Offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (AdBlock) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-23] CHR Extension: (Avast Online Security) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-07] CHR Extension: (anonymoX) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2017-05-30] CHR Extension: (Home Tab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg [2017-10-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-12] CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-28] CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found> CHR HKU\S-1-5-21-907509582-2581158687-2100573859-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-907509582-2581158687-2100573859-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-05] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-05] (AVAST Software) R2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-12-19] (Camshare Inc.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-08-29] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-08-29] (COMODO) R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [115192 2015-03-31] (Intel Corporation) R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [122624 2015-03-31] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-08-08] (Microsoft Corporation) R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [321056 2017-08-21] (SplitCam Co.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-05] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-05] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-05] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-05] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-05] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-05] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-05] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-05] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-05] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-05] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-05] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-05] (AVAST Software) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (COMODO) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [490064 2015-03-31] (Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [41552 2015-03-06] (Intel Corporation) R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41256 2015-03-06] (Intel Corporation) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2016-04-15] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-08] () S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.) S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-08-09] (COMODO) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79528 2014-09-05] (Intel Corporation) S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-08] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-09] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-09] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-09] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-09] (Malwarebytes) S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) S3 REN2CAP_DRIVER; C:\WINDOWS\system32\drivers\ren2cap.sys [46728 2011-11-07] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SplitCamAudio; C:\WINDOWS\system32\drivers\SplitCamAudio.sys [33904 2017-08-11] (SplitCam Co.) R3 splitcam_hd_driver; C:\WINDOWS\system32\DRIVERS\splitcam_hd_driver.sys [38000 2017-08-11] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-10-03] () S3 VASDeviceDrm; C:\WINDOWS\system32\drivers\vasdDev.sys [1454896 2015-07-21] (ShiningMorning Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 VBAudioVMVAIOMME; \SystemRoot\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-09 05:41 - 2017-10-09 05:42 - 000021482 _____ C:\Users\ASUS\Desktop\FRST.txt 2017-10-09 05:40 - 2017-10-09 05:41 - 000000000 ____D C:\FRST 2017-10-09 05:37 - 2017-10-09 05:38 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\SplitCam 2017-10-09 05:37 - 2017-10-09 05:37 - 000001076 _____ C:\Users\ASUS\Desktop\SplitCam.lnk 2017-10-09 05:37 - 2017-10-09 05:37 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SplitCam 2017-10-09 05:35 - 2017-10-09 05:37 - 000000000 ____D C:\Program Files (x86)\SplitCam 2017-10-09 05:28 - 2017-10-09 05:32 - 101041968 _____ (SplitCam Co.) C:\Users\ASUS\Downloads\SplitCamSetup.exe 2017-10-09 05:26 - 2017-10-09 05:27 - 002401792 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe 2017-10-09 05:18 - 2017-10-09 05:18 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-10-08 17:15 - 2017-10-09 04:52 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2017-10-08 17:15 - 2017-10-09 04:52 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-10-08 17:15 - 2017-10-09 04:52 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-10-08 17:15 - 2017-10-09 04:52 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-10-08 17:15 - 2017-10-08 17:15 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2017-10-05 06:01 - 2017-10-05 06:01 - 000002271 _____ C:\Users\ASUS\Desktop\WhatsApp.lnk 2017-10-05 06:00 - 2017-10-05 06:01 - 000000000 ____D C:\Users\ASUS\AppData\Local\WhatsApp 2017-10-05 05:26 - 2017-10-05 05:41 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\vlc 2017-10-05 05:26 - 2017-10-05 05:26 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk 2017-10-05 05:26 - 2017-10-05 05:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-10-05 05:25 - 2017-10-05 05:25 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2017-10-05 04:27 - 2017-10-05 04:27 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll 2017-10-05 04:27 - 2017-10-05 04:27 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2017-10-05 04:01 - 2017-10-05 06:12 - 000003640 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2017-10-05 04:00 - 2017-10-05 06:12 - 000000408 _____ C:\DelFix.txt 2017-10-05 04:00 - 2017-10-05 04:00 - 000000000 ____D C:\WINDOWS\ERUNT 2017-10-05 02:01 - 2017-10-05 02:01 - 000001240 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk 2017-10-05 02:01 - 2017-10-05 02:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2017-10-05 02:00 - 2017-10-05 02:00 - 000000000 ____D C:\Program Files\COMODO 2017-10-05 01:59 - 2017-10-05 04:28 - 000000000 ____D C:\Users\ASUS\AppData\Local\Comodo 2017-10-05 01:59 - 2017-10-05 04:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2017-10-05 01:36 - 2017-10-05 04:26 - 000000000 ____D C:\ProgramData\Comodo 2017-10-05 01:36 - 2017-10-05 01:36 - 000000000 ____D C:\ProgramData\Shared Space 2017-10-05 01:36 - 2017-10-05 01:36 - 000000000 ____D C:\ProgramData\Comodo Downloader 2017-10-05 01:24 - 2017-10-05 01:24 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-10-05 01:24 - 2017-10-05 01:24 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-10-05 01:24 - 2017-10-05 01:24 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-10-05 01:24 - 2017-10-05 01:24 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\AVAST Software 2017-10-05 01:23 - 2017-10-05 01:23 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-10-05 01:23 - 2017-10-05 01:22 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-10-05 01:23 - 2017-10-05 01:22 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-10-05 01:23 - 2017-10-05 01:21 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-10-05 01:22 - 2017-10-05 01:22 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-10-05 01:16 - 2017-10-05 01:16 - 000000000 ____D C:\Program Files\AVAST Software 2017-10-05 00:13 - 2017-10-05 00:13 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\SUPERAntiSpyware.com 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2017-10-05 00:13 - 2017-10-05 00:13 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2017-10-05 00:09 - 2017-10-05 00:11 - 000000000 ____D C:\ProgramData\TEMP 2017-10-05 00:09 - 2017-10-05 00:10 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster 2017-10-05 00:09 - 2017-10-05 00:09 - 000001148 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk 2017-10-05 00:09 - 2017-10-05 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2017-10-05 00:09 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX 2017-10-05 00:09 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 2017-10-04 12:05 - 2017-10-04 12:05 - 000000000 ____D C:\ProgramData\Sophos 2017-10-04 11:42 - 2017-10-04 11:42 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk 2017-10-04 11:42 - 2017-10-04 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2017-10-04 11:41 - 2017-10-04 11:41 - 000000000 ____D C:\Program Files (x86)\Sophos 2017-10-04 11:33 - 2017-10-05 03:57 - 000000000 ____D C:\Users\ASUS\Desktop\PC Cleaner Tools 2017-10-04 11:32 - 2017-10-04 11:32 - 000000000 ____D C:\Users\ASUS\Documents\lampiran 2017-10-04 05:31 - 2017-10-05 06:02 - 000000000 ____D C:\Program Installers 2017-10-04 01:19 - 2017-10-04 01:19 - 000002640 _____ C:\Users\Public\Desktop\Skype.lnk 2017-10-04 01:19 - 2017-10-04 01:19 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-10-04 01:19 - 2017-10-04 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-10-04 01:16 - 2017-10-04 01:16 - 000003270 _____ C:\WINDOWS\System32\Tasks\{F6AEFBA2-1D51-4816-B6BD-2F6843D3449E} 2017-10-03 13:28 - 2017-10-03 13:28 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-10-03 13:26 - 2017-10-03 13:26 - 000000000 ____D C:\ProgramData\RogueKiller 2017-10-03 13:26 - 2017-10-03 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-10-03 13:25 - 2017-10-03 13:26 - 000000000 ____D C:\Program Files\RogueKiller 2017-10-03 12:17 - 2017-10-08 17:14 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-10-03 12:17 - 2017-10-03 12:17 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-10-03 12:17 - 2017-10-03 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-10-03 12:17 - 2017-10-03 12:17 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-10-03 12:17 - 2017-10-03 12:17 - 000000000 ____D C:\Program Files\Malwarebytes 2017-10-03 11:56 - 2017-10-03 11:56 - 000000000 ____D C:\Users\ASUS\AppData\Local\CrashRpt 2017-10-03 11:51 - 2017-10-05 03:34 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-03 11:48 - 2017-10-09 05:18 - 000000000 ____D C:\Users\ASUS\AppData\LocalLow\Mozilla 2017-10-03 11:48 - 2017-10-03 11:49 - 000000000 ____D C:\Users\ASUS\AppData\Local\Mozilla 2017-10-03 11:48 - 2017-10-03 11:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-10-03 11:48 - 2017-10-03 11:48 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-10-03 11:48 - 2017-10-03 11:48 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-10-03 11:48 - 2017-10-03 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-02 01:15 - 2017-10-02 01:15 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-30 18:26 - 2017-09-30 22:14 - 000000000 ____D C:\Program Files\rempl 2017-09-16 01:17 - 2017-09-16 01:17 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-09-16 01:17 - 2017-09-16 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-09-16 01:17 - 2017-09-16 01:17 - 000000000 ____D C:\Program Files\iPod 2017-09-16 01:16 - 2017-09-16 01:17 - 000000000 ____D C:\Program Files\iTunes 2017-09-16 01:12 - 2017-09-16 01:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple 2017-09-16 01:12 - 2017-09-16 01:12 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2017-09-13 20:26 - 2017-09-07 15:07 - 000315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-09-13 20:26 - 2017-09-07 14:59 - 001470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-09-13 20:26 - 2017-09-07 14:22 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-09-13 20:26 - 2017-09-07 14:13 - 000546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-09-13 20:26 - 2017-09-07 14:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-09-13 20:26 - 2017-09-07 14:00 - 000037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-09-13 20:26 - 2017-09-07 13:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-09-13 20:26 - 2017-09-07 13:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-09-13 20:26 - 2017-09-07 13:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-09-13 20:26 - 2017-09-07 13:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-09-13 20:26 - 2017-09-07 13:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-09-13 20:26 - 2017-09-07 13:40 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2017-09-13 20:26 - 2017-09-07 13:36 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-09-13 20:26 - 2017-09-07 13:35 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-09-13 20:26 - 2017-09-07 13:33 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-09-13 20:26 - 2017-09-07 13:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-09-13 20:26 - 2017-09-07 13:32 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-09-13 20:26 - 2017-09-07 13:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-09-13 20:26 - 2017-09-07 13:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-09-13 20:26 - 2017-09-07 13:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-09-13 20:26 - 2017-09-07 13:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-09-13 20:26 - 2017-03-04 14:05 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2017-09-13 20:25 - 2017-09-07 14:32 - 001573792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-09-13 20:25 - 2017-09-07 14:32 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-09-13 20:25 - 2017-09-07 14:29 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-09-13 20:25 - 2017-09-07 14:24 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2017-09-13 20:25 - 2017-09-07 14:24 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-09-13 20:25 - 2017-09-07 14:22 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 002265368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-09-13 20:25 - 2017-09-07 14:21 - 000780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-09-13 20:25 - 2017-09-07 14:21 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-09-13 20:25 - 2017-09-07 14:20 - 000267104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-09-13 20:25 - 2017-09-07 14:20 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-09-13 20:25 - 2017-09-07 14:20 - 000037200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 000606560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-09-13 20:25 - 2017-09-07 14:19 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-09-13 20:25 - 2017-09-07 14:17 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-09-13 20:25 - 2017-09-07 14:16 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-09-13 20:25 - 2017-09-07 14:16 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-09-13 20:25 - 2017-09-07 14:13 - 001412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-09-13 20:25 - 2017-09-07 14:12 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2017-09-13 20:25 - 2017-09-07 14:01 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-09-13 20:25 - 2017-09-07 14:01 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-09-13 20:25 - 2017-09-07 13:59 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe 2017-09-13 20:25 - 2017-09-07 13:58 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-09-13 20:25 - 2017-09-07 13:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-09-13 20:25 - 2017-09-07 13:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-09-13 20:25 - 2017-09-07 13:57 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-09-13 20:25 - 2017-09-07 13:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-09-13 20:25 - 2017-09-07 13:56 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-09-13 20:25 - 2017-09-07 13:55 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-09-13 20:25 - 2017-09-07 13:55 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-09-13 20:25 - 2017-09-07 13:55 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-09-13 20:25 - 2017-09-07 13:54 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-09-13 20:25 - 2017-09-07 13:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-09-13 20:25 - 2017-09-07 13:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-09-13 20:25 - 2017-09-07 13:53 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-09-13 20:25 - 2017-09-07 13:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-09-13 20:25 - 2017-09-07 13:52 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-09-13 20:25 - 2017-09-07 13:51 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-09-13 20:25 - 2017-09-07 13:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-09-13 20:25 - 2017-09-07 13:50 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-09-13 20:25 - 2017-09-07 13:50 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2017-09-13 20:25 - 2017-09-07 13:49 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-09-13 20:25 - 2017-09-07 13:49 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-09-13 20:25 - 2017-09-07 13:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-09-13 20:25 - 2017-09-07 13:47 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-09-13 20:25 - 2017-09-07 13:46 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-09-13 20:25 - 2017-09-07 13:45 - 013875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-09-13 20:25 - 2017-09-07 13:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-09-13 20:25 - 2017-09-07 13:44 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-09-13 20:25 - 2017-09-07 13:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-09-13 20:25 - 2017-09-07 13:42 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-09-13 20:25 - 2017-09-07 13:42 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-09-13 20:25 - 2017-09-07 13:42 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-09-13 20:25 - 2017-09-07 13:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-09-13 20:25 - 2017-09-07 13:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-09-13 20:25 - 2017-09-07 13:39 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-09-13 20:25 - 2017-09-07 13:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2017-09-13 20:25 - 2017-09-07 13:38 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-09-13 20:25 - 2017-09-07 13:38 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-09-13 20:25 - 2017-09-07 13:38 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2017-09-13 20:25 - 2017-09-07 13:37 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-09-13 20:25 - 2017-09-07 13:37 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-09-13 20:25 - 2017-09-07 13:36 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-09-13 20:25 - 2017-09-07 13:36 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-09-13 20:25 - 2017-09-07 13:36 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll 2017-09-13 20:25 - 2017-09-07 13:35 - 007470080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-09-13 20:25 - 2017-09-07 13:35 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-09-13 20:25 - 2017-09-07 13:35 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-09-13 20:25 - 2017-09-07 13:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 001135616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-09-13 20:25 - 2017-09-07 13:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 001993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-09-13 20:25 - 2017-09-07 13:32 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 001988608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-09-13 20:25 - 2017-09-07 13:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 002747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-09-13 20:25 - 2017-09-07 13:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-09-13 20:25 - 2017-09-07 13:29 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-09-13 20:25 - 2017-09-07 13:29 - 001576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-09-13 20:25 - 2017-09-07 13:29 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-09-13 20:25 - 2017-09-07 13:29 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-09-13 20:25 - 2017-09-07 13:28 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-09-13 20:25 - 2017-09-07 13:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-09-13 20:25 - 2017-09-07 13:28 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-09-13 20:25 - 2017-09-07 13:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-09-13 20:25 - 2017-09-07 13:19 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-09-13 20:25 - 2017-09-07 13:16 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-09-13 20:25 - 2017-09-07 13:15 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-09-13 20:25 - 2017-09-07 13:14 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-09-13 20:25 - 2017-09-07 13:14 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-09-13 20:25 - 2017-09-07 13:13 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2017-09-13 20:25 - 2017-09-07 13:13 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-09-13 20:25 - 2017-09-07 13:12 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-09-13 20:25 - 2017-09-07 13:07 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-09-13 20:25 - 2017-09-07 13:01 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-09-13 20:25 - 2017-09-07 13:01 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-09-13 20:25 - 2017-09-07 12:58 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-09-13 20:25 - 2017-09-07 12:56 - 002539008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-09-13 20:25 - 2017-09-07 12:55 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-09-13 20:25 - 2017-09-07 12:54 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-09-13 20:25 - 2017-08-22 13:08 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-09-13 20:25 - 2017-08-22 12:57 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-09-13 20:25 - 2017-08-22 12:55 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-09-13 20:25 - 2017-08-22 12:49 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-09-13 20:25 - 2017-08-08 14:03 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-09-13 20:25 - 2017-08-08 14:03 - 000102240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2017-09-13 20:25 - 2017-08-08 13:56 - 000054240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-09-13 20:25 - 2017-08-08 13:53 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-09-13 20:25 - 2017-08-08 13:53 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-09-13 20:25 - 2017-08-08 13:25 - 000255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2017-09-13 20:25 - 2017-08-08 13:21 - 000340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-09-13 20:25 - 2017-08-08 13:16 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-09-13 20:25 - 2017-08-08 13:16 - 000086232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll 2017-09-13 20:25 - 2017-08-08 12:58 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-09-13 20:25 - 2017-08-08 12:56 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-09-13 20:25 - 2017-08-08 12:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe 2017-09-13 20:25 - 2017-08-08 12:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-09-13 20:25 - 2017-08-08 12:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-09-13 20:25 - 2017-08-08 12:53 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2017-09-13 20:25 - 2017-08-08 12:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll 2017-09-13 20:25 - 2017-08-08 12:50 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-09-13 20:25 - 2017-08-08 12:50 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-09-13 20:25 - 2017-08-08 12:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-09-13 20:25 - 2017-08-08 12:49 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll 2017-09-13 20:25 - 2017-08-08 12:48 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2017-09-13 20:25 - 2017-08-08 12:47 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-09-13 20:25 - 2017-08-08 12:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-09-13 20:25 - 2017-03-04 14:53 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-09-13 20:25 - 2017-03-04 14:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-09-13 20:25 - 2017-03-04 14:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-09-13 20:25 - 2017-03-04 14:13 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-09-13 20:25 - 2017-03-04 14:01 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-09-13 20:25 - 2016-12-21 12:43 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-09-13 20:25 - 2016-09-16 00:40 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-09-13 20:25 - 2016-09-16 00:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-09-13 20:24 - 2017-09-07 14:32 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-09-13 20:24 - 2017-09-07 14:10 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-09-13 20:24 - 2017-09-07 14:03 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-09-13 20:24 - 2017-09-07 14:03 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-09-13 20:24 - 2017-09-07 14:01 - 002049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-09-13 20:24 - 2017-09-07 13:57 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-09-13 20:24 - 2017-09-07 13:54 - 007220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-09-13 20:24 - 2017-09-07 13:54 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-09-13 20:24 - 2017-09-07 13:53 - 000097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll 2017-09-13 20:24 - 2017-09-07 13:52 - 000858464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-09-13 20:24 - 2017-09-07 13:52 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2017-09-13 20:24 - 2017-09-07 13:52 - 000044464 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2017-09-13 20:24 - 2017-09-07 13:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-09-13 20:24 - 2017-09-07 13:51 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 008168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-09-13 20:24 - 2017-09-07 13:50 - 000244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-09-13 20:24 - 2017-09-07 13:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-09-13 20:24 - 2017-09-07 13:49 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-09-13 20:24 - 2017-09-07 13:45 - 002532704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-09-13 20:24 - 2017-09-07 13:45 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-09-13 20:24 - 2017-09-07 13:43 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-09-13 20:24 - 2017-09-07 13:41 - 019413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-09-13 20:24 - 2017-09-07 13:39 - 018363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-09-13 20:24 - 2017-09-07 13:37 - 012204544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-09-13 20:24 - 2017-09-07 13:34 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-09-13 20:24 - 2017-09-07 13:31 - 003663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-09-13 20:24 - 2017-09-07 13:31 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-09-13 20:24 - 2017-09-07 13:23 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-09-13 20:24 - 2017-09-07 13:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2017-09-13 20:24 - 2017-09-07 13:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-09-13 20:24 - 2017-09-07 13:21 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-09-13 20:24 - 2017-09-07 13:21 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-09-13 20:24 - 2017-09-07 13:21 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-09-13 20:24 - 2017-09-07 13:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-09-13 20:24 - 2017-09-07 13:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe 2017-09-13 20:24 - 2017-09-07 13:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-09-13 20:24 - 2017-09-07 13:20 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-09-13 20:24 - 2017-09-07 13:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2017-09-13 20:24 - 2017-09-07 13:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-09-13 20:24 - 2017-09-07 13:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-09-13 20:24 - 2017-09-07 13:18 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-09-13 20:24 - 2017-09-07 13:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-09-13 20:24 - 2017-09-07 13:17 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-09-13 20:24 - 2017-09-07 13:17 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll 2017-09-13 20:24 - 2017-09-07 13:16 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-09-13 20:24 - 2017-09-07 13:15 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-09-13 20:24 - 2017-09-07 13:14 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-09-13 20:24 - 2017-09-07 13:14 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-09-13 20:24 - 2017-09-07 13:13 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-09-13 20:24 - 2017-09-07 13:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-09-13 20:24 - 2017-09-07 13:13 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-09-13 20:24 - 2017-09-07 13:12 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-09-13 20:24 - 2017-09-07 13:12 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-09-13 20:24 - 2017-09-07 13:11 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-09-13 20:24 - 2017-09-07 13:11 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-09-13 20:24 - 2017-09-07 13:09 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2017-09-13 20:24 - 2017-09-07 13:08 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-09-13 20:24 - 2017-09-07 13:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-09-13 20:24 - 2017-09-07 13:07 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2017-09-13 20:24 - 2017-09-07 13:05 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-09-13 20:24 - 2017-09-07 13:05 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-09-13 20:24 - 2017-09-07 13:05 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-09-13 20:24 - 2017-09-07 13:04 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-09-13 20:24 - 2017-09-07 13:04 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2017-09-13 20:24 - 2017-09-07 13:03 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-09-13 20:24 - 2017-09-07 13:03 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-09-13 20:24 - 2017-09-07 13:03 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-09-13 20:24 - 2017-09-07 13:01 - 002390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-09-13 20:24 - 2017-09-07 13:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-09-13 20:24 - 2017-09-07 13:01 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-09-13 20:24 - 2017-09-07 13:01 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll 2017-09-13 20:24 - 2017-09-07 13:00 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-09-13 20:24 - 2017-09-07 13:00 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-09-13 20:24 - 2017-09-07 12:58 - 002097152 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-09-13 20:24 - 2017-09-07 12:58 - 001700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-09-13 20:24 - 2017-09-07 12:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2017-09-13 20:24 - 2017-09-07 12:57 - 003134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-09-13 20:24 - 2017-09-07 12:57 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-09-13 20:24 - 2017-09-07 12:57 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-09-13 20:24 - 2017-09-07 12:56 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-09-13 20:24 - 2017-09-07 12:56 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-09-13 20:24 - 2017-09-07 12:56 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-09-13 20:24 - 2017-09-07 12:55 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-09-13 20:24 - 2017-09-07 12:54 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-09-13 20:24 - 2017-09-07 12:54 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-09-13 20:24 - 2017-09-07 12:52 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-09-13 20:24 - 2017-09-07 12:52 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-09-13 20:24 - 2017-09-07 12:52 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-09-13 20:24 - 2017-09-07 12:52 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-09-13 20:24 - 2017-09-07 12:50 - 000119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll 2017-09-13 20:24 - 2017-08-22 13:46 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-09-13 20:24 - 2017-08-22 13:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-09-13 20:24 - 2017-08-22 13:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2017-09-13 20:24 - 2017-08-22 13:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-09-13 20:24 - 2017-08-22 13:02 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-09-13 20:24 - 2017-08-22 12:53 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-09-13 20:24 - 2017-08-22 12:50 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-09-13 20:24 - 2017-08-22 12:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-09-13 20:24 - 2017-08-22 12:38 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll 2017-09-13 20:24 - 2017-08-08 14:06 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-09-13 20:24 - 2017-08-08 13:59 - 000357984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2017-09-13 20:24 - 2017-08-08 13:59 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-09-13 20:24 - 2017-08-08 13:53 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2017-09-13 20:24 - 2017-08-08 13:45 - 000453544 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-09-13 20:24 - 2017-08-08 13:23 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-09-13 20:24 - 2017-08-08 13:18 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-09-13 20:24 - 2017-08-08 13:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-09-13 20:24 - 2017-08-08 13:17 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-09-13 20:24 - 2017-08-08 13:15 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-09-13 20:24 - 2017-08-08 13:14 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-09-13 20:24 - 2017-08-08 13:12 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-09-13 20:24 - 2017-08-08 13:04 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2017-09-13 20:24 - 2017-03-04 15:03 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-09-13 20:24 - 2017-03-04 14:39 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-09-13 20:24 - 2017-03-04 14:28 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2017-09-13 20:24 - 2017-03-04 14:28 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-09-13 20:24 - 2017-03-04 14:27 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-09-13 20:24 - 2017-03-04 14:27 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-09-13 20:24 - 2017-03-04 14:13 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll 2017-09-13 20:24 - 2017-03-04 14:08 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-09-13 20:24 - 2016-09-16 00:34 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2017-09-13 20:24 - 2016-09-16 00:30 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-09-13 20:23 - 2017-09-07 14:20 - 000367208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-09-13 20:23 - 2017-09-07 14:16 - 000379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-09-13 20:23 - 2017-09-07 14:03 - 007780704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-09-13 20:23 - 2017-09-07 14:02 - 032693432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2017-09-13 20:23 - 2017-09-07 14:01 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-09-13 20:23 - 2017-09-07 14:00 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-09-13 20:23 - 2017-09-07 13:56 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-09-13 20:23 - 2017-09-07 13:56 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 002761248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 002188128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-09-13 20:23 - 2017-09-07 13:54 - 001739072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-09-13 20:23 - 2017-09-07 13:54 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-09-13 20:23 - 2017-09-07 13:54 - 000402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-09-13 20:23 - 2017-09-07 13:54 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-09-13 20:23 - 2017-09-07 13:53 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-09-13 20:23 - 2017-09-07 13:53 - 000684896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-09-13 20:23 - 2017-09-07 13:53 - 000431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2017-09-13 20:23 - 2017-09-07 13:52 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-09-13 20:23 - 2017-09-07 13:52 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-09-13 20:23 - 2017-09-07 13:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-09-13 20:23 - 2017-09-07 13:50 - 001694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-09-13 20:23 - 2017-09-07 13:50 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-09-13 20:23 - 2017-09-07 13:49 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-09-13 20:23 - 2017-09-07 13:49 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-09-13 20:23 - 2017-09-07 13:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-09-13 20:23 - 2017-09-07 13:46 - 000628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-09-13 20:23 - 2017-09-07 13:31 - 001509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-09-13 20:23 - 2017-09-07 13:30 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-09-13 20:23 - 2017-09-07 13:24 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-09-13 20:23 - 2017-09-07 13:23 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-09-13 20:23 - 2017-09-07 13:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-09-13 20:23 - 2017-09-07 13:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-09-13 20:23 - 2017-09-07 13:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-09-13 20:23 - 2017-09-07 13:20 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-09-13 20:23 - 2017-09-07 13:19 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-09-13 20:23 - 2017-09-07 13:18 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-09-13 20:23 - 2017-09-07 13:18 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-09-13 20:23 - 2017-09-07 13:18 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll 2017-09-13 20:23 - 2017-09-07 13:17 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-09-13 20:23 - 2017-09-07 13:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-09-13 20:23 - 2017-09-07 13:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-09-13 20:23 - 2017-09-07 13:14 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-09-13 20:23 - 2017-09-07 13:14 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-09-13 20:23 - 2017-09-07 13:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2017-09-13 20:23 - 2017-09-07 13:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2017-09-13 20:23 - 2017-09-07 13:13 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-09-13 20:23 - 2017-09-07 13:13 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-09-13 20:23 - 2017-09-07 13:12 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-09-13 20:23 - 2017-09-07 13:12 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-09-13 20:23 - 2017-09-07 13:12 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-09-13 20:23 - 2017-09-07 13:11 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2017-09-13 20:23 - 2017-09-07 13:11 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-09-13 20:23 - 2017-09-07 13:11 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-09-13 20:23 - 2017-09-07 13:11 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-09-13 20:23 - 2017-09-07 13:10 - 017200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-09-13 20:23 - 2017-09-07 13:10 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-09-13 20:23 - 2017-09-07 13:09 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 001639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-09-13 20:23 - 2017-09-07 13:08 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2017-09-13 20:23 - 2017-09-07 13:07 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-09-13 20:23 - 2017-09-07 13:07 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-09-13 20:23 - 2017-09-07 13:05 - 005114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2017-09-13 20:23 - 2017-09-07 13:04 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-09-13 20:23 - 2017-09-07 13:04 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-09-13 20:23 - 2017-09-07 13:03 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-09-13 20:23 - 2017-09-07 13:03 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-09-13 20:23 - 2017-09-07 13:02 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-09-13 20:23 - 2017-09-07 13:02 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-09-13 20:23 - 2017-09-07 13:02 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-09-13 20:23 - 2017-09-07 13:01 - 023675904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-09-13 20:23 - 2017-09-07 13:01 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 008114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-09-13 20:23 - 2017-09-07 13:00 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-09-13 20:23 - 2017-09-07 12:59 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-09-13 20:23 - 2017-09-07 12:58 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 005611520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-09-13 20:23 - 2017-09-07 12:57 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 002286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-09-13 20:23 - 2017-09-07 12:56 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-09-13 20:23 - 2017-09-07 12:55 - 003616256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-09-13 20:23 - 2017-09-07 12:55 - 002820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-09-13 20:23 - 2017-09-07 12:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-09-13 20:23 - 2017-09-07 12:55 - 001512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-09-13 20:23 - 2017-09-07 12:55 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-09-13 20:23 - 2017-09-07 12:54 - 003542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-09-13 20:23 - 2017-09-07 12:54 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-09-13 20:23 - 2017-09-07 12:54 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-09-13 20:23 - 2017-09-07 12:53 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-09-13 20:23 - 2017-09-07 12:53 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-09-13 20:23 - 2017-09-07 12:52 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-09-13 20:23 - 2017-08-22 12:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2017-09-13 20:23 - 2017-08-22 12:52 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-09-13 20:23 - 2017-08-22 12:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-09-13 20:23 - 2017-08-22 12:43 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-09-13 20:23 - 2017-08-22 12:41 - 002319872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-09-13 20:23 - 2017-08-08 14:15 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-09-13 20:23 - 2017-08-08 14:01 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-09-13 20:23 - 2017-08-08 13:55 - 000404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-09-13 20:23 - 2017-08-08 13:52 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-09-13 20:23 - 2017-08-08 13:45 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2017-09-13 20:23 - 2017-08-08 13:17 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-09-13 20:23 - 2017-08-08 13:16 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll 2017-09-13 20:23 - 2017-08-08 13:15 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-09-13 20:23 - 2017-08-08 13:15 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-09-13 20:23 - 2017-08-08 13:14 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-09-13 20:23 - 2017-08-08 13:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2017-09-13 20:23 - 2017-08-08 13:10 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-09-13 20:23 - 2017-08-08 13:04 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-09-13 20:23 - 2017-08-08 12:55 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-09-13 20:23 - 2017-08-08 12:54 - 001228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-09-13 20:23 - 2017-08-01 13:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-09-13 20:23 - 2017-03-04 15:09 - 000178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-09-13 20:23 - 2017-03-04 14:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-09-13 20:23 - 2017-03-04 14:29 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-09-13 20:23 - 2017-03-04 14:10 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-09-13 20:23 - 2016-11-02 18:43 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-09-13 20:22 - 2017-09-07 14:11 - 000076128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2017-09-13 20:22 - 2017-09-07 14:10 - 002170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 001408352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 001054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000825696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-09-13 20:22 - 2017-09-07 14:10 - 000813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000766304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000699232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-09-13 20:22 - 2017-09-07 14:10 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2017-09-13 20:22 - 2017-09-07 14:10 - 000202592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2017-09-13 20:22 - 2017-09-07 14:04 - 000894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-09-13 20:22 - 2017-09-07 14:03 - 001887408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-09-13 20:22 - 2017-09-07 13:58 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2017-09-13 20:22 - 2017-09-07 13:57 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-09-13 20:22 - 2017-09-07 13:53 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-09-13 20:22 - 2017-09-07 13:53 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-09-13 20:22 - 2017-09-07 13:53 - 000296288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-09-13 20:22 - 2017-09-07 13:53 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-09-13 20:22 - 2017-09-07 13:52 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-09-13 20:22 - 2017-09-07 13:52 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-09-13 20:22 - 2017-09-07 13:46 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-09-13 20:22 - 2017-09-07 13:45 - 000372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2017-09-13 20:22 - 2017-09-07 13:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-09-13 20:22 - 2017-09-07 13:22 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-09-13 20:22 - 2017-09-07 13:22 - 000045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-09-13 20:22 - 2017-09-07 13:22 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll 2017-09-13 20:22 - 2017-09-07 13:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-09-13 20:22 - 2017-09-07 13:17 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-09-13 20:22 - 2017-09-07 13:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-09-13 20:22 - 2017-09-07 13:16 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-09-13 20:22 - 2017-09-07 13:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll 2017-09-13 20:22 - 2017-09-07 13:15 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-09-13 20:22 - 2017-09-07 13:15 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-09-13 20:22 - 2017-09-07 13:14 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-09-13 20:22 - 2017-09-07 13:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-09-13 20:22 - 2017-09-07 13:13 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-09-13 20:22 - 2017-09-07 13:12 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-09-13 20:22 - 2017-09-07 13:04 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-09-13 20:22 - 2017-09-07 13:04 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2017-09-13 20:22 - 2017-09-07 13:01 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-09-13 20:22 - 2017-09-07 12:59 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-09-13 20:22 - 2017-09-07 12:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-09-13 20:22 - 2017-09-07 12:59 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-09-13 20:22 - 2017-09-07 12:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-09-13 20:22 - 2017-09-07 12:58 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-09-13 20:22 - 2017-09-07 12:55 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-09-13 20:22 - 2017-08-22 13:43 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-09-13 20:22 - 2017-08-22 13:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-09-13 20:22 - 2017-08-08 14:09 - 000065648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-09-13 20:22 - 2017-08-08 14:03 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-09-13 20:22 - 2017-08-08 13:52 - 000649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-09-13 20:22 - 2017-08-08 13:52 - 000386408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-09-13 20:22 - 2017-08-08 13:52 - 000101776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll 2017-09-13 20:22 - 2017-08-08 13:52 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-09-13 20:22 - 2017-08-08 13:20 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-09-13 20:22 - 2017-08-08 13:20 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2017-09-13 20:22 - 2017-08-08 13:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-09-13 20:22 - 2017-08-08 13:20 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe 2017-09-13 20:22 - 2017-08-08 13:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-09-13 20:22 - 2017-08-08 13:16 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll 2017-09-13 20:22 - 2017-08-08 13:13 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll 2017-09-13 20:22 - 2017-08-08 12:58 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-09-13 20:22 - 2017-08-08 12:51 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-09-13 20:22 - 2017-03-04 15:07 - 000947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-09 05:39 - 2016-07-19 05:23 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Skype 2017-10-09 05:37 - 2016-03-20 23:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-10-09 05:05 - 2016-10-10 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-09 04:52 - 2016-10-10 22:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-10-09 04:52 - 2016-03-11 15:37 - 000000000 __SHD C:\Users\ASUS\IntelGraphicsProfiles 2017-10-09 04:51 - 2016-10-10 23:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-09 04:51 - 2016-07-16 14:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-10-09 04:20 - 2016-03-12 03:00 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Camfrog 2017-10-09 04:14 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-10-08 02:06 - 2016-06-09 11:17 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\WhatsApp 2017-10-06 01:24 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-05 08:33 - 2017-03-14 23:25 - 000005200 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for A455L-PC-ASUS A455L-PC 2017-10-05 06:01 - 2016-06-09 11:17 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2017-10-05 06:01 - 2016-06-09 11:17 - 000000000 ____D C:\Users\ASUS\AppData\Local\SquirrelTemp 2017-10-05 04:19 - 2016-07-16 19:45 - 000000000 ____D C:\WINDOWS\INF 2017-10-05 02:03 - 2016-03-31 11:59 - 000000000 ____D C:\Program Files\Google 2017-10-05 02:03 - 2014-03-18 23:52 - 000000000 ____D C:\Program Files (x86)\Google 2017-10-05 00:36 - 2016-03-24 01:42 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio 2017-10-05 00:36 - 2016-03-24 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio 2017-10-05 00:36 - 2016-03-24 01:42 - 000000000 ____D C:\Program Files\VB 2017-10-05 00:34 - 2014-03-18 23:52 - 000000000 ____D C:\Users\ASUS\AppData\Local\Google 2017-10-05 00:32 - 2017-08-08 21:51 - 000004156 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1502200294 2017-10-05 00:32 - 2017-08-08 21:51 - 000001389 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk 2017-10-05 00:11 - 2016-04-16 03:21 - 000040924 __RSH C:\ProgramData\ntuser.pol 2017-10-05 00:11 - 2013-08-22 23:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-10-05 00:09 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-10-04 10:47 - 2016-07-16 19:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-04 05:06 - 2016-05-27 16:34 - 001344514 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-04 01:20 - 2016-07-19 05:13 - 000000000 ____D C:\ProgramData\Skype 2017-10-03 15:12 - 2017-04-22 09:54 - 000002256 _____ C:\Users\ASUS\Desktop\Camfrog Video Chat.lnk 2017-10-03 14:46 - 2015-10-30 15:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-10-03 12:12 - 2016-05-28 16:13 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2017-10-03 11:48 - 2016-03-24 13:53 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Mozilla 2017-10-03 03:55 - 2017-07-26 20:39 - 000002810 _____ C:\WINDOWS\System32\Tasks\{40CB427E-3C73-04B9-BB6A-20B1B45C9EC0} 2017-09-26 09:03 - 2016-03-24 02:58 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\AIMP 2017-09-22 06:24 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\rescache 2017-09-22 04:44 - 2017-07-27 21:37 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-907509582-2581158687-2100573859-1001 2017-09-22 04:44 - 2016-05-27 16:45 - 000002398 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-22 04:44 - 2016-05-27 16:45 - 000000000 ___RD C:\Users\ASUS\OneDrive 2017-09-16 20:51 - 2017-07-30 14:12 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\MPC-HC 2017-09-16 20:51 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2017-09-16 01:12 - 2016-04-18 16:26 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-09-14 22:49 - 2016-02-14 01:33 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-14 22:34 - 2016-10-10 22:35 - 000338616 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-14 22:30 - 2016-07-16 19:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-09-14 22:30 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB 2017-09-14 22:29 - 2016-07-17 06:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ___RD C:\Program Files\Windows Defender 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\migwiz 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\system32\en-GB 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\WINDOWS\Provisioning 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-09-14 22:29 - 2016-07-16 19:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2017-09-13 22:46 - 2016-07-16 19:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-09-13 22:33 - 2016-03-30 14:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-13 20:29 - 2016-03-30 14:31 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-13 19:39 - 2016-07-16 19:42 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-09-13 19:38 - 2016-07-16 19:43 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-09-13 19:37 - 2016-07-16 19:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-09-27 00:33 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017 Ran by ASUS (09-10-2017 05:44:06) Running from C:\Users\ASUS\Desktop Windows 10 Pro Version 1607 14393.1715.amd64fre.rs1_release_inmarket.170906-1810 (X64) (2016-10-10 15:05:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-907509582-2581158687-2100573859-500 - Administrator - Disabled) ASUS (S-1-5-21-907509582-2581158687-2100573859-1001 - Administrator - Enabled) => C:\Users\ASUS DefaultAccount (S-1-5-21-907509582-2581158687-2100573859-503 - Limited - Disabled) Guest (S-1-5-21-907509582-2581158687-2100573859-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-907509582-2581158687-2100573859-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1717, 08.05.2016 - AIMP DevTeam) Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Camfrog Video Chat 6.18 (HKLM-x32\...\Camfrog) (Version: 6.18.622 - Camshare, Inc.) Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - Canon Inc.) COMODO Firewall (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Hidden COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dukungan Aplikasi Apple (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.) Dukungan Aplikasi Apple (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) EPSON L1300 Series Printer Uninstall (HKLM\...\EPSON L1300 Series) (Version: - SEIKO EPSON Corporation) EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.53.0.0 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) iTunes (HKLM\...\{08902C71-7E55-4ABA-B406-E89DD63DB9B7}) (Version: 12.7.0.166 - Apple Inc.) KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation) K-Lite Codec Pack 13.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.3.5 - KLCP) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0 - Mozilla) NVIDIA Graphics Driver 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) NVIDIA Update 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.5.28 - NVIDIA Corporation) Opera Stable 48.0.2685.35 (HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\Opera 48.0.2685.35) (Version: 48.0.2685.35 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) RogueKiller version 12.11.18.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.18.0 - Adlice Software) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited) SplitCam (HKLM-x32\...\SplitCam) (Version: 7.7.4.1 - SplitCam Co) SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) WhatsApp (HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp) Winamp (HKLM-x32\...\Winamp) (Version: 5.53 - Nullsoft, Inc) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-28] (AIMP DevTeam) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-05-28] (AIMP DevTeam) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05CDA15B-C688-4966-8454-3274AF5E1DB7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\ASUS\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {063960B4-841E-4B73-A800-AB342780C04F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for A455L-PC-ASUS A455L-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {2A78410B-8063-48A8-B8FD-F8DD5A9E13F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.) Task: {2E4E2222-8BB0-473F-88FD-040363BBB74A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {31882BFA-5A3F-4CDE-B89D-05CB0EDBB4C8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3C5C0CE9-57BD-45E1-8C30-15A4614BCD2E} - System32\Tasks\{B209B37B-B2B1-45D3-849E-678FFDD67E63} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/id/abandoninstall?source=lightinstaller&page=tsInstall Task: {55BB16E6-9FF4-4A51-90E0-373DD3EF3806} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-07-20] () Task: {55D927EB-7DFD-446C-A7F5-78E16253440F} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {57438757-6C5E-4BB5-89B8-8DE104C5CF27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {66695AD5-5775-4D8C-949B-A2C789C98739} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {6C356D15-1619-4A4F-ACC0-1875401346A8} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {77174980-97F0-4E49-9532-8AFBA1401E69} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {7B44D61C-7EE2-48CC-B178-857226924754} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29] (COMODO) Task: {7E2DFCE5-A7FD-4152-AE31-905D170901A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-12] (Google Inc.) Task: {89B8AA8B-5960-40CB-8691-D9F0B51281F5} - System32\Tasks\{F6AEFBA2-1D51-4816-B6BD-2F6843D3449E} => c:\users\asus\appdata\local\programs\opera\launcher.exe [2017-10-02] (Opera Software) Task: {93FEC667-95AF-4BBA-B1C6-14DDC617F5E5} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {9487E593-0DBF-42F2-B8AF-2FC09F059485} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {D333EFB5-990E-4E52-BF6A-18C2C48472B6} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [2012-11-07] (ASUSTek Computer INC.) Task: {DF0F9DFB-5329-4C4D-81D5-8C042A4C8D5E} - System32\Tasks\Opera scheduled Autoupdate 1502200294 => C:\Users\ASUS\AppData\Local\Programs\Opera\launcher.exe [2017-10-02] (Opera Software) Task: {E18B7EE3-658D-4739-956D-C64C5B30C671} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-05] (AVAST Software) Task: {E2769F37-60A1-40A5-AFA7-7DC77E2B7CA2} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {EFF0C380-6EA9-4501-A03C-855E613FEBD5} - System32\Tasks\{40CB427E-3C73-04B9-BB6A-20B1B45C9EC0} => C:\PROGRA~2\COMMON~1\40CB42~1\SYNCVE~1.EXE (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 19:42 - 2016-07-16 19:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-09-13 20:23 - 2017-09-07 14:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-10-10 22:39 - 2016-08-01 20:54 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-08-29 05:57 - 2017-08-29 05:57 - 000156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll 2017-10-03 12:17 - 2017-10-08 17:14 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-10-03 12:17 - 2017-10-08 17:14 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2012-10-01 20:36 - 2012-10-01 20:36 - 006522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-10-11 06:29 - 2016-10-11 06:29 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-16 03:09 - 2017-03-04 14:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-16 03:09 - 2017-03-04 14:30 - 000693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll 2017-03-16 03:10 - 2017-03-04 14:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-16 03:10 - 2017-03-04 14:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-16 03:10 - 2017-03-04 14:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-09-13 20:24 - 2017-09-07 12:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-09-13 20:24 - 2017-09-07 12:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-08-02 22:12 - 2017-08-02 22:12 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-08-02 22:12 - 2017-08-02 22:12 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-07-27 21:36 - 2017-07-27 21:41 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-02 22:12 - 2017-08-02 22:12 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-07-27 21:36 - 2017-07-27 21:41 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-08-02 22:12 - 2017-08-02 22:12 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-03 17:40 - 2017-06-03 17:47 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-03 17:40 - 2017-06-03 17:47 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-07-27 21:36 - 2017-07-27 21:41 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-09-28 19:50 - 2017-09-28 19:51 - 026118656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe 2017-09-28 19:50 - 2017-09-28 19:51 - 009162240 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-28 19:50 - 2017-09-28 19:51 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-07-21 20:01 - 2017-07-21 20:03 - 001079808 _____ () C:\Program Files\WindowsApps\NAVER.LINEwin8_5.5.3.0_x64__8ptj331gd3tyt\Sqlite.dll 2017-08-24 22:02 - 2017-08-24 22:04 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-24 22:02 - 2017-08-24 22:04 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-24 22:02 - 2017-08-24 22:04 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-24 22:02 - 2017-08-24 22:04 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-10-05 01:21 - 2017-10-05 01:21 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-10-05 01:22 - 2017-10-05 01:22 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 21:25 - 2017-10-03 11:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-907509582-2581158687-2100573859-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "SmartAudio" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKLM\...\StartupApproved\Run32: => "Lightshot" HKU\S-1-5-21-907509582-2581158687-2100573859-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{9C262D18-B663-40AF-B9C4-C0A35DBA275E}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{8812B300-9920-4CC7-AF02-F444482FFC22}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{53D81DDE-EC18-4C34-A073-8FB4FED76FDD}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe FirewallRules: [TCP Query User{D2206544-9E54-465E-B971-D12C41DC9820}C:\program files (x86)\vb\voicemeeter\voicemeeter.exe] => (Block) C:\program files (x86)\vb\voicemeeter\voicemeeter.exe FirewallRules: [TCP Query User{AAC72B79-DA76-41E7-81CB-C9FEEF78EED7}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{20058D07-1D5E-451C-95BC-D55362C97DCF}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{2AC6A031-EF6D-43EC-AB44-29E483AEDB16}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{B4A7D516-C1A2-4B26-8A35-6C76AF20109B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{F31F53FA-0BE1-4240-BE06-8C98F2A303AC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{22D894B8-85D6-41EE-9836-3DCAEAEF147A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{EF86221F-F59F-4EBF-BE48-D8006A66770C}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{206B2C81-FA76-4878-9F1A-3DF97C6B0B2A}] => (Allow) LPort=5357 FirewallRules: [{139412F7-3540-4E1F-8B4A-2ED629B4EA3C}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{5D6D5E91-D48F-4FB9-82EF-BCF906AE2E98}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1832C86F-5365-471E-A23E-82882AA1BB96}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D420B619-63F4-41C7-8589-EBFA9096C43A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{59569BEE-A414-4E48-BCC9-85CD0E588E21}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{CD928DA3-4D49-49B7-82B3-ED6D2042DCF2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{71EF30E0-B699-455C-AF23-43AAB60B881F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{17B4D8B5-5FFC-4820-8C12-7BDCE4EDBC8C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{21731325-F95F-448B-9BF8-FC499C4E9619}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7286C9E5-3F90-496B-A81A-F91E3F966669}] => (Allow) C:\Users\ASUS\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{57203A29-8EC0-4D11-B5B3-8E6875B956C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5E9A2D8E-988B-4C0F-B3F4-3F5DB2061918}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5FE2F03E-A42F-4F66-86F2-1712E95682C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{775B1127-925F-43E3-BBED-D241CAE285B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9E81FF7B-F0F7-467F-B445-25BE2B0C3D5C}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{1F6E0E70-9556-4041-9A9C-CEC65D3F4C48}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4B029561-203A-4B5E-9F4E-3DE5D4C799AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C5EC2DFC-CC1A-4A66-865A-4464200CE937}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{FB5B205C-26DD-44B7-8FB6-DC1AA4E21D64}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/09/2017 04:52:01 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfPolicyConfigTDPService ServiceMainThread: NotifyServiceStatusRunning() failed. Error: (10/09/2017 04:52:01 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyConfigTDPService NotifyServiceStatusRunning: DeviceIoControl() failed. Last error = [0x0000001f] Error: (10/09/2017 04:50:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: A455L-PC) Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/09/2017 04:17:36 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfPolicyConfigTDPService ServiceMainThread: NotifyServiceStatusRunning() failed. Error: (10/09/2017 04:17:36 AM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyConfigTDPService NotifyServiceStatusRunning: DeviceIoControl() failed. Last error = [0x0000001f] Error: (10/09/2017 04:13:22 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/09/2017 04:10:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 3.F.C.9.3.2.F.E.5.9.B.1.F.1.4.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR A455L-PC.local. Error: (10/09/2017 04:10:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 10.127.127.1:5353 18 3.F.C.9.3.2.F.E.5.9.B.1.F.1.4.9.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR A455L-PC-2.local. Error: (10/09/2017 04:10:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 1.127.127.10.in-addr.arpa. PTR A455L-PC.local. Error: (10/09/2017 04:10:57 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 10.127.127.1:5353 18 1.127.127.10.in-addr.arpa. PTR A455L-PC-2.local. System errors: ============= Error: (10/09/2017 04:53:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:52:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:52:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:50:59 AM) (Source: DCOM) (EventID: 10010) (User: A455L-PC) Description: The server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca did not register with DCOM within the required timeout. Error: (10/09/2017 04:50:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:18:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:18:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:18:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:16:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/09/2017 04:10:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-10-07 03:27:41.172 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\guard32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-04 15:40:11.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 15:40:04.835 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 05:28:05.575 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-04 05:28:01.562 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:25.257 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:25.255 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:24.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:24.943 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-03 11:48:24.370 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage of memory in use: 63% Total physical RAM: 3998.41 MB Available physical RAM: 1456.64 MB Total Virtual: 4702.41 MB Available Virtual: 1319.32 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:122.98 GB) (Free:89.68 GB) NTFS Drive d: (New Volume) (Fixed) (Total:341.8 GB) (Free:237.93 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 6D40FBC1) Partition: GPT. ==================== End of Addition.txt ============================
  11. Having some problems with me desktop

    Hree is the FRST logs I scanned from safe mode: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-10-2017 Ran by Dan (administrator) on BOBBY-HP (08-10-2017 14:55:07) Running from C:\Users\Dan\Desktop Loaded Profiles: Dan (Available Profiles: bobby & Dan) Platform: Windows 10 Home Version 1703 170317-1834 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [59112 2016-04-28] (Hewlett-Packard ) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1721368 2016-04-28] (Tempo Semiconductor Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-04] (AVAST Software) HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1489088 2017-08-29] (COMODO) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft) HKLM-x32\...\Run: [KeepVidProUpdateHelper.exe] => C:\Program Files (x86)\Keepvid\KeepVid Pro\KeepVidProUpdateHelper.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe Run Kies4 HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.) HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799368 2017-06-05] (Sandboxie Holdings, LLC) HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\MountPoints2: {74f05d1d-e975-11e6-8ecd-806e6f6e6963} - "F:\setup.exe" HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\MountPoints2: {851c55af-663a-11e7-8f0d-50e549dcc256} - "L:\VZAccess_Manager.exe" /z detect GroupPolicy: Restriction - Chrome <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{05dce99d-5de2-457e-9257-ffd89dfad120}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6269accf-06b4-4fe8-a9a6-0f83aa380f94}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d4744bad-c95a-4395-9a1f-188c56ca43bb}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{d4744bad-c95a-4395-9a1f-188c56ca43bb}: [DhcpNameServer] 192.168.15.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1 HKU\S-1-5-21-956974598-3299727750-65723944-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1 HKU\S-1-5-21-956974598-3299727750-65723944-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-42902075&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-42902075&q={searchTerms} SearchScopes: HKLM -> {122FCF2F-C8E0-448E-A9A9-F9CC258C9F41} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms} SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms} SearchScopes: HKU\S-1-5-21-956974598-3299727750-65723944-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-22] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-22] (Oracle Corporation) DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxps://files.pcpitstop.com/cab/pcmatic.cab Handler: WSKVAllmytubechrome - No CLSID Value FireFox: ======== FF DefaultProfile: rgd2bu5b.default-1498397661372 FF ProfilePath: C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372 [2017-10-08] FF Homepage: Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372 -> hxxps://www.google.com/ FF Extension: (Alexa Traffic Rank) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372\Extensions\alx-ffdeveloper@amazon.com.xpi [2017-05-02] FF Extension: (GoogAlexa) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372\Extensions\googalexa@rank.it.xpi [2017-05-02] FF Extension: (Rank Boostup) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372\Extensions\support@rankboostup.com.xpi [2017-05-05] FF Extension: (uMatrix) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372\Extensions\uMatrix@raymondhill.net.xpi [2017-10-06] FF Extension: (Avast Online Security) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372\Extensions\wrc@avast.com.xpi [2017-08-17] FF Extension: (Video DownloadHelper) - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\rgd2bu5b.default-1498397661372\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-14] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-14] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-22] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) Chrome: ======= CHR Profile: C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default [2017-10-07] CHR Extension: (Google Docs) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-14] CHR Extension: (Google Drive) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14] CHR Extension: (YouTube) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14] CHR Extension: (Tampermonkey) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-08-31] CHR Extension: (Google Sheets) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-31] CHR Extension: (Google Docs Offline) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31] CHR Extension: (PC Matic) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmhneofinpilciglijihehjpaegledb [2017-09-22] CHR Extension: (Gmail) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14] CHR Extension: (Chrome Media Router) - C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-22] CHR HKU\S-1-5-21-956974598-3299727750-65723944-1007\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path/update_url> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-15] (SUPERAntiSpyware.com) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-04] (AVAST Software s.r.o.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-04] (AVAST Software) S2 camfrog_update_service; C:\Program Files (x86)\Camfrog\Camfrog Video Chat\update\cf_update_service.exe [1063968 2016-12-19] (Camshare Inc.) S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10501616 2017-08-29] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-08-29] (COMODO) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-06-29] (Foxit Software Inc.) S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-14] (NVIDIA Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) S2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project) S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [198792 2017-06-05] (Sandboxie Holdings, LLC) S3 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [321056 2017-08-21] (SplitCam Co.) S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [358936 2016-04-28] (Tempo Semiconductor Inc.) S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) S3 WsDrvInst; "C:\Program Files (x86)\Keepvid\KeepVid Pro\DriverInstall.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2017-02-02] (Advanced Micro Devices, Inc.) S1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-04] (AVAST Software s.r.o.) S0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-04] (AVAST Software s.r.o.) S0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-04] (AVAST Software s.r.o.) S0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-04] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-04] (AVAST Software) S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-04] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-04] (AVAST Software) S0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-04] (AVAST Software) S1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1020536 2017-10-04] (AVAST Software) S1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-04] (AVAST Software) S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-04] (AVAST Software) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2017-01-31] (The OpenVPN Project) S0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-04] (AVAST Software) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40968 2017-08-09] (COMODO) S1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [827864 2017-08-09] (COMODO) R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-08-09] (COMODO) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-13] (Disc Soft Ltd) R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [132904 2017-08-09] (COMODO) S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58792 2017-03-05] (Visicom Media Inc.) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-10-06] (Malwarebytes) S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (Visicom Media Inc.) S3 mcdevice; C:\WINDOWS\system32\DRIVERS\mcdevice.sys [334400 2015-07-17] (ShiningMorning Inc.) S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 NWUSBModem; C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys [213376 2009-12-18] (Novatel Wireless Inc.) S3 NWUSBPort; C:\WINDOWS\system32\DRIVERS\nwusbser.sys [213376 2009-12-18] (Novatel Wireless Inc.) S3 NWUSBPort2; C:\WINDOWS\system32\DRIVERS\nwusbser2.sys [213376 2009-12-18] (Novatel Wireless Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [207496 2017-06-05] (Sandboxie Holdings, LLC) S3 scvad_simple; C:\WINDOWS\system32\drivers\SplitCamAudio.sys [33904 2017-08-10] (SplitCam Co.) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 SplitCamAudio; C:\WINDOWS\system32\drivers\SplitCamAudio.sys [33904 2017-08-10] (SplitCam Co.) S3 splitcam_hd_driver; C:\WINDOWS\system32\DRIVERS\splitcam_hd_driver.sys [38000 2017-08-11] (Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [570392 2016-04-28] (Tempo Semiconductor Inc.) R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc.) R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc.) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [202880 2017-01-16] (Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-08 14:55 - 2017-10-08 14:56 - 000021437 _____ C:\Users\Dan\Desktop\FRST.txt 2017-10-08 14:47 - 2017-10-08 14:47 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-10-08 14:45 - 2017-10-08 14:45 - 000000000 ____D C:\WINDOWS\pss 2017-10-08 13:22 - 2017-10-08 13:22 - 002401792 _____ (Farbar) C:\Users\Dan\Desktop\FRST64.exe 2017-10-08 06:13 - 2017-10-08 06:13 - 000000000 ____D C:\ProgramData\SWCUTemp 2017-10-08 04:00 - 2017-10-08 04:00 - 000001776 _____ C:\Users\Dan\Desktop\KillSwitch - Shortcut.lnk 2017-10-04 20:22 - 2017-10-04 20:22 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-10-02 12:26 - 2017-10-02 12:26 - 000000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-10-02 12:26 - 2017-10-02 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-10-02 12:25 - 2017-10-02 12:25 - 035867864 _____ (Adlice Software ) C:\Users\Dan\Downloads\setup.exe 2017-10-02 12:22 - 2017-10-02 12:22 - 008250832 _____ (Malwarebytes) C:\Users\Dan\Desktop\adwcleaner_7.0.3.1.exe 2017-09-27 12:39 - 2017-10-08 13:02 - 000002254 _____ C:\Users\Dan\Desktop\Camfrog Video Chat.lnk 2017-09-27 12:39 - 2017-09-27 12:39 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Camfrog Video Chat 2017-09-27 12:38 - 2017-09-27 12:38 - 048636320 _____ (Camshare, Inc.) C:\Users\Dan\Downloads\camfrog.exe 2017-09-26 02:12 - 2017-09-26 02:12 - 002763865 _____ C:\Users\Dan\Downloads\gr8-faucet-script-v51.rar 2017-09-25 23:29 - 2017-09-25 23:29 - 000000000 ____D C:\Users\bobby\AppData\Roaming\AVAST Software 2017-09-25 23:28 - 2017-09-25 23:28 - 000000000 ____D C:\Users\bobby\AppData\Local\ASHelper 2017-09-25 19:48 - 2017-09-25 19:48 - 000000000 ____D C:\Users\Dan\AppData\Roaming\ImgBurn 2017-09-25 18:04 - 2017-09-25 18:04 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra 2017-09-25 16:54 - 2017-09-25 16:54 - 000000000 ____D C:\Users\Dan\AppData\Local\mpress 2017-09-25 16:50 - 2017-09-25 16:50 - 000000000 ____D C:\Users\Dan\AppData\Roaming\DAEMON Tools Lite 2017-09-25 16:46 - 2017-09-25 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.W.A.T. 4 2017-09-25 03:15 - 2017-09-25 03:15 - 000000000 ____D C:\Users\Dan\Downloads\cgminer-3.7.3-kalroth 2017-09-25 03:05 - 2017-09-25 03:15 - 000000000 ____D C:\Users\Dan\Downloads\OpenCL 2017-09-25 03:05 - 2017-09-25 03:05 - 000034425 _____ C:\Users\Dan\Downloads\OpenCL.zip 2017-09-25 02:55 - 2017-09-25 02:55 - 001646549 _____ C:\Users\Dan\Downloads\cgminer-3.7.3-kalroth.rar 2017-09-24 20:30 - 2017-10-08 09:50 - 057419168 _____ C:\WINDOWS\system32\Drivers\fvstore.dat 2017-09-24 20:23 - 2017-09-24 20:24 - 000000000 ___HD C:\VTRoot 2017-09-24 19:57 - 2017-09-25 20:04 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Comodo 2017-09-24 16:40 - 2017-09-24 16:40 - 000001242 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk 2017-09-24 16:40 - 2017-09-24 16:40 - 000000000 ____D C:\Program Files\COMODO 2017-09-24 16:38 - 2017-09-24 17:32 - 000000000 ____D C:\Users\Dan\AppData\Local\Comodo 2017-09-24 16:38 - 2017-09-24 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2017-09-24 15:57 - 2017-09-24 20:00 - 000000000 ____D C:\ProgramData\Comodo 2017-09-24 15:57 - 2017-09-24 15:57 - 000000000 ____D C:\ProgramData\Shared Space 2017-09-24 15:57 - 2017-09-24 15:57 - 000000000 ____D C:\ProgramData\Comodo Downloader 2017-09-24 15:56 - 2017-09-24 15:56 - 005365960 _____ (COMODO) C:\Users\Dan\Downloads\cmd_fw_installer_6113_c7.exe 2017-09-24 00:06 - 2017-09-26 16:17 - 000000000 ____D C:\Users\Dan\Desktop\pooler-cpuminer-2.5.0-win64 2017-09-23 21:16 - 2017-09-23 21:19 - 005277048 _____ (akeo.ie) C:\Users\Dan\Desktop\zadig_v2.0.1.161.exe 2017-09-22 21:23 - 2017-09-22 21:23 - 000000000 ____D C:\Shade 2017-09-22 20:27 - 2017-10-08 14:03 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-09-22 20:27 - 2017-10-04 20:22 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-09-22 20:27 - 2017-10-04 20:22 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-09-22 20:27 - 2017-09-22 20:27 - 000001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2017-09-22 20:27 - 2017-09-22 20:27 - 000001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-09-22 20:27 - 2017-09-22 20:27 - 000000000 ____D C:\Users\Dan\AppData\Roaming\AVAST Software 2017-09-22 20:25 - 2017-09-22 20:25 - 000000000 ____D C:\Program Files\AVAST Software 2017-09-22 20:13 - 2017-09-22 20:13 - 000000000 ____D C:\Users\Dan\Documents\FeedbackHub 2017-09-22 14:39 - 2017-09-22 14:39 - 000000000 ___RD C:\Sandbox 2017-09-22 14:37 - 2017-10-08 14:39 - 000002856 _____ C:\WINDOWS\Sandboxie.ini 2017-09-22 14:37 - 2017-09-22 14:37 - 000000939 _____ C:\Users\Dan\Desktop\Sandboxed Web Browser.lnk 2017-09-22 14:37 - 2017-09-22 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2017-09-22 14:37 - 2017-09-22 14:37 - 000000000 ____D C:\Program Files\Sandboxie 2017-09-22 01:15 - 2017-09-22 01:15 - 000002640 _____ C:\Users\Public\Desktop\Skype.lnk 2017-09-22 01:15 - 2017-09-22 01:15 - 000000000 ____D C:\Users\Dan\Tracing 2017-09-22 01:15 - 2017-09-22 01:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-09-22 01:13 - 2017-09-22 01:13 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-09-22 01:13 - 2017-09-22 01:13 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Sun 2017-09-22 01:13 - 2017-09-22 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-09-22 01:13 - 2017-09-22 01:13 - 000000000 ____D C:\Program Files (x86)\Java 2017-09-22 01:11 - 2017-09-22 01:11 - 000000000 ____D C:\Users\Dan\AppData\LocalLow\Adblock Plus for IE 2017-09-22 01:02 - 2017-09-22 01:02 - 000000020 ___SH C:\Users\PCPitstopSVC\ntuser.ini 2017-09-22 01:02 - 2017-09-22 01:02 - 000000000 ____D C:\Users\PCPitstopSVC\AppData\Local\TileDataLayer 2017-09-22 01:01 - 2017-10-06 00:57 - 000000000 ____D C:\Users\PCPitstopSVC 2017-09-22 01:01 - 2016-10-03 13:49 - 000000000 ____D C:\Users\PCPitstopSVC\AppData\Roaming\Media Center Programs 2017-09-22 01:01 - 2016-10-03 13:49 - 000000000 ____D C:\Users\PCPitstopSVC\AppData\Roaming\Macromedia 2017-09-22 01:01 - 2016-10-03 13:49 - 000000000 ____D C:\Users\PCPitstopSVC\AppData\Local\Hewlett-Packard 2017-09-22 00:29 - 2017-09-23 16:04 - 000000000 ____D C:\ProgramData\PCPitstopDat 2017-09-22 00:29 - 2017-09-23 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop 2017-09-22 00:29 - 2017-09-23 14:18 - 000000000 ____D C:\Program Files (x86)\PCPitstop 2017-09-22 00:29 - 2017-09-23 12:16 - 000000000 ____D C:\ProgramData\PCPitstop 2017-09-22 00:29 - 2017-09-22 00:29 - 000059276 _____ C:\AppRemover_Log.txt 2017-09-21 21:45 - 2017-09-21 22:55 - 000000000 ____D C:\Users\Dan\Documents\ViberDownloads 2017-09-20 23:44 - 2017-10-02 16:01 - 000002266 _____ C:\Users\Dan\Desktop\WhatsApp.lnk 2017-09-20 23:44 - 2017-09-27 15:19 - 000000000 ____D C:\Users\Dan\AppData\Roaming\WhatsApp 2017-09-20 23:44 - 2017-09-20 23:44 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2017-09-20 23:44 - 2017-09-20 23:44 - 000000000 ____D C:\Users\Dan\AppData\Local\WhatsApp 2017-09-20 23:32 - 2017-09-22 01:30 - 000000000 ____D C:\Users\Dan\AppData\Roaming\ViberPC 2017-09-20 23:32 - 2017-09-21 23:30 - 000001063 _____ C:\Users\Dan\Desktop\Viber.lnk 2017-09-20 23:32 - 2017-09-20 23:32 - 000001065 _____ C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk 2017-09-20 23:32 - 2017-09-20 23:32 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber 2017-09-20 23:32 - 2017-09-20 23:32 - 000000000 ____D C:\Users\Dan\AppData\Local\Viber Media S.à r.l 2017-09-20 23:32 - 2017-09-20 23:32 - 000000000 ____D C:\Users\Dan\AppData\Local\Viber 2017-09-20 23:32 - 2017-09-20 23:32 - 000000000 ____D C:\Users\Dan\AppData\Local\cache 2017-09-20 23:31 - 2017-09-20 23:32 - 000000000 ____D C:\Users\Dan\AppData\Local\Package Cache 2017-09-20 17:07 - 2017-09-20 17:28 - 000000000 ____D C:\Users\Dan\Downloads\zap-desktop-master 2017-09-20 16:36 - 2017-09-20 16:36 - 000001357 _____ C:\Users\Dan\Desktop\bitconnect-qt - Shortcut.lnk 2017-09-20 16:36 - 2017-09-20 16:36 - 000000000 ____D C:\Users\Dan\Documents\bitconnect-wallet 2017-09-20 16:13 - 2017-09-27 19:28 - 000000000 ____D C:\Users\Dan\AppData\Roaming\bitconnect 2017-09-20 16:13 - 2017-09-27 18:28 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-09-19 20:37 - 2017-09-26 19:52 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Exodus 2017-09-19 20:37 - 2017-09-19 20:37 - 000002313 _____ C:\Users\Dan\Desktop\Exodus.lnk 2017-09-19 20:37 - 2017-09-19 20:37 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc 2017-09-19 20:37 - 2017-09-19 20:37 - 000000000 ____D C:\Users\Dan\AppData\Local\exodus 2017-09-19 20:34 - 2017-09-19 20:35 - 078359864 _____ (Exodus Movement Inc) C:\Users\Dan\Downloads\exodus-windows-x64-1.34.1.exe 2017-09-19 14:30 - 2017-09-20 16:12 - 000000000 ____D C:\Users\Dan\Downloads\gr8-faucet-script-v51 2017-09-18 23:47 - 2016-04-28 22:41 - 002270752 _____ (Tempo Semiconductor Inc.) C:\WINDOWS\system32\stapo64.dll 2017-09-18 23:47 - 2016-04-28 22:41 - 000729032 ____N (Tempo Semiconductor Inc.) C:\WINDOWS\system32\stapi64.dll 2017-09-18 23:24 - 2017-09-22 20:13 - 000000000 ____D C:\Users\Dan\AppData\Local\ElevatedDiagnostics 2017-09-17 17:04 - 2017-09-17 17:09 - 000031780 _____ C:\Users\Dan\Documents\block chain recovery.pdf 2017-09-17 13:53 - 2017-09-24 16:27 - 000000000 ____D C:\Users\Dan\Downloads\livecoin_ref_v2en 2017-09-16 18:30 - 2017-10-08 10:19 - 000001074 _____ C:\Users\Dan\Desktop\SplitCam.lnk 2017-09-16 18:30 - 2017-09-16 18:30 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SplitCam 2017-09-16 18:29 - 2017-09-16 18:30 - 000000000 ____D C:\Users\Dan\AppData\Roaming\SplitCam 2017-09-16 18:29 - 2017-09-16 18:30 - 000000000 ____D C:\Program Files (x86)\SplitCam 2017-09-16 17:42 - 2017-09-16 17:43 - 000000000 ____D C:\Users\Dan\Documents\GorMedia Morecam 2017-09-16 17:42 - 2017-09-16 17:42 - 000000000 ____D C:\ProgramData\GorMedia 2017-09-16 17:38 - 2017-09-16 17:38 - 000000000 ____D C:\Users\Public\GorMedia 2017-09-16 17:38 - 2017-09-16 17:38 - 000000000 ____D C:\Program Files (x86)\GorMedia 2017-09-15 20:13 - 2017-09-15 21:17 - 000000053 _____ C:\Users\Dan\Documents\skype.txt 2017-09-14 22:15 - 2017-09-14 22:15 - 001790024 _____ (Malwarebytes) C:\Users\Dan\Desktop\JRT.exe 2017-09-14 03:30 - 2017-09-14 03:30 - 000004412 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-09-14 03:17 - 2017-09-24 16:28 - 000000000 ____D C:\Users\Dan\Downloads\SplitCamSetup 2017-09-14 01:22 - 2017-09-14 01:22 - 000000000 ____D C:\Users\Dan\AppData\Roaming\com.igenetix.iwebcam.air 2017-09-12 15:20 - 2017-09-05 01:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-09-12 15:20 - 2017-09-05 01:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-09-12 15:20 - 2017-09-05 01:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-09-12 15:20 - 2017-09-05 01:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2017-09-12 15:20 - 2017-09-05 00:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-09-12 15:20 - 2017-09-05 00:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2017-09-12 15:20 - 2017-09-05 00:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-09-12 15:20 - 2017-09-05 00:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2017-09-12 15:20 - 2017-09-05 00:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-09-12 15:20 - 2017-09-05 00:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-09-12 15:20 - 2017-09-05 00:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2017-09-12 15:20 - 2017-09-05 00:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-09-12 15:20 - 2017-09-05 00:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-09-12 15:20 - 2017-09-05 00:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-09-12 15:20 - 2017-09-05 00:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-09-12 15:20 - 2017-09-05 00:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-09-12 15:20 - 2017-09-05 00:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-09-12 15:20 - 2017-09-05 00:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-09-12 15:20 - 2017-09-05 00:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2017-09-12 15:20 - 2017-09-05 00:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-09-12 15:20 - 2017-09-05 00:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-09-12 15:20 - 2017-09-05 00:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2017-09-12 15:20 - 2017-09-05 00:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-09-12 15:20 - 2017-09-05 00:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-09-12 15:20 - 2017-09-05 00:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-09-12 15:20 - 2017-09-05 00:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-09-12 15:20 - 2017-09-05 00:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2017-09-12 15:20 - 2017-09-05 00:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2017-09-12 15:20 - 2017-09-05 00:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-09-12 15:20 - 2017-09-05 00:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-09-12 15:20 - 2017-09-05 00:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-09-12 15:20 - 2017-09-05 00:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-09-12 15:20 - 2017-09-05 00:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-09-12 15:20 - 2017-09-05 00:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-09-12 15:20 - 2017-09-05 00:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-09-12 15:20 - 2017-09-05 00:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-09-12 15:20 - 2017-09-05 00:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-09-12 15:20 - 2017-09-05 00:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-09-12 15:20 - 2017-09-05 00:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-09-12 15:20 - 2017-09-05 00:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-09-12 15:20 - 2017-09-05 00:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-09-12 15:20 - 2017-09-05 00:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe 2017-09-12 15:20 - 2017-09-05 00:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-09-12 15:20 - 2017-09-05 00:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-09-12 15:20 - 2017-09-05 00:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll 2017-09-12 15:20 - 2017-09-05 00:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2017-09-12 15:20 - 2017-09-05 00:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll 2017-09-12 15:20 - 2017-09-05 00:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-09-12 15:20 - 2017-09-05 00:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll 2017-09-12 15:20 - 2017-09-05 00:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2017-09-12 15:20 - 2017-09-05 00:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2017-09-12 15:20 - 2017-09-05 00:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2017-09-12 15:20 - 2017-09-05 00:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-09-12 15:20 - 2017-09-05 00:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-09-12 15:20 - 2017-09-05 00:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-09-12 15:20 - 2017-09-05 00:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2017-09-12 15:20 - 2017-09-05 00:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2017-09-12 15:20 - 2017-09-05 00:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-09-12 15:20 - 2017-09-05 00:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll 2017-09-12 15:20 - 2017-09-05 00:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-09-12 15:20 - 2017-09-05 00:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-09-12 15:20 - 2017-09-05 00:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-09-12 15:20 - 2017-09-05 00:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-09-12 15:20 - 2017-09-05 00:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-09-12 15:20 - 2017-09-05 00:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-09-12 15:20 - 2017-09-05 00:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll 2017-09-12 15:20 - 2017-09-05 00:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-09-12 15:20 - 2017-09-05 00:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-09-12 15:20 - 2017-09-05 00:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-09-12 15:20 - 2017-09-05 00:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-09-12 15:20 - 2017-09-05 00:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-09-12 15:20 - 2017-09-05 00:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-09-12 15:20 - 2017-09-05 00:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2017-09-12 15:20 - 2017-09-05 00:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-09-12 15:20 - 2017-09-05 00:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-09-12 15:20 - 2017-09-05 00:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-09-12 15:20 - 2017-09-05 00:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-09-12 15:20 - 2017-09-05 00:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-09-12 15:20 - 2017-09-05 00:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-09-12 15:20 - 2017-09-05 00:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-09-12 15:20 - 2017-09-05 00:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-09-12 15:20 - 2017-09-05 00:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll 2017-09-12 15:20 - 2017-09-05 00:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-09-12 15:20 - 2017-09-05 00:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll 2017-09-12 15:20 - 2017-09-05 00:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2017-09-12 15:19 - 2017-09-05 00:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe 2017-09-12 15:19 - 2017-09-05 00:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-09-12 15:19 - 2017-09-05 00:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll 2017-09-12 15:19 - 2017-09-05 00:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-09-12 15:19 - 2017-09-05 00:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2017-09-12 15:19 - 2017-09-05 00:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-09-12 15:19 - 2017-09-05 00:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-09-12 15:16 - 2017-09-05 00:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2017-09-12 15:16 - 2017-09-05 00:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-09-12 15:16 - 2017-09-05 00:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-09-12 15:16 - 2017-09-05 00:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2017-09-12 15:16 - 2017-09-05 00:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-09-12 15:16 - 2017-09-05 00:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-09-12 15:15 - 2017-09-05 01:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-09-12 15:15 - 2017-09-05 01:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2017-09-12 15:15 - 2017-09-05 01:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-09-12 15:15 - 2017-09-05 01:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2017-09-12 15:15 - 2017-09-05 01:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2017-09-12 15:15 - 2017-09-05 01:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-09-12 15:15 - 2017-09-05 01:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2017-09-12 15:15 - 2017-09-05 01:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2017-09-12 15:15 - 2017-09-05 01:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-09-12 15:15 - 2017-09-05 01:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-09-12 15:15 - 2017-09-05 01:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-09-12 15:15 - 2017-09-05 01:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2017-09-12 15:15 - 2017-09-05 01:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-09-12 15:15 - 2017-09-05 01:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-09-12 15:15 - 2017-09-05 01:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-09-12 15:15 - 2017-09-05 01:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2017-09-12 15:15 - 2017-09-05 01:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-09-12 15:15 - 2017-09-05 01:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-09-12 15:15 - 2017-09-05 01:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-09-12 15:15 - 2017-09-05 01:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2017-09-12 15:15 - 2017-09-05 00:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-09-12 15:15 - 2017-09-05 00:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-09-12 15:15 - 2017-09-05 00:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-09-12 15:15 - 2017-09-05 00:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-09-12 15:15 - 2017-09-05 00:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll 2017-09-12 15:15 - 2017-09-05 00:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-09-12 15:15 - 2017-09-05 00:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-09-12 15:15 - 2017-09-05 00:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll 2017-09-12 15:15 - 2017-09-05 00:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll 2017-09-12 15:15 - 2017-09-05 00:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys 2017-09-12 15:15 - 2017-09-05 00:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-09-12 15:15 - 2017-09-05 00:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-09-12 15:15 - 2017-09-05 00:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2017-09-12 15:15 - 2017-09-05 00:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll 2017-09-12 15:15 - 2017-09-05 00:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-09-12 15:15 - 2017-09-05 00:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe 2017-09-12 15:15 - 2017-09-05 00:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe 2017-09-12 15:15 - 2017-09-05 00:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-09-12 15:15 - 2017-09-05 00:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-09-12 15:15 - 2017-09-05 00:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys 2017-09-12 15:15 - 2017-09-05 00:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll 2017-09-12 15:15 - 2017-09-05 00:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll 2017-09-12 15:15 - 2017-09-05 00:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2017-09-12 15:15 - 2017-09-05 00:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll 2017-09-12 15:15 - 2017-09-05 00:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2017-09-12 15:15 - 2017-09-05 00:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2017-09-12 15:15 - 2017-09-05 00:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2017-09-12 15:15 - 2017-09-05 00:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-09-12 15:15 - 2017-09-05 00:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2017-09-12 15:15 - 2017-09-05 00:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2017-09-12 15:15 - 2017-09-05 00:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2017-09-12 15:15 - 2017-09-05 00:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-09-12 15:15 - 2017-09-05 00:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll 2017-09-12 15:15 - 2017-09-05 00:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-09-12 15:15 - 2017-09-05 00:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-09-12 15:15 - 2017-09-05 00:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-09-12 15:15 - 2017-09-05 00:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-09-12 15:15 - 2017-09-05 00:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-09-12 15:15 - 2017-09-05 00:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2017-09-12 15:15 - 2017-09-05 00:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2017-09-12 15:15 - 2017-09-05 00:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-09-12 15:15 - 2017-09-05 00:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-09-12 15:15 - 2017-09-05 00:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-09-12 15:15 - 2017-09-05 00:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-09-12 15:15 - 2017-09-05 00:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-09-12 15:15 - 2017-09-05 00:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2017-09-12 15:15 - 2017-09-05 00:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-09-12 15:15 - 2017-09-05 00:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-09-12 15:15 - 2017-09-05 00:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-09-12 15:15 - 2017-09-05 00:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-09-12 15:15 - 2017-09-05 00:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-09-12 15:15 - 2017-09-05 00:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-09-12 15:15 - 2017-09-05 00:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-09-12 15:15 - 2017-09-05 00:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-09-12 15:15 - 2017-09-05 00:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-09-12 15:15 - 2017-09-05 00:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-09-12 15:15 - 2017-09-05 00:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-09-12 15:15 - 2017-09-05 00:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2017-09-12 15:15 - 2017-09-05 00:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2017-09-12 15:15 - 2017-09-05 00:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll 2017-09-12 15:15 - 2017-09-05 00:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-09-12 15:15 - 2017-09-01 01:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-09-12 15:14 - 2017-09-05 01:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-09-12 15:14 - 2017-09-05 01:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-09-12 15:14 - 2017-09-05 01:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-09-12 15:14 - 2017-09-05 01:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-09-12 15:14 - 2017-09-05 01:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-09-12 15:14 - 2017-09-05 01:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2017-09-12 15:14 - 2017-09-05 01:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-09-12 15:14 - 2017-09-05 01:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2017-09-12 15:14 - 2017-09-05 01:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-09-12 15:14 - 2017-09-05 01:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2017-09-12 15:14 - 2017-09-05 01:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-09-12 15:14 - 2017-09-05 01:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-09-12 15:14 - 2017-09-05 01:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-09-12 15:14 - 2017-09-05 01:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-09-12 15:14 - 2017-09-05 01:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2017-09-12 15:14 - 2017-09-05 01:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-09-12 15:14 - 2017-09-05 01:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-09-12 15:14 - 2017-09-05 01:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-09-12 15:14 - 2017-09-05 01:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-09-12 15:14 - 2017-09-05 01:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-09-12 15:14 - 2017-09-05 01:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-09-12 15:14 - 2017-09-05 01:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2017-09-12 15:14 - 2017-09-05 01:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-09-12 15:14 - 2017-09-05 01:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2017-09-12 15:14 - 2017-09-05 01:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-09-12 15:14 - 2017-09-05 01:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-09-12 15:14 - 2017-09-05 00:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-09-12 15:14 - 2017-09-05 00:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-09-12 15:14 - 2017-09-05 00:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-09-12 15:14 - 2017-09-05 00:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-09-12 15:14 - 2017-09-05 00:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-09-12 15:14 - 2017-09-05 00:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll 2017-09-12 15:14 - 2017-09-05 00:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-09-12 15:14 - 2017-09-05 00:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-09-12 15:14 - 2017-09-05 00:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll 2017-09-12 15:14 - 2017-09-05 00:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-09-12 15:14 - 2017-09-05 00:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2017-09-12 15:14 - 2017-09-05 00:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-09-12 15:14 - 2017-09-05 00:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2017-09-12 15:14 - 2017-09-05 00:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2017-09-12 15:14 - 2017-09-05 00:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll 2017-09-12 15:14 - 2017-09-05 00:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2017-09-12 15:14 - 2017-09-05 00:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-09-12 15:14 - 2017-09-05 00:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-09-12 15:14 - 2017-09-05 00:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2017-09-12 15:14 - 2017-09-05 00:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-09-12 15:14 - 2017-09-05 00:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-09-12 15:14 - 2017-09-05 00:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-09-12 15:14 - 2017-09-05 00:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-09-12 15:14 - 2017-09-05 00:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2017-09-12 15:14 - 2017-09-05 00:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-09-12 15:14 - 2017-09-05 00:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-09-12 15:14 - 2017-09-05 00:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll 2017-09-12 15:14 - 2017-09-05 00:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2017-09-12 15:14 - 2017-09-05 00:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-09-12 15:14 - 2017-09-05 00:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-09-12 15:14 - 2017-09-05 00:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-09-12 15:14 - 2017-09-05 00:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-09-12 15:14 - 2017-09-05 00:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-09-12 15:14 - 2017-09-05 00:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-09-12 15:14 - 2017-09-05 00:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-09-12 15:14 - 2017-09-05 00:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-09-12 15:14 - 2017-09-05 00:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-09-12 15:14 - 2017-09-05 00:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-09-12 15:14 - 2017-09-05 00:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-09-12 15:14 - 2017-09-05 00:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-09-12 15:14 - 2017-09-05 00:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-09-12 15:14 - 2017-09-05 00:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2017-09-12 15:14 - 2017-09-05 00:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2017-09-12 15:14 - 2017-09-05 00:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2017-09-12 15:14 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-09-12 15:14 - 2017-09-05 00:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-09-12 15:14 - 2017-09-05 00:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2017-09-12 15:14 - 2017-09-05 00:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-09-12 15:14 - 2017-09-05 00:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-09-12 15:14 - 2017-09-05 00:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-09-12 15:14 - 2017-09-05 00:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-09-12 15:14 - 2017-09-05 00:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-09-12 15:14 - 2017-09-05 00:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-09-12 15:14 - 2017-09-05 00:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2017-09-12 15:13 - 2017-09-05 01:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-09-12 15:13 - 2017-09-05 01:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-09-12 15:13 - 2017-09-05 01:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-09-12 15:13 - 2017-09-05 01:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2017-09-12 15:13 - 2017-09-05 01:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-09-12 15:13 - 2017-09-05 01:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2017-09-12 15:13 - 2017-09-05 01:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-09-12 15:13 - 2017-09-05 01:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-09-12 15:13 - 2017-09-05 01:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-09-12 15:13 - 2017-09-05 01:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-09-12 15:13 - 2017-09-05 01:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll 2017-09-12 15:13 - 2017-09-05 00:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys 2017-09-12 15:13 - 2017-09-05 00:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2017-09-12 15:13 - 2017-09-05 00:26 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2017-09-12 15:13 - 2017-09-05 00:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2017-09-12 15:13 - 2017-09-05 00:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-09-12 15:13 - 2017-09-05 00:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-09-12 15:13 - 2017-09-05 00:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-09-12 15:13 - 2017-09-05 00:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2017-09-12 15:13 - 2017-09-05 00:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-09-12 15:13 - 2017-09-05 00:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-09-12 15:12 - 2017-09-05 00:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll 2017-09-11 12:02 - 2017-10-02 12:26 - 000000000 ____D C:\Program Files\RogueKiller ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-10-08 14:55 - 2017-06-25 17:44 - 000000000 ____D C:\FRST 2017-10-08 14:45 - 2017-06-25 20:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-08 14:45 - 2017-03-18 07:40 - 004718592 _____ C:\WINDOWS\system32\config\BBI 2017-10-08 14:41 - 2017-06-25 20:05 - 000000000 ____D C:\ProgramData\NVIDIA 2017-10-08 14:38 - 2017-06-25 20:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-08 14:24 - 2016-01-20 11:31 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-10-08 13:42 - 2017-06-25 20:06 - 003816884 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-08 13:10 - 2017-06-25 20:07 - 000000000 ____D C:\Users\Dan 2017-10-08 11:39 - 2017-06-27 21:20 - 000004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2B45AA1C-AABE-41F1-9440-48A57770F7BF} 2017-10-08 10:19 - 2017-08-21 22:00 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Camfrog 2017-10-08 09:13 - 2017-06-25 08:35 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Skype 2017-10-08 06:13 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-08 05:25 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-10-08 05:25 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-07 10:11 - 2017-01-31 22:14 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2017-10-07 09:52 - 2017-06-27 12:22 - 000000000 ____D C:\AdwCleaner 2017-10-06 22:43 - 2017-06-25 08:32 - 000000000 ____D C:\Users\Dan\AppData\Local\Packages 2017-10-06 02:00 - 2017-06-25 14:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-10-06 02:00 - 2015-11-08 06:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-06 01:10 - 2017-02-01 22:07 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-10-06 00:57 - 2017-06-25 20:08 - 000000000 ____D C:\Users\MSSQLSERVER 2017-10-06 00:57 - 2017-06-25 20:07 - 000000000 ____D C:\Users\SQLTELEMETRY 2017-10-06 00:57 - 2017-06-25 20:07 - 000000000 ____D C:\Users\bobby 2017-10-05 18:12 - 2017-06-25 20:08 - 000000000 ____D C:\Users\DefaultAppPool 2017-10-05 09:42 - 2017-01-31 20:13 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2017-10-04 20:23 - 2017-06-10 06:26 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys 2017-10-04 20:22 - 2017-01-31 19:41 - 000000000 ____D C:\ProgramData\AVAST Software 2017-10-01 01:48 - 2017-07-25 16:45 - 000000000 ____D C:\Users\Dan\AppData\Roaming\vlc 2017-09-30 22:16 - 2017-02-04 19:47 - 000000000 ____D C:\ProgramData\Betternet 2017-09-30 02:40 - 2015-11-08 05:34 - 000000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBOBBY-HP$.job 2017-09-29 19:34 - 2017-06-25 20:33 - 000003264 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForBOBBY-HP$ 2017-09-27 12:39 - 2017-08-21 22:00 - 000000000 ____D C:\Program Files (x86)\Camfrog 2017-09-27 11:21 - 2017-06-27 12:20 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster 2017-09-27 11:21 - 2012-02-14 21:39 - 000000000 ____D C:\ProgramData\Temp 2017-09-26 16:18 - 2017-07-25 16:32 - 000000000 ____D C:\Users\Dan\Desktop\android 5.1.1 2017-09-26 11:40 - 2017-08-02 02:29 - 000000000 ____D C:\Program Files\Bitcoin Unlimited 2017-09-25 23:32 - 2016-09-23 15:18 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\Mozilla 2017-09-25 23:29 - 2017-06-21 08:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-09-25 23:28 - 2015-09-10 01:42 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-25 18:09 - 2017-07-03 19:14 - 000001499 _____ C:\Users\Dan\Desktop\GameRanger.lnk 2017-09-25 18:04 - 2012-02-14 21:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-09-25 18:00 - 2017-06-25 11:59 - 000000000 ____D C:\Users\Dan\AppData\Local\CrashDumps 2017-09-25 17:58 - 2017-02-03 23:48 - 000000000 ____D C:\Program Files (x86)\S.W.A.T. 4 2017-09-24 20:25 - 2017-07-17 21:08 - 000000000 ____D C:\Users\Dan\Desktop\site backup files 2017-09-24 16:40 - 2017-06-25 20:33 - 000000000 ____D C:\WINDOWS\System32\Tasks\COMODO 2017-09-24 16:40 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF 2017-09-22 20:08 - 2012-02-14 21:47 - 000000000 ____D C:\Program Files (x86)\HP Games 2017-09-22 20:08 - 2009-07-14 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-09-22 02:05 - 2012-02-14 21:47 - 000000000 ____D C:\ProgramData\WildTangent 2017-09-22 02:02 - 2017-06-25 08:32 - 000000000 ____D C:\Users\Dan\AppData\Local\Google 2017-09-22 01:56 - 2017-01-31 15:12 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-22 01:56 - 2017-01-31 15:12 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-09-22 01:15 - 2017-03-15 17:11 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-09-22 01:15 - 2012-02-14 21:44 - 000000000 ____D C:\ProgramData\Skype 2017-09-22 01:13 - 2016-07-24 19:11 - 000000000 ____D C:\ProgramData\Oracle 2017-09-22 00:29 - 2017-03-18 17:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2017-09-21 23:55 - 2017-08-02 02:23 - 000000000 ____D C:\Users\Dan\AppData\Roaming\Bitcoin 2017-09-21 23:55 - 2010-11-20 23:27 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-09-20 23:44 - 2017-06-28 23:33 - 000000000 ____D C:\Users\Dan\AppData\Local\SquirrelTemp 2017-09-18 23:47 - 2015-11-08 07:33 - 000000000 ____D C:\ProgramData\SoundResearch 2017-09-14 03:31 - 2017-07-21 12:21 - 000000000 ____D C:\Users\Dan\AppData\Local\Adobe 2017-09-14 03:30 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-09-14 03:30 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-09-14 03:10 - 2017-02-03 13:33 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2017-09-14 03:07 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-09-14 03:07 - 2017-02-03 13:18 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2017-09-14 03:02 - 2016-01-24 20:43 - 000000000 ____D C:\Program Files (x86)\Sony 2017-09-12 23:40 - 2017-02-04 19:46 - 000002028 _____ C:\Users\Public\Desktop\Betternet.lnk 2017-09-12 23:40 - 2017-02-04 19:46 - 000000000 ____D C:\Program Files (x86)\Betternet 2017-09-12 23:11 - 2012-02-14 21:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers 2017-09-12 22:23 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\rescache 2017-09-12 22:15 - 2017-08-21 15:46 - 000005120 _____ C:\Users\Dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-09-12 18:49 - 2017-08-21 16:30 - 000000000 ____D C:\Users\Dan\.yawcam 2017-09-12 15:47 - 2017-06-25 20:02 - 000248280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\setup 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-09-12 15:42 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-09-12 15:34 - 2015-11-09 08:23 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-12 15:31 - 2015-11-09 08:23 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-12 05:57 - 2017-06-27 12:21 - 000000258 __RSH C:\ProgramData\ntuser.pol 2017-09-08 17:36 - 2017-02-01 22:07 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-09-08 17:34 - 2017-02-01 22:07 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-09-08 17:34 - 2017-02-01 22:07 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys ==================== Files in the root of some directories ======= 2017-08-21 15:46 - 2017-09-12 22:15 - 000005120 _____ () C:\Users\Dan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-07-17 20:09 - 2017-07-17 20:25 - 000000600 _____ () C:\Users\Dan\AppData\Local\PUTTY.RND 2017-06-24 21:59 - 2017-06-24 21:59 - 000000159 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Some files in TEMP: ==================== 2017-10-07 10:10 - 2017-09-05 01:26 - 001930840 _____ (Microsoft Corporation) C:\Users\Dan\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-10-03 21:24 ==================== End of FRST.txt ============================ ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2017 Ran by Dan (08-10-2017 14:58:01) Running from C:\Users\Dan\Desktop Windows 10 Home Version 1703 170317-1834 (X64) (2017-06-26 00:45:57) Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-956974598-3299727750-65723944-500 - Administrator - Disabled) bobby (S-1-5-21-956974598-3299727750-65723944-1001 - Administrator - Enabled) => C:\Users\bobby Dan (S-1-5-21-956974598-3299727750-65723944-1007 - Administrator - Enabled) => C:\Users\Dan DefaultAccount (S-1-5-21-956974598-3299727750-65723944-503 - Limited - Disabled) Guest (S-1-5-21-956974598-3299727750-65723944-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-956974598-3299727750-65723944-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software) Bejeweled 3 (HKLM-x32\...\WTA-b6e9f236-4cbd-4348-ae0a-a5b4581c3018) (Version: 2.2.0.97 - WildTangent) Hidden Betternet for Windows (HKLM-x32\...\{2E77104D-96E1-4A9C-86F2-C7CF4C703900}) (Version: 3.9.0.0 - Betternet Technologies Inc.) Bitcoin Unlimited Cash Edition (64-bit) (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\Bitcoin Unlimited Cash Edition (64-bit)) (Version: 1.1.1 - Bitcoin Unlimited Cash Edition project) Blackhawk Striker 2 (HKLM-x32\...\WTA-ceefdbf8-5df3-4684-8cdb-abb872066814) (Version: 2.2.0.95 - WildTangent) Hidden Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8200 - Broadcom Corporation) Camfrog Video Chat 6.18 (HKLM-x32\...\Camfrog) (Version: 6.18.622 - Camshare, Inc.) Chuzzle Deluxe (HKLM-x32\...\WTA-edf7d156-935d-4d04-b556-223241aa08bc) (Version: 2.2.0.95 - WildTangent) Hidden COMODO Firewall (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Hidden COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Cradle of Rome 2 (HKLM-x32\...\WTA-d12feec6-094d-48d5-837e-b07d5323534d) (Version: 2.2.0.98 - WildTangent) Hidden D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DAoC Portal (HKLM-x32\...\{EC9359B3-2548-4DB1-B322-6D71A17501F9}) (Version: 2.8.2 - Dawn of Light) Dark Age of Camelot (HKLM-x32\...\Dark Age of Camelot) (Version: - Electronic Arts) DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden Dora's World Adventure (HKLM-x32\...\WTA-97f85ef2-aab4-47f8-aeaa-7202738a3f4e) (Version: 2.2.0.95 - WildTangent) Hidden EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.11.3.140709 - MindArk PE AB) Exodus (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\exodus) (Version: 1.34.1 - Exodus Movement Inc) Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard) Farm Frenzy (HKLM-x32\...\WTA-1c488ac1-4f16-488c-bd54-e6cd7f705a46) (Version: 2.2.0.98 - WildTangent) Hidden Farmscapes (HKLM-x32\...\WTA-344f1cad-ffac-4420-adf8-04caeb62bb09) (Version: 2.2.0.98 - WildTangent) Hidden FATE (HKLM-x32\...\WTA-cdecf892-f8e0-4b3a-b533-dacba0628d2e) (Version: 2.2.0.97 - WildTangent) Hidden Final Drive Fury (HKLM-x32\...\WTA-04e549e5-88fd-4cf0-ba84-1e3fa53a2037) (Version: 2.2.0.95 - WildTangent) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.1.21155 - Foxit Software Inc.) Genesis version Genesis Launcher 1.011 (HKLM-x32\...\{975e7799-c584-47f0-9c12-c1551f3e95f2}_is1) (Version: Genesis Launcher 1.011 - Pawel D. alias Laplume for Genesis.) Genesis version Patch (HKLM-x32\...\{9db86e9a-0b05-4202-a76c-5a795f698408}_is1) (Version: Patch - Pawel D. alias Laplume for Genesis.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden H&R Block Deluxe + Efile + State 2015 (HKLM-x32\...\{E7BFC29A-9459-4534-9E35-BF1D66A18BAA}) (Version: 15.05.8101 - HRB Technology, LLC.) H&R Block Michigan 2015 (HKLM-x32\...\{C34A4378-B23F-4155-AC8B-95E40F7370FC}) (Version: 1.15.4001 - HRB Technology, LLC.) Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hoyle Card Games (HKLM-x32\...\WTA-318c47c4-d360-4fd6-8a64-d602d9d95dea) (Version: 2.2.0.95 - WildTangent) Hidden HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard) HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard) HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent) HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard) HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company) HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard) HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard) HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard) HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard) HP Weather (HKLM-x32\...\{776CC95E-8160-401B-AC79-164822AA8306}) (Version: 5.1.4245.22595 - Hewlett-Packard) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!) Installer (HKLM-x32\...\{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Jewel Match 3 (HKLM-x32\...\WTA-868556c5-c55b-4703-bda1-c12d2d17f54b) (Version: 2.2.0.98 - WildTangent) Hidden Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-01d44327-6951-4176-a343-fe3679f2efee) (Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (HKLM-x32\...\WTA-26ed6777-edc1-4581-ac25-c9f19d3440d4) (Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kodi (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\Kodi) (Version: - XBMC-Foundation) LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Letters from Nowhere 2 (HKLM-x32\...\WTA-f985d414-70c9-4558-bb7a-d2a8fcc69f3d) (Version: 2.2.0.97 - WildTangent) Hidden LINE (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\LINE) (Version: 5.3.1.1516 - LINE Corporation) Logitech QuickCam (HKLM-x32\...\{77E70C3C-DBB9-4C47-8663-1E1F81FEC623}) (Version: 6.01.0000 - Logitech, Inc.) Luxor HD (HKLM-x32\...\WTA-75d5d904-7b27-4b7e-80f6-255372e6b73d) (Version: 2.2.0.98 - WildTangent) Hidden Mah Jong Medley (HKLM-x32\...\WTA-88bfe65c-b1bd-4d6c-86e3-a65830b8aed0) (Version: 2.2.0.95 - WildTangent) Hidden Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd) Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mobile Broadband Generic Drivers (HKLM-x32\...\{AC2BA148-EE9C-4F1A-AFCE-F38C2C71D29B}) (Version: 2.03.09.005.14 - Novatel Wireless) Hidden Mobile Broadband Generic Drivers (HKLM-x32\...\Mobile Broadband Generic Drivers) (Version: 2.03.09.005.14 - Novatel Wireless) Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla) Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation) NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NWZ-S540 WALKMAN Guide (HKLM-x32\...\{55B1E4FA-F2E0-45DF-9B36-0B30A7949984}) (Version: 2.0.00.07010 - Sony Corporation) opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden OpenVPN 2.3.12-I602 (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - ) Oracle VM VirtualBox 5.0.32 (HKLM\...\{CBCF23C1-F5F7-44D9-A4C4-2BC02879C239}) (Version: 5.0.32 - Oracle Corporation) Penguins! (HKLM-x32\...\WTA-7fd3d82b-c91d-4674-9fc8-cf7de7a031a8) (Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-619a66b7-6d82-47eb-b8fc-cb03b388ef10) (Version: 2.2.0.98 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Poker Superstars III (HKLM-x32\...\WTA-776f4f69-28e7-4ca8-86b9-082f606aeada) (Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WTA-ef268b53-d0e2-44b6-806c-ea43c1b747af) (Version: 2.2.0.97 - WildTangent) Hidden Polar Golfer (HKLM-x32\...\WTA-f9f86b05-d8c4-4348-a6bf-eb9737e0daca) (Version: 2.2.0.98 - WildTangent) Hidden Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.) PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.) RAIDXpert (HKLM-x32\...\{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.3.1540.9 - AMD) Hidden RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.3.1540.9 - AMD) Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4424 - CyberLink Corp.) Hidden Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard) RogueKiller version 12.11.18.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.18.0 - Adlice Software) RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-abc440c2-2a5c-4511-ada5-f1cc143943e0) (Version: 2.2.0.98 - WildTangent) Hidden S.W.A.T. 4 (HKLM-x32\...\S.W.A.T. 4_is1) (Version: - ) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Sandboxie 5.20 (64-bit) (HKLM\...\Sandboxie) (Version: 5.20 - Sandboxie Holdings, LLC) SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Snagit 12 (HKLM-x32\...\{8f4df1fe-49bb-4295-99d2-0e29ad8f99c6}) (Version: 12.2.0.1656 - TechSmith Corporation) Snagit 12 (HKLM-x32\...\{FDEC2BE1-5F84-4249-943B-4364251A56BE}) (Version: 12.2.0 - TechSmith Corporation) Hidden Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) SplitCam (HKLM-x32\...\SplitCam) (Version: 7.7.4.1 - SplitCam Co) SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1232 - SUPERAntiSpyware.com) SWAT 4 - The Stetchkov Syndicate (HKLM-x32\...\InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) The Sims™ Castaway Stories (HKLM-x32\...\{64EEA791-0271-4B53-00AC-2BF05F5FBEF6}) (Version: - Electronic Arts) The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-c8bbe3c0-09e8-45a6-b8f0-09da2a3a917b) (Version: 2.2.0.98 - WildTangent) Hidden Torchlight (HKLM-x32\...\WTA-5e1610f2-4b0e-45ce-8b9e-076ac7c12caf) (Version: 2.2.0.98 - WildTangent) Hidden TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc) Viber (HKLM-x32\...\{0C749165-A8E3-4018-90A9-A128801C7D8E}) (Version: 6.9.5.1170 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\{3713a4df-a649-4105-8ca7-af39c3e1a9d1}) (Version: 6.9.5.1170 - Viber Media Inc.) Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-d1ee4738-cfa1-46fd-a954-22bf7d014f43) (Version: 2.2.0.98 - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WhatsApp (HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\WhatsApp) (Version: 0.2.5863 - WhatsApp) Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Windows Driver Package - libusb-win32 WorldCup Device (02/23/2013 1.2.6.0) (HKLM\...\607E81836F3E58EDC7289F7B7047149AE2C7F301) (Version: 02/23/2013 1.2.6.0 - libusb-win32) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Yawcam 0.6.0 (HKLM-x32\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version: 0.6.0 - Yawcam) Zuma's Revenge (HKLM-x32\...\WTA-cd54f4c2-125f-45b3-b5d5-d3ec5fbfadeb) (Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software) ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\bobby\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-06-29] (Foxit Software Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software) ContextMenuHandlers3: [LinkUpMenuExt] -> {B793E5EA-5344-488E-B98D-A18E2E5938AB} => C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\LinkUpExt64.dll [2011-05-06] (Hewlett-Packard) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\bobby\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-04] (AVAST Software) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-06-29] (Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {042937CB-5476-4C2A-8480-C5E036578E2B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0BAF62F2-FAFB-44BA-AA01-A02D7FF12BA3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {274BB102-8D04-46E5-A79E-D14860A74EE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-31] (Google Inc.) Task: {2BD23AC5-1AE4-4DDA-9587-C081BC86A246} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {35A742C1-2971-4943-A2E3-29AD462FFAAC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {36C0939E-1A7E-40C5-B4F3-E1154E139970} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {38703468-C162-4F57-B44C-44E58A48E390} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-31] (Google Inc.) Task: {3ACF76E4-F5DF-431C-BEA2-BE70CF85AE6D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {49F3F14B-37B0-4FF8-8D79-A67723C5CB0E} - System32\Tasks\{072CA81D-69BB-49C4-914E-7EAC144C21C4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe" Task: {4EF9C94A-BEB8-4886-8EFB-6F8DC72DE967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5345AC3C-FFF9-4831-B7E8-442B88B745F6} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29] (COMODO) Task: {53ABC437-1B0B-41C8-BFA8-0949927B2CAE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6278A474-03AB-41C3-91A4-91B0F5658B94} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {6C4E5A17-A10F-4B3A-9C95-B2CDAE98E088} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {76028AB5-AC97-4F06-8327-7D5A47A19935} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8019363D-BCAD-4773-B90D-F17D42075CBA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {86B76D85-EC61-412A-8F5E-20B20B23A6CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {8D77A25D-FD6A-481A-B0D6-9678902CB9A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {A4693B6B-A223-4509-904E-2BF65D33357B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B00420E6-58FD-4BA4-89B8-24504B76CB13} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B8154F59-58F9-4937-80E6-BFB813638286} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29] (COMODO) Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BBEC600D-225B-4BB6-ABF1-9BEC62ADE6DC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {BEEFBCAC-0FD0-484D-841E-6BCD50C20927} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {C0F395F2-9715-4314-A840-2E6C417F6A32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C1EBD640-E6CC-417B-9526-4ACFAFC1C6ED} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-14] (Adobe Systems Incorporated) Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CAAEA373-10F3-4330-BD43-307BEE8D623F} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/uninstall.html?aaa=KICMHMGMIMNJOMNJLMLJCNLJKJNJJJCNLMJMNMMJCNOJOMJMMJCNOJOJMMMMOMIMPMLMKMOMKJMJJNJICMHMCNMMCNIMFMOMOMCNLMHMMMCNOMKMPMJMMMFMPMCNPMCNOMKMPMJMMMCNNMJNPICMPMFMFMKMJNHICMEKMICNJJCKJNBJCMLLOJBJJNKJCMJNNICMJNDJCMKJBJJNMJCMPMFMPMFMPMJNFIC (the data entry has 28 more characters). Task: {D6DA3362-2103-438C-95A8-10187738F89C} - System32\Tasks\HPCeeScheduleForBOBBY-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {D75F7DC4-1B6C-44CF-8F1F-7B243FC911E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-04] (AVAST Software) Task: {DD54B99B-ADE1-4F31-AD0A-9FE4211FF695} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation) Task: {EE44F1BC-3A65-4249-BBAC-F4DEB17CDF61} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F2511BEE-366D-49C8-BB06-D1D74AAAE162} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FFFBF69D-A804-4703-A665-F30C5D7072B7} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForBOBBY-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Dan\Desktop\pooler-cpuminer-2.5.0-win64\BitConnect Miner.bat - Shortcut.lnk -> C:\Users\Dan\Desktop\pooler-cpuminer-2.5.0-win64\RunMe.bat () ==================== Loaded Modules (Whitelisted) ============== 2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 16:59 - 2017-03-18 22:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2016-10-13 16:05 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-956974598-3299727750-65723944-1007\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: Media is not connected to internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: AMD_RAIDXpert => 2 MSCONFIG\Services: DSAO => 2 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: pdfcDispatcher => 2 MSCONFIG\Services: TrueKey => 2 MSCONFIG\Services: TrueKeyScheduler => 2 MSCONFIG\Services: TrueKeyServiceHelper => 3 HKLM\...\StartupApproved\Run: => "BeatsOSDApp" HKLM\...\StartupApproved\Run: => "hpsysdrv" HKLM\...\StartupApproved\Run: => "SysTrayApp" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "PDF Complete" HKLM\...\StartupApproved\Run32: => "ContentTransferWMDetector.exe" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "KeepVidProUpdateHelper.exe" HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-956974598-3299727750-65723944-1007\...\StartupApproved\Run: => "SmartSwitchPDLR.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{46FFB8C4-CC48-4EBB-8535-508820E5B056}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6E656B48-51D0-473E-B874-B2147706A169}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{DD2C35B2-E7EA-4AF7-9DD0-9AE0E3735D4D}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe FirewallRules: [TCP Query User{8F09F198-01AD-41F5-82C3-B9E6DF4FC58D}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe FirewallRules: [{BFD8D4DA-F872-49B8-896B-64CDAE95190A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{9947EE9C-4450-4EBD-95E4-4379B2EBF7AA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{2F03FDEC-F8A6-4CC4-B3A8-EABCABFE5DEC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{D2E78776-AC19-46EB-B489-1D328D13C9AD}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{65C34BA9-4171-443E-9747-57D47EC56374}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{8F340C34-E80D-4D2B-87B6-9A2EA0546716}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{FF5B8F20-F492-4B60-8CA5-48A75A209E2F}] => (Block) C:\users\bobby\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [{2EF48A92-E90D-456A-82B3-C2F99ED1403E}] => (Block) C:\users\bobby\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{FF82E483-BC75-467C-8178-414E8422E5FC}C:\users\bobby\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\bobby\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [TCP Query User{6EF362E6-501C-47FA-8A1C-448375E55E54}C:\users\bobby\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\bobby\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [{983BCF95-2B8A-40D7-BB8E-8E6632915118}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4XDedicatedServer.exe FirewallRules: [{3BD1BF3E-E9FC-40F7-8563-83F9C36448D8}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4XDedicatedServer.exe FirewallRules: [{3175E95E-28A0-4E56-804D-3F16E69DBAC2}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4X.exe FirewallRules: [{98DE6C3B-7CE2-47FF-865F-E92B97EB3115}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4X.exe FirewallRules: [UDP Query User{A5778937-40E8-46AA-833D-85EC9C95586C}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe FirewallRules: [TCP Query User{96AC7080-9702-4AFA-BB8D-F64DFCA0CA94}C:\program files (x86)\entropia universe\bin64\entropia.exe] => (Allow) C:\program files (x86)\entropia universe\bin64\entropia.exe FirewallRules: [{97D80B29-1CCF-436C-A6E6-A015D7128161}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9CF1C4BD-3934-41BB-ADA4-4E2164382A3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A3888181-8561-4689-BE8E-63D41A614177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{22CB2765-54F0-4425-82D6-355208184B3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C0412577-DFF0-4680-A78D-0673F22BD05F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{58D279BE-8A58-419B-8E20-D9DBBA3E8F8A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{693D689B-D2B4-45FD-B539-5E13BE404D98}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{06D3E54B-8C30-4AD1-80AF-C21E5C6D9D23}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{51BE8574-BDDE-4515-890D-8EC1E831712F}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{449A3BC2-078F-413C-AFEC-B0E1ED0C410F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{A8D7C622-7081-4A66-82D8-1620D9758FE3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{747D3214-651C-4E6E-839A-8207710EB214}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{C40F4C27-CC23-471D-A836-FE7A9CD4A0A3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{DB280241-0DA7-4BF6-A43D-C6C5B528AB04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2C2D57AB-8E2B-413C-80B9-BFA7C8A8FBD2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{12CE08CE-7F59-4486-B373-1E5917BF1CDC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe FirewallRules: [{7EFCD63C-7B57-4E7D-827D-61F6C5BDF257}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe FirewallRules: [{AB50CFA6-A8CF-4783-8D5A-E89A57DF1FDC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe FirewallRules: [{411D98B1-C768-46C9-B667-55C09F037FB7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe FirewallRules: [{9CFF2F32-298B-468C-8B67-3B58F8940774}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe FirewallRules: [{C6AB79E4-5276-49D1-8C20-923AAC1823D9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe FirewallRules: [{8E5436B7-277B-4E33-89F1-16FB14C5A901}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe FirewallRules: [{029D6B59-D202-4414-8D18-01BFB345837E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe FirewallRules: [{8BDA70CE-E4B6-491B-AE18-B5647C851DDF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{80771F50-EFFA-429F-BA99-EE0E719DB6EF}] => (Allow) LPort=2869 FirewallRules: [{8198B192-730D-42CE-BDDB-754C06A3C136}] => (Allow) LPort=1900 FirewallRules: [{08DB7BC7-5519-4E0C-AFB2-E0B81CB4EFA8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{DFBF3220-475B-4E1F-BB00-6839C9D1B65D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{C24D602C-0599-47A0-8BA0-4DEE2521526E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{51FBFFCF-7C67-4D7E-B72C-AD27D73475B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A677BDEB-F455-486B-BA8C-627177E3E33D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{D96512AA-7D2C-410B-B970-26158E38E61D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1AB7D572-B31F-475A-812B-39796CA9F452}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B01E3941-B0C6-4E38-B978-0444CAA744EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{9FD064D4-CD89-43C1-BB0D-ABE2CD1A1EF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{724CD9C4-50F6-4441-ACF4-1703030425BB}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{12663A08-A1E0-4DE4-9D5B-E08540C14627}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{20B36A52-0B6B-4504-BE21-11F9C3570E0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{477AABFD-B36F-4F3F-A891-C55085B6A9C2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{EBF2E1D6-E7DB-4A31-B7D0-BE8C5FB81567}] => (Allow) C:\MyGames\Warface My.Com\Bin32Release\Game.exe FirewallRules: [{5E5F1794-4CAF-4A96-96B2-095D2F8312E6}] => (Allow) C:\MyGames\Warface My.Com\Bin32Release\Game.exe FirewallRules: [TCP Query User{A690B987-0E5A-4E4D-8F0E-2068B79A97DF}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe FirewallRules: [UDP Query User{18EC3976-4144-4C65-9F29-B388A8F155A9}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe FirewallRules: [TCP Query User{3BA52818-A383-4057-BA0C-D01F7FC38EB6}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe FirewallRules: [UDP Query User{A4962DCB-5576-424D-AB71-A75DD6FB4CE8}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe FirewallRules: [{DF075A55-B228-463F-806A-54FDF3001830}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe FirewallRules: [{691440D4-EBC4-4ACF-A95F-80B215A93FC9}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe FirewallRules: [TCP Query User{2B002E65-0B1C-4EA1-8E50-7E7050A230DB}C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe] => (Allow) C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe FirewallRules: [UDP Query User{6FC14B88-2423-4B2F-9003-C084572BFB61}C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe] => (Allow) C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe FirewallRules: [{C997BF46-F547-4A08-BF6F-03E32FE89E56}] => (Block) C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe FirewallRules: [{C9451E13-0AA8-4108-88C9-E6C59632D90D}] => (Block) C:\program files (x86)\keepvid\keepvid pro\downloadres\urlreqservice.exe FirewallRules: [{21A578EA-628F-42B5-B17F-B236D93A8BEB}] => (Allow) LPort=8298 FirewallRules: [TCP Query User{4D8D2622-84F9-4A6A-A939-8047F14AF8EC}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [UDP Query User{EADAC982-A4D0-4639-B33A-482A4E7180C5}C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe] => (Block) C:\program files (x86)\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{DCD2B121-6DA9-47F2-B6D5-26A73E02B4B0}C:\program files\bitcoin unlimited\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin unlimited\bitcoin-qt.exe FirewallRules: [UDP Query User{8F8D9697-9727-4DB4-8445-C64C888AA312}C:\program files\bitcoin unlimited\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin unlimited\bitcoin-qt.exe FirewallRules: [TCP Query User{4E7F270E-A6C7-433F-B520-0961F65FF2F3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{E0F12031-2AE8-4250-A3EA-9EC16CA1B0C6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{846C6DD7-AD3F-4772-96F2-6276F8941004}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe FirewallRules: [{8066E722-8B6A-4734-B416-DA9C6A2B4AE6}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe FirewallRules: [{BFDAE3EB-1EBD-4E8A-B4E3-5EB3A3D238A8}] => (Allow) C:\Users\Dan\AppData\Local\LINE\bin\4.10.0.1236\LINE.exe FirewallRules: [{4C8E5A68-4637-49B6-85E7-04A88673A5F4}] => (Allow) C:\Users\Dan\AppData\Local\LINE\bin\4.10.0.1236\LINE.exe FirewallRules: [{6B061D23-8541-4C01-B9C9-C412D94815A0}] => (Allow) C:\Users\Dan\AppData\Local\LINE\bin\4.10.0.1236\LineUpdater.exe FirewallRules: [{8F0724F9-C6E5-47B0-A1FB-E03374AAFA67}] => (Allow) C:\Users\Dan\AppData\Local\LINE\bin\4.10.0.1236\LineUpdater.exe FirewallRules: [{CAF5016D-2854-43DC-95AF-6E0BA7F9C3F2}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe FirewallRules: [{9BAE36E1-1F5E-446C-B92A-9E19ED7DFB5D}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe FirewallRules: [{07A97592-6B9F-48FA-8165-5115EC73267F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5E3D4BFC-DD38-4D61-961C-B747B966FE86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A7D078F6-A98D-4B07-8BBD-DFFF3ABE0CB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{66C80319-6396-4C7E-8C12-63B3A30D3BF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{D6CF24C6-5242-4140-8CBD-590CD9AB572B}C:\users\dan\downloads\bitconnect-wallet\bitconnect-qt.exe] => (Allow) C:\users\dan\downloads\bitconnect-wallet\bitconnect-qt.exe FirewallRules: [UDP Query User{3104051D-9672-4969-BC2B-0EC1DC2D80D2}C:\users\dan\downloads\bitconnect-wallet\bitconnect-qt.exe] => (Allow) C:\users\dan\downloads\bitconnect-wallet\bitconnect-qt.exe FirewallRules: [TCP Query User{6B420CA2-C431-4453-BAE8-9C500B096131}C:\users\dan\documents\bitconnect-wallet\bitconnect-qt.exe] => (Allow) C:\users\dan\documents\bitconnect-wallet\bitconnect-qt.exe FirewallRules: [UDP Query User{71F37E05-D860-4E33-85F8-C95B68994C94}C:\users\dan\documents\bitconnect-wallet\bitconnect-qt.exe] => (Allow) C:\users\dan\documents\bitconnect-wallet\bitconnect-qt.exe FirewallRules: [{79AFF766-0736-4904-ADCD-5C6C7C1D3F3A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{344A879E-8586-4B17-959B-A954C18AF751}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B71FC926-8781-4D3F-B110-C84223086103}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4X.exe FirewallRules: [{B1FF21C5-7EF2-42E4-920B-D0A78EBAB492}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4X.exe FirewallRules: [{BAD8B37F-A461-4525-A3FD-0AC24B7B0DDA}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4XDedicatedServer.exe FirewallRules: [{C98005CD-CB8D-475E-BA9A-254D4A1D8187}] => (Allow) C:\Program Files (x86)\S.W.A.T. 4\ContentExpansion\System\Swat4XDedicatedServer.exe FirewallRules: [TCP Query User{CB7AD48E-74C2-40A9-90EF-DF797C70949B}C:\vtroot\harddiskvolume2\program files\mozilla firefox\firefox.exe] => (Block) C:\vtroot\harddiskvolume2\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{935A5A82-C86E-42EA-BAA9-4A43C3B432A9}C:\vtroot\harddiskvolume2\program files\mozilla firefox\firefox.exe] => (Block) C:\vtroot\harddiskvolume2\program files\mozilla firefox\firefox.exe ==================== Restore Points ========================= 27-09-2017 11:12:58 JRT Pre-Junkware Removal 29-09-2017 10:24:06 JRT Pre-Junkware Removal 02-10-2017 11:42:36 JRT Pre-Junkware Removal 05-10-2017 09:20:21 JRT Pre-Junkware Removal 05-10-2017 23:54:27 JRT Pre-Junkware Removal 07-10-2017 09:38:50 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= Name: The Broadcom 802.11 Network Adapter provides wireless local area networking. Description: Broadcom WLAN Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Broadcom Service: BCM43XX Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/08/2017 02:49:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: bobby-HP) Description: Activation of app Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/08/2017 01:05:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.15063.608 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1244 Start Time: 01d3403feb361bc9 Termination Time: 60000 Application Path: C:\Windows\explorer.exe Report Id: a01746e7-edaf-4a6f-a518-784e9cbe75a0 Faulting package full name: Faulting package-relative application ID: Error: (10/08/2017 01:01:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Camfrog Video Chat.exe version 6.18.622.7654 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2138 Start Time: 01d340406b629bc8 Termination Time: 42 Application Path: C:\Program Files (x86)\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe Report Id: 84e0593e-e231-4321-8aaa-7f7f85358438 Faulting package full name: Faulting package-relative application ID: Error: (10/08/2017 09:36:32 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.15063.608 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1a44 Start Time: 01d34039631e1029 Termination Time: 60000 Application Path: C:\Windows\explorer.exe Report Id: 3b567475-3142-4b9a-aae3-1d40c61f5332 Faulting package full name: Faulting package-relative application ID: Error: (10/08/2017 09:21:02 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.15063.608 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: ed4 Start Time: 01d34035831f3f6a Termination Time: 60000 Application Path: C:\Windows\explorer.exe Report Id: d584ff62-da7b-4763-8fd3-f488fc6bbd06 Faulting package full name: Faulting package-relative application ID: Error: (10/08/2017 03:34:41 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.15063.608 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1554 Start Time: 01d33ff7b5546aa8 Termination Time: 60000 Application Path: C:\Windows\explorer.exe Report Id: d3ccb295-b5ac-4b2d-ac94-5deb824a65ef Faulting package full name: Faulting package-relative application ID: Error: (10/08/2017 01:32:28 AM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (10/07/2017 11:07:46 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Error: (10/07/2017 11:07:45 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (10/07/2017 11:07:45 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 System errors: ============= Error: (10/08/2017 02:59:04 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (10/08/2017 02:58:33 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/08/2017 02:58:03 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (10/08/2017 02:58:03 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (10/08/2017 02:57:58 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (10/08/2017 02:57:58 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (10/08/2017 02:57:58 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/08/2017 02:57:46 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/08/2017 02:56:46 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (10/08/2017 02:56:46 PM) (Source: DCOM) (EventID: 10005) (User: bobby-HP) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} CodeIntegrity: =================================== Date: 2017-10-08 14:45:17.076 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:45:15.530 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:42:03.920 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:42:01.900 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:41:10.717 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:41:09.164 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:38:59.368 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:38:57.929 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:38:41.927 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-08 14:38:40.375 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD FX(tm)-6100 Six-Core Processor Percentage of memory in use: 10% Total physical RAM: 10014.89 MB Available physical RAM: 9010.67 MB Total Virtual: 10654.89 MB Available Virtual: 9770.95 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1845.22 GB) (Free:1554.04 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:16.88 GB) (Free:2.05 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (QC_11_01) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1862.6 GB) (Disk ID: B1A1F069) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1845.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  12. Hello Broni, I'm having some problems with my desktop. I installed Comodo Firewall and Sandboxie along side Avast. Everything was working great for the first week. Now I'm having freezing issues and I can't even open FRST and sometimes my FireFox freezes the desktop. Also it takes forever hanging at windows loading on reboot. I will try in safe mode to get you a FRST log.
  13. Thanks a Lot Broni the computer working much better now. I am able to install Avast as well. :)
  14. Keyboa3r=]d Not wor=3king r=3ight.

    Baby drool in the keyboard. Go buy a new one. :D
×